Wow. Over 200 CVEs from #Microsoft and another 123 from #Adobe. It's a record-setting Patch Tuesday, but fear not! @TheDustinChilds has broken the release down and provides the details. Check out the blog athttps://www.zerodayinitiative.com/blog/2026/6/9/the-june-2026-security-update-review

Secret Panel HERE 👻 https://patreon.com/posts/54470189

#LiteLLM command injection vulnerability CVE-2026-42271 that could allow any authenticated user to run arbitrary commands on the host, has been added to the CISA KEV catalog:
👇
https://thehackernews.com/2026/06/litellm-flaw-cve-2026-42271-exploited.html

cryptographic proofs per football field

In Berlin and no plans on Thursday? Join us at the Mozilla office for a few talks.

https://www.meetup.com/de-de/berlin-mozilla-meetup/events/314623241/

Out of the 16 pending #curl CVEs:

13 are severity LOW
3 are severity MEDIUM
9 of them are libcurl only (not the tool)
3 are "C mistakes"
2 are younger than six months old
1 is older than 25 years

Dropping a 0day? Consider having it 0patched first.
https://0patch.com/blog/dropping-a-0day-consider-having-it-0patched-first

I've been running Follow the Crypto since 2024. Today I'm relaunching it as Tech Influence Watch, expanded to cover AI political spending alongside crypto. They’ve spent more than $400 million this election cycle, and now you can follow it in close to real time.

https://influence.citationneeded.news/

Here’s the full story behind the Tech Influence Watch launch, including what I found while building it and why it matters now: https://www.citationneeded.news/tech-influence-watch/

#crypto #cryptocurrency #AI #ArtificialIntelligence #USpol #USpolitics #CitationNeededNewsletter

> "For the 27 releases, we've started writing parts of the core operating system kernel in Swift."

Swift for the Kernel was an awesome project to work on this year! I'm very happy to have been able to make these first steps towards a truly memory-safe kernel possible :)

Happy birthday to autodidact #mathematician Alicia Boole Stott (1860-1940), shown here with diagrams of cross-sections of 4D polytopes from her publications.

Alicia came to math honestly. Her father Prof George Boole developed Boolean logic, but died when she was 4. Her mother Mary Everest Boole was an autodidact mathematician & innovative math educator, who taught kids math through manipulation of objects.
🧵1/5

https://minouette.etsy.com/listing/4459151187

#womenInSTEM #histsci #mathematics #geometry #mastoArt

Started to roll my eyes and say "Here, let me Google that for you" and then remembered that Googling it unlikely to yield a correct answer anymore.

NEW: WhatsApp said it caught and disrupted a new hacking campaign by NSO Group against its users.

The Meta-owned messaging giant said this phishing campaign violates a court decision that ordered NSO to stop targeting WhatsApp and its users. WhatsApp is seeking to hold NSO in contempt of court because of this violation.    

https://techcrunch.com/2026/06/08/whatsapp-says-it-caught-new-spyware-attacks-linked-to-nso-group-in-violation-of-court-order/

Spy Tech: The GPS Numbers Station

https://hackaday.com/2026/06/08/spy-tech-the-gps-numbers-station/

Stuck on a problem..... Would really appreciate some help. Over the last four days I have had many coffees and even more headaches from WinRE on a hobby project (long weekend). Basically what I've tried to do is map the state machine for TPM and WinRE. To anyone interested I can provide a 42 page walkthrough of my methodology, thoughts, roadblocks, and current issue. the bootmgrfw lives in physical memory from what I could tell from my RE, so it was easy enough to extract the static start address from the .efi file, but WinRE lives in virtual memory. Long story short, I was able to find that start point after timing the break in a GDB stub (QEMU) when the TianoCore logo was running and then scrape through looking for the public symbol file for winload.efi and then eventually through some searching of memory find the location of the entry after calculating the base taking into account the RVA I had taken from Ghidra previously since at that point I knew it was loaded in memory. I was using that for 6 hours + and after shutting off for the night, I realised when I logged on the next day that it was no longer resolving the function, I have attached before and after. As far as I can tell ASLR is not enabled here. Does anyone know what could have caused that? I can't work it out for the life of me. You can tell its rubbish from the (bad) instruction.

#cybersecurity #infosec #windows #reverseengineering