NEW: Two hackers broke into the computer of a hacker allegedly working for the North Korean spy group known as "Kimsuky."

The hackers then leaked a treasure trove of stolen data, exposing a North Korean spy operation against South Korean targets.

“Kimsuky, you’re not a hacker. You are driven by financial greed, to enrich your leaders, and to fulfill their political agenda. You steal from others and favour your own. You value yourself above the others: You are morally perverted,” the two wrote in their Phrack magazine article. “You hack for all the wrong reasons.”

https://techcrunch.com/2025/08/12/hackers-breach-and-expose-a-major-north-korean-spying-operation/

Oh shit it's Patch Tuesday...

Just under three weeks until CFP opens for RE//verse 2026! Submissions open September 1st: https://sessionize.com/reverse-2026

And while you’re at it, snag your ticket early before prices go up: https://shop.binary.ninja/collections/re-verse-admissions-requires-sales-tax/products/re-verse-2026-admission

/me @ the How Did This Ever Work?! phase, with the added excitement that the same code in a different script still works

(now that file is a sacred artifact that must be protected by all costs)

Absolutely jaw-dropping talk by Micah Lee on the blinding national-security incompetence at the highest levels of the Trump regime.

https://micahflee.com/we-are-currently-clean-on-opsec-the-signalgate-saga/

If this had been any Democratic govt, Fox "News" and the entire right-wing media gang would make it the top story for weeks, if not months.

Micropatches Released for Windows Disk Cleanup Tool Elevation of Privilege Vulnerability (CVE-2025-21420)
https://blog.0patch.com/2025/07/micropatches-for-windows-disk-cleanup.html

Micropatches Released for Windows Update Service Elevation of Privilege Vulnerability (CVE-2025-48799) https://blog.0patch.com/2025/08/micropatches-released-for-windows.html

[RSS] Extraction of Synology encrypted archives - Pwn2Own Ireland 2024

https://www.synacktiv.com/en/publications/extraction-of-synology-encrypted-archives-pwn2own-ireland-2024

New assessment for topic: CVE-2025-4678

Topic description: "Improper Neutralization of Special Elements in the chromium_path variable may allow OS command injection ..."

"This is a similar RCE like [CVE-2024-12971](https://attackerkb.com/topics/BJe14wkMYS/cve-2024-12971) but now in the `chromium_path`directory settings at the Pandora ITSM application ..."

Link: https://attackerkb.com/assessments/cbac9f7f-798e-424f-a010-48ceada60ff7

Then: UK govt loses mind
Now: Wikipedia loses legal challenge
Next: UK loses Wikipedia access?

This legislation is way, way beyond porn and stated scope. There is no good reason to age gate an encyclopaedia *at national level* under the guise of protecting children.

https://wikimediafoundation.org/news/2025/08/11/wikimedia-foundation-challenges-uk-online-safety-act-regulations/

"It's the certificates, stupid!"

A quick analysis into the Phrack #72 APT Down code signing certificates. Has South Korea been backdoor pounded for the last two decades?

https://reverse.put.as/2025/08/11/itsthecertificatesstupid/

[FD] Kigen eUICC issue (custom backdoor vs. FW update bug)

https://seclists.org/fulldisclosure/2025/Aug/4

"we suggest Kigen customers to request information pertaining to all secret / shared keys embedded in Kigen eUICC FW and ECASD domain"

It's totally reasonable to be more cautious these days, but don't let that drive you to have opsec panic attacks that aren't founded in common sense. For example... it makes no sense to be worried someone might figure out you're queer or a leftist if you're too open about your politics while posting... on fediverse, the queer leftist social media platform. They already know, chief.

WOOT '25 Technical Sessions materials

https://www.usenix.org/conference/woot25/technical-sessions

#fromBsky

[RSS] Compiler Bug Causes Compiler Bug: How a 12-Year-Old G++ Bug Took Down Solidity

https://osec.io/blog/2025-08-11-compiler-bug-causes-compiler-bug

High level diff of iOS 26.0 beta5 vs. iOS 26.0 beta6 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/26_0_23A5308g__vs_26_0_23A5318c/README.md

The awesome people of @c3voc have released the recording of my Sunday #why2025 talk "Reverse Engineering Life: A teardown of the DNA source code of a whole bacterium"! https://media.ccc.de/v/why2025-34-reverse-engineering-life-a-teardown-of-the-dna-source-code-of-a-whole-bacterium https://www.youtube.com/watch?v=NUUFQyq4F_o

TIL Simple Sabotage Field Manual has a section about Microsoft Teams

RE: https://mastodon.social/@simple_sabotage/115010865658460649

My colleagues at Trail of Bits and I wrote an LLVM RFC about constant-time coding support in Clang and LLVM! I’d love to have folks with opinions on this topic, who are interested to, comment on the RFC 💚 https://discourse.llvm.org/t/rfc-constant-time-coding-support/87781

So far, I have already written 15 articles (1045 pages), which have been published on my blog:

blog: https://exploitreversing.com

ERS: Exploiting Reversing Series (currently at 439 pages, with continued progress underway):

[+] ERS 05: https://exploitreversing.com/2025/03/12/exploiting-reversing-er-series-article-05/
[+] ERS 04: https://exploitreversing.com/2025/02/04/exploiting-reversing-er-series-article-04/
[+] ERS 03: https://exploitreversing.com/2025/01/22/exploiting-reversing-er-series-article-03/
[+] ERS 02: https://exploitreversing.com/2024/01/03/exploiting-reversing-er-series-article-02/
[+] ERS 01: https://exploitreversing.com/2023/04/11/exploiting-reversing-er-series/

MAS: Malware Analysis Series (606 pages -- finished):

[+] MAS 10: https://exploitreversing.com/2025/01/15/malware-analysis-series-mas-article-10/
[+] MAS 09: https://exploitreversing.com/2025/01/08/malware-analysis-series-mas-article-09/
[+] MAS 08: https://exploitreversing.com/2024/08/07/malware-analysis-series-mas-article-08/
[+] MAS 07: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
[+] MAS 06: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
[+] MAS 05: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
[+] MAS 04: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
[+] MAS 03: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
[+] MAS 02: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
[+] MAS 01: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/

I'll soon begin writing the next articles in the Exploiting Reversing series, which will focus on vulnerability and exploitation, once I've laid all the necessary groundwork.

Enjoy reading and have a great day.

#windows #iOS #macOS #cybersecurity #infosec #chrome #kernel #malware #reverseengineering #vulnerability #research #hypervisor