We're spilling the TEE: We're disclosing vulnerabilities (CVE-2025-59054, CVE-2025-58356) in LUKS2 disk encryption affecting 8 confidential computing systems.

https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/

AMD, Intel and Nvidia have poured untold resources into building on-chip trusted execution environments. These enclaves use encryption to protect data and execution from being viewed or modified. The companies proudly declare that these TEEs will protect data and code even when the OS kernel has been thoroughly compromised. The chipmakers are considerably less vocal about an exclusion that physical attacks, which are becoming increasingly cheap and easy, aren't covered by the threat model These physical attacks use off the shelf equipment and only intermediate admin skills to completely break all TEEs made from these three chipmakers.

This shifting Security landscape leaves me asking a bunch of questions. What's the true value of a TEE going forward?. Can governments ever get subpoena rulings ordering a host provider to run this attack on their own infrastructure? Why do the companies market their TEEs so heavily for edge servers when one of the top edge-server threats is
physical attacks?

People say, "well yes. just run the server in Amazon or another top tier cloud provider and you'll be reasonably safe." The thing is, TEEs can only guarantee to a relying party that the server on the other end isn't infected and couldn't give up data even even if it was. There's no way for the relying party to know if the service is in Amazon or in an attackers's basement. So once again aren't we back to just trusting the cloud, which is precisely the problem TEEs were supposed to solve?

https://arstechnica.com/security/2025/10/new-physical-attacks-are-quickly-diluting-secure-enclave-defenses-from-nvidia-amd-and-intel/

the most important question I have about this HackingTeam revival that was exposed by @oct0xor and co is if #YourBoySerge is still saving the day when the live demos fail during a sales pitch. or did they find a new Serge?

(anyone remember #YourBoySerge? or am I just really old?)

🚨🚨🚨 Absolutely insane stuff here. @lorenzofb spent months working on this story.

Peter Williams, former L3Harris Trenchant boss — the division that makes cyber exploits, zero-days and spyware for Western governments — has pleaded guilty to selling Trenchant's exploits to Russia.

https://techcrunch.com/2025/10/29/former-l3harris-trenchant-boss-pleads-guilty-to-selling-zero-day-exploits-to-russian-broker/

There's an Azure outage, so in the Netherlands, rail services aren't working.

(Originally read "trains", but it's not the actual trains, it's ticket sales and planning)

https://nltimes.nl/2025/10/29/ns-hit-microsoft-cloud-outage-travel-planner-ticket-machines-affected

If Azure isn't back up in 15 minutes, everyone can go home.

I’ve just seen someone describe Windows 11 as a “sloperating system”.

Administrator Protection has finally been released in KB5067036. This is an optional update, but it does fix 7 of the 9 issues that I reported to MSRC (hopefully the other 2 get fixed next month as security bulletins). I honestly don't know if they've actually fixed the SSPI issues like my Kerberos bypass or not, I'm not inclined to check. People should kick the tyres on it, maybe there's still some bounties to be had :D

SCOOP: On Mon, Kaspersky said it found new spyware called Dante targeting Windows users in Russia & Belarus, saying the spyware was developed by Milan-based Memento Labs.

Memento's CEO confirmed to TechCrunch's @lorenzofb that Dante is its spyware, and blamed one of its government customers for getting caught.

https://techcrunch.com/2025/10/28/ceo-of-spyware-maker-memento-labs-confirms-one-of-its-government-customers-was-caught-using-its-malware/

Working in cybersecurity is weird.

“Wolfie where do you get your threat intel?”
“Gay furries on Mastodon.”
“What?”
“Well it’s a decentralised social network…”
“No stop are you saying we’re prioritising our cybersecurity activity based on what furries are shitposting?”
“Yes.”
“…”
“You want the good cybersecurity, yes?”
“Yes.”
“Right, so this week between the jokes about Copilot now looking like a blob of jizz with a face, the big topics are…”

The other day we had our first ever chained AI tool success on the #curl factory floor:

- tool A found a possible flaw in code and reported it.

- using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding

The sense of magic is strong in this.

Now us poor humans need to fix it. The AIs are still really lousy at writing patches.

thanks to everyone who attended my #TheSAS2025 talk "Typographic hit job: when fonts pull the trigger". 🙏

I've written an accompanying blogpost that goes over all the details: https://haxx.in/posts/2025-09-23-canon-ttf/

Newsletter: Binance’s Changpeng Zhao earns a gold-plated pardon as other industry figures fund Trump’s $300 million ballroom

https://www.citationneeded.news/issue-95/

#crypto #cryptocurrency #USpol #USpolitics

I always forget about my complete archive of UK government source code until I receive panicked emails asking me to delete things from it.

This time it was password hashes. A *lot* of password hashes.

Hey, Anthropic owes me $9000! They illegally used at least 3 of my books on LibGen to create Claude. Now they're paying a $1.5 billion settlement, at $3000 per book. See if *your* books are on the list:

https://www.anthropiccopyrightsettlement.com/

If so, you have until March 23, 2026 to file a claim. The above website lets you file a claim, but this one explains everything more clearly:

https://authorsguild.org/advocacy/artificial-intelligence/what-authors-need-to-know-about-the-anthropic-settlement/#next-steps

Actually I exaggerated: the payment will be split between authors and publishers, but I have to make the claim - so the settlement is making me do some work my publisher should be doing for me. My coauthors and I will just get half, $4500. One of these books has 2 coauthors, one has 3, and one is a book I edited, with essays by lots of authors. So $1000 is a more realistic estimate of what I get. Oh well.

Bizarrely, my most popular book, Gauge Fields, Knots and Gravity, is not on the list. But I guess it's not surprising:

"The settlement agreement discloses that approximately 500,000 titles out of the 7 million copies of books that Anthropic reportedly downloaded from LibGen and PiLiMi meet the definition required to be part of the class."

Only books whose copyright is registered with the US Library of Congress meet that defiinition!

If you have a book on the list, you can opt out of the current settlement and join future lawsuits. But you have to take action to do that!!! For more information on that, see item 40 here:

https://www.anthropiccopyrightsettlement.com/faq

Didn't somebody recently ask me what the Sanitizer API status is? Well anyway, it's in Firefox Nightly for testing now.

TLDR:
```diff
- foo.innerHTML = DOMPurify.sanitize(untrusted);
+ foo.setHTML(untrusted);
```

Download on https://nightly.mozilla.org

🚨 New advisory was just published! 🚨

A Local Privilege Escalation vulnerability was found in Ubuntu, caused by a refcount imbalance in the af_unix subsystem.
This vulnerability was disclosed during our TyphoonPWN 2025 Linux category and won first place:
https://ssd-disclosure.com/lpe-via-refcount-imbalance-in-the-af_unix-of-ubuntus-kernel/