Misroute materials.

Hello you fine Internet folks,

Today's article is on Nvidia's RTX PRO 6000 Blackwell and diving into the Blackwell architecture generally and more specifically into the GB202 GPU die in the RTX PRO 6000.

Hope y'all enjoy!

https://chipsandcheese.com/p/blackwell-nvidias-massive-gpu

https://old.chipsandcheese.com/2025/06/28/blackwell-nvidias-massive-gpu/

First, solve the problem. Then, write the code.

— John Johnson

Funny FPU trick I discovered yesterday to detect arm64 or x86_64 architecture at runtime

There was recently an article about using salvaged Sun Ray thin clients with a modern server. @bcantrill's response to that article on Hacker News mentioned his story about using DTrace to debug a performance problem on a Sun Ray server. He linked to a paper he wrote for Usenix, but I prefer his extended telling in this 2007 talk: https://www.youtube.com/watch?v=TgmA48fILq8&t=35m6s

If you like that kind of thing, my presentation "Save the world, write more efficient code" from @joyofcoding is online now! https://youtu.be/XntLynSlYjI?t=203

a blog post by my friend eevee which is, y’know, preaching to the choir about exactly what you think, but. yeah. https://eev.ee/blog/2025/07/03/the-rise-of-whatever/

[RSS] Applocker bypass on Lenovo machines - The curious case of MFGSTAT.zip

https://oddvar.moe/2025/07/03/applocker-bypass-on-lenovo-machines-the-curious-case-of-mfgstat-zip/

[RSS] CVE-2025-53367: An exploitable out-of-bounds write in DjVuLibre

https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/

CVE-2025-53367

[RSS] Kernel Exploitation Techniques: Turning The (Page) Tables

https://sam4k.com/page-table-kernel-exploitation/

[RSS] When too much access is not enough: a story about Confluence and tokens

http://blog.quarkslab.com/a-story-about-confluence-and-tokens.html

[RSS] exploits.club Weekly Newsletter 78 - ITW Sandbox Escapes, RL For VR, WhatsApp Fuzzing, And More

https://blog.exploits.club/exploits-club-weekly-newsletter-78-itw-sandbox-escapes-rl-for-vr-whatsapp-fuzzing-and-more/

New post: Insecure Boot: Injecting initramfs from a debug shell https://insinuator.net/2025/07/insecure-boot-injecting-initramfs-from-a-debug-shell/

Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 https://www.ibm.com/think/x-force/reproducing-million-dollar-bug-whatsapp-cve-2019-11932-afl-frida

What? They programmed it by doing what???

https://en.m.wikipedia.org/wiki/Bally_Astrocade

[RSS] Assembly Code Editor

https://deepcodestudio.pages.dev/

[RSS] opasm: an Assembly REPL

https://github.com/aedrax/opasm

"IBM Software Download Tips: Three Easy Steps to Make Download Director Work Again"

https://www.ibm.com/support/pages/node/7181432

Free #ProTip for IBM: no one should ever have to use Download Director. Web servers should just not randomly drop connections.

CVE ID: CVE-2025-6554
Vendor: Google
Product: Chromium V8
Date Added: 2025-07-02
Notes: https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html?m=1 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6554
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-6554

V8 Security is hiring in Munich, Germany: https://www.google.com/about/careers/applications/jobs/results/96463411851731654-software-engineer-iii-v8-security

Great opportunity to work on some really hard and interesting problems in the security space!