🚨 We discovered that some versions of WeChat were vulnerable to CVE-2023-3420 due to the outdated V8 engine in Xweb. We reported this to the vendor in April. WeChat users should update to the latest version to stay secure. More details in blog.talosintelligence.com/vulnerability-… #vulnerability

I will give a talk on file type identifiers & scanners: ShareMime, LibMagic, BinWalk, Yara, PeID, DiE, TrID, DROID, FDD, Magika.

When you ask chatGPT about strawberries, a sound of power plant turbines spooling up should play in the background: youtu.be/pMEtcnstu9o?si…

Very detailed writeup about intricacies of JPEG2000 format. Exploits a variant of an old discovery of ours talosintelligence.com/vulnerability_…

Today I released a Ghidra data type archive that I've created while analyzing Windows drivers. All of the definitions are ones that weren't present in publicly available GDT files. Whenever I create new definitions I'll be updating the public version blog.talosintelligence.com/ghidra-data-ty…

That thing is literally bigger on the inside, somehow. Perfect taxi vehicle, too.

Psst, if you don’t know, infosec people are finally switching to Bluesky. Matt Burgess put together a “starter pack” for infosec people (or just look at who I follow). I hope people start sharing their ideas and resources there bsky.app/profile/mattbu…

Apple released a hearing aids feature for the AirPods Pro a while ago. I bought a pair for grandma, but then realized that the feature was geoblocked in India So we at Lagrange Point decided to unblock it. It ended up involving a leaky microwave and building a Faraday cage:

Digging in weird places PL 🤘🦇🤘

I'm over here fuzzyaleks.bsky.social

The biggest takeaway from this talk is that macOS font renderer ALMOST never invokes the interpreter. If you were fuzzing TTF bytecode without paying attention, it was probably not hitting the interpreter at all. I'll post slides shortly with other interesting details. #OBTS

Mentioned Alex Plaskett 's tweet as I was referencing j00ru//vx & Gynvael Coldwind 's excellent BrokenType work, presentations and writeups

All set, thanks!

Cowboy hat unusual for Hamburg? Clearly you haven’t seen Dennis Hopper in Wim Wenders’ “The American Friend”. Say hi if you see me at #38C3 !

youtu.be/A1gxy11d0N0?si…

Today at DistrictCon I'll be speaking about writing a portable assembler and disassembler for embedded architectures. In case you can't make the lecture, here are a few of the highlights. 1/n

Exploitation of Asus Armory Crate AsIO3.sys driver | authorization bypass + ObfDereferenceObject primitive to LPE - blog.talosintelligence.com/decrement-by-o…

#BalCCon2k25-Against the current is just around the corner on 19| 20| 21 September 2025!You don’t want to miss: Travis Goodspeed Malware Utkonos Mathias Payer Iceman Joe Grand Goran_Mahovlic @[email protected] - Hetti ʷᵃʳᶦ Miodrag Milanovic kost …Secure your spot now at : 2k25.balccon.org/tickets/ #BalCCon

Whoever is coming to BalCCon: I will be teaching a workshop Attacking USB with Raw Gadget (covering basics of USB emulation and sniffing). If you wish to attend, you must bring Raspberry Pi 5 along with a few other things, see the workshop description. github.com/xairy/raw-gadg…