I would strongly suggest organisations disable Microsoft Translator for Edge. It's enabled by default, and allows users to automatically translate webpages (without prompt after first use) to native language by sending the entire page content to MS. This includes intranet sites and SaaS services.

It links to a privacy policy that sounds fluffy and nice and - ya know - it isn't. The Microsoft Translator privacy policy for M365 or Azure doesn't actually apply to it.

Pst.

You don't need "privacy-preserving age verification".

Age verification solves exactly zero problems and creates several new ones.

On the internet, nobody is meant to know you're a dog.

SharePoint ToolShell – One Request PreAuth RCE Chain https://blog.viettelcybersecurity.com/sharepoint-toolshell/

New Trail of Bits Tribune: Our AIxCC finals submission, how we exposed critical flaws in Go's built-in parsers that can enable authentication bypass and data exfiltration from production systems, and 14 new security reviews.
Read it here: https://mailchi.mp/trailofbits/trail-of-bits-tribune-july-2025

This is Mastodon and this is why it rocks!

"These very typical words are in method and intent exactly like all those ads that tell us that if we don't buy this deodorant or detergent or gadget or whatever, everyone else, even our friends, will despise, mock, and shun us the advertising industry's attack on the fragile self-esteem of millions of people. This using of people's fear to sell them things is destructive and morally disgusting.

The fact that the computer industry and its salesmen and prophets have taken this approach is the best reason in the world for being very skeptical of anything they say. Clever they may be, but they are mostly not to be trusted. What they want above all is not to make a better world, but to join the big list of computer millionaires."

https://paste.sr.ht/~rabbits/1c22b0fa383438d404d3d99ad506c6c6d60c1fd2

On Computers
Growing Without Schooling #29
September 1982
by John Holt.

Here’s an example of a linked Liszt: https://en.wikipedia.org/wiki/Franz_Liszt

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 005bcc30

EVP_CIPHER_CTX_ctrl

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005bcc30.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F005bcc30.json&colors=light

Every little website is being pushed onto Facebook thanks to the computer illiterate duckheads in UK Parliament. We'll played MPs, people are much more vulnerable on Facebook you cuckwombles 🤬

#uk #OnlineSafetyAct

posix: Fix double-free after allocation failure in regcomp

https://sourceware.org/pipermail/libc-announce/2025/000047.html

This is what it's like publishing research in 2025. I write an extremely popular blog post on EDR bypasses and Google just comes along and steals my search traffic in the most brazen way possible.

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a434dcc

ComparePathWithVolumeMap

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=light

«Alan Turing Institute scraps diversity drive under pressure from ministers»

Funny change in tune for an institute that was named after a person that was basically killed by the UK government for being gay. 🤷

https://archive.ph/JkOgI#selection-2204.0-2204.1

Want to make the most of the upcoming research drop? We've just updated https://http1mustdie.com/ with links to essential pre-read/watch resources. Enjoy!

I'm happy to announce that HyperDbg v0.14 is released!

This version includes HyperEvade (beta preview), fixes Win11 24H2 compatibility issues & adds multiple timing functions to the script engine (Special thanks to @0Xiphorus )

Check it out: https://github.com/HyperDbg/HyperDbg/releases/tag/v0.14

More info on HyperEvade: https://github.com/HyperDbg/slides/blob/main/2025/DEBT2025/hyperevade-ecoop2025-debt.pdf

Microsleep function:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/microsleep

and RDTSC/RDTSCP:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtsc

https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtscp

Thanks to Tara for making this painting for us (it's not AI-generated).