📢 2nd part of our Black Hat Arsenal talk is out!

Python scripting! 🐍🐍🐍

Since there are some pretty cool people around here, let me reshare this job offer here: We just published the first job posting for the team, I'm allowed to build at Security Research Labs.
I can honestly say, it's been a month full of awesome people, interesting, impactful work and lots of fun and new learnings. If you wanna explore that together and develop something great, feel free to hit me up. Also, if you have any questions, let me know! If you know someone, that would be a great fit for the team, the company and the topic, feel free to send them over :)

https://srlabs.de/careers#open-positions

[RSS] The Architectural Blind Spot We All Missed: A deep dive into the 25-year-old Intel opcodes that fool IDA, Ghidra, and Binary Ninja.

https://github.com/sapdragon/hint-break/blob/main/papers/en.pdf

[RSS] Becoming a Kernel Developer (3/3): You have patches upstream, great! How to contribute more!

https://www.linaro.org/blog/blog-3-you-have-patches-upstream-great-how-to-contribute-more/

[RSS] What could go wrong when MySQL strict SQL mode is off?

https://www.synacktiv.com/en/publications/what-could-go-wrong-when-mysql-strict-sql-mode-is-off.html

Linus Torvalds' bingo on what to not ship in hardware:

https://lore.kernel.org/lkml/CAHk-%3DwgYcOiFvsJzFb%2BHfB4n6Wj6zM5H5EghUMfpXSCzyQVSfA@mail.gmail.com/t/#mf1b6116ecfd963353312d26f61b8b49ee409fd1f

#Styx Emulator Public Release (a #Rust-based #QEMU Alternative)

https://stumbl.ing/posts/styx-emulator-release/

[RSS] Lenovo DCC: Part 1 - A simple ACL Exploit

https://neodyme.io/en/blog/lenovo_dcc_lpe_logic/

In 2011, Aaron Swartz was arrested after he downloaded millions of academic journal articles from JSTOR via the MIT network. He was charged under federal laws (including wire fraud and violations of the Computer Fraud and Abuse Act) with up to 13 felony counts, carrying the possibility of decades in prison, large fines, and other penalties. These federal charges eventually lead to his death in 2013.

No AI company was ever charged under federal laws.
https://icy.wyvern.rip/notes/ad9ptt2s993v01j8

if you are doing any project that depends on r2, feel free to use this badge to specify the version of radare2 that is compatible or tested with:

[](https://github.com/radareorg/radare2)

Seems Windows 11 25H2 is finally rolling out, and they're shipping the new Administrator Protection feature. Hopefully MS should have fixed 6 bypasses I found in it during insider preview :D

Toy Train Joins The Internet of Things

https://hackaday.com/2025/09/30/toy-train-joins-the-internet-of-things/

For the first time ever, @awscloud, @msftsecurity, @googlecloud and @wiz_io Research are joining forces to launch http://zeroday.cloud at @blackhatevents EU! 🤯

Find critical vulns in open-source cloud software & get paid from our $4.5M prize pool👇

https://zeroday.cloud

Kira: Spite. It gets shit done.

You name it, VMware elevates it (CVE-2025-41244) https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/

We at emproof open-sourced a free firmware reverse engineering workshop for self-study.

Topics: ELF analysis, cracking, malware triage, embedded-Linux, bare-metal, crypto-key extraction, anti-analysis. Docker setup and solutions included.

https://github.com/emproof-com/workshop_firmware_reverse_engineering

#reverseengineering

Planck masses per cubic Hubble length

[RSS] CodeQL zero to hero part 5: Debugging queries

https://github.blog/security/vulnerability-research/codeql-zero-to-hero-part-5-debugging-queries/

There is this piece by George Carlin from 1978 (those clothes!) about words that you can't say on TV.

https://www.youtube.com/watch?v=1rP-U-ZbuzE

Guess what, it's 2025 - the guy is dead already - and the AI auto-filters those words from subtitles!

I guess this is progress?

As announced in The New Yorker today, Sir Tim Berners-Lee will receive the 2025 Internet Archive Hero Award! https://www.newyorker.com/magazine/2025/10/06/tim-berners-lee-invented-the-world-wide-web-now-he-wants-to-save-it

Sir Tim is being honored for inventing the World Wide Web, opening the door to a globally connected information commons, and for his ongoing advocacy for a free, open, and accessible web for all.

Celebrate Sir Tim & the web on October 9 & October 22: https://blog.archive.org/2025/09/29/sir-tim-berners-lee-to-receive-the-2025-internet-archive-hero-award/