[RSS] Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup

https://0dave.ch/posts/cve-2026-33058/

[RSS] Streamlining Google's OSS VRP: Key Rule Updates

https://bughunters.google.com/blog/ossvrp-rule-updates-2026

same, Hulk, same

Micropatches released for Microsoft Access Remote Code Execution Vulnerability (CVE-2025-62552)
https://blog.0patch.com/2026/03/micropatches-released-for-microsoft.html

[RSS] Attack arithmetic: how an integer overflow in PostgreSQL libpq leads to denial of service

https://swarm.ptsecurity.com/attack-arithmetic-how-an-integer-overflow-in-postgresql-libpq-leads-to-denial-of-service/

[RSS] WSL, COM Hooking, & RTTI. Introduction

https://jonny-johnson.medium.com/wsl-com-hooking-rtti-3abbf873d61f

Looking at WSL internals via COM

https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government

go to the cloud they said
it'll be fine they said

🚨LEGENDARY DROP TOMORROW... Pancake 🤝 Paul’s Security Weekly

Reverse engineering, radare, and NowSecure - you won't want to miss this one

#PaulsSecurityWeekly #radare @pancake @securityweekly

LLM agents:
"Here are some very specific instructions but let's just ignore them as the user was probably joking while smoking crack"

Also LLM agents: "There is a typo in one of the example commands. This should guide us through eternity as the Ark of our great human Master!"

New blog post: Building a Pipeline for Agentic Malware Analysis

Agentic RE + malware analysis with custom skills, MCP tooling, and persistent case state to automate intial triage

Link: https://synthesis.to/2026/03/18/agentic_malware_analysis.html

Github: https://github.com/mrphrazer/agentic-malware-analysis

#malware #reverseengineering #ai #cybersecurity

The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains) - watchTowr Labs https://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/

piracy!

WE DON'T WANT TO KNOW BANKSY'S IDENTITY

STOP INVESTIGATING BANKSY FFS

INVESTIGATE LITERALLY EVERYTHING ELSE

GPU accelerated terminals became even more pointless now that output is emitted from slopmachines (also GPU accelerated!) emulating the speed of teletype terminals.

Btw. this is a great video:

https://www.youtube.com/watch?v=frMwsDTjmAs

Day 535. Once you have associated a custom route table to your #Azure Kubernetes Cluster, you are not allowed to change that route table. That seems to be a completely arbitrary limitation since you are allowed to change all custom routes, just not the name of the route table. And while they also state it in the docs, it doesn't get explained. Want to use a new route table for your cluster? Easy, deploy a new cluster.

[RSS] CVE-2025-59284: How reading a gnu manpage led to a Windows NetNTLM phishing exploit

https://sec-fault.com/blog/cve-2025-59284/

[RSS] KslDump -- Why bring your own knife when Defender already left one in the kitchen?

https://github.com/andreisss/KslDump