youtu.be/55yciJgP3Uk?fe…

Mark the date: September 3–4 in Amsterdam. For €1500 + €250 kit you get an intensive 2-day hardware hacking training led by the experienced Roman Stuehler (@cyberinfinite). Learn firmware dumping, power glitching, root access. High quality yet one of the most affordable serious

Google Wifi Pro - Glitching from Root to EL3 - Part 2 In this second post, we explain in detail, how we used a single EM glitch to read and write a 32-bit value from/to an arbitrary address from within the context of EL3. raelize.com/blog/google-wi…

Reverse engineering and security analysis of an ESP32 based IoT device jmswrnr.com/blog/hacking-a… Credits James Warner #esp32 #infosec

This series is a banger! Thanks for your effort you put into the detailed writeup. Also for releasing the slides for hardware.io! Awesome job! :)

We reported a vulnerability in Parallels Client via Trend Zero Day Initiative last year. 🔥 The issue (CVE-2025-6812) - now fixed: A privileged service searched for an OpenSSL config file in an unsecured location, enabling LPE. ➡️ Advisory here: neodyme.io/en/advisories/… ☂️ Patch your systems!

CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability: Trend ZDI analyst Bobby Gould details this bug and another that may be a dupe. He also shows how it can be exploited. zerodayinitiative.com/blog/2025/7/24…

Teardown of a few Aliexpress Hörmann Remote Clones Most interesting a Tuya WiFi Enabled one: s.click.aliexpress.com/e/_opwprH1 Which turns out to be just as simple as a standalone remote(4Buttons) connected to the Tuya CB3S Belkin BK7231N module and handled as just GPIOs

If u think that Windows research is all we do, think again! In our first IOT blog, Rafał Goryl details the Wolfbox EV charger setup, attack surface, his #Pwn2Own Automotive 2025 bug, exploitation, and best of all, displaying our name on it (in styleee...)! pixiepointsecurity.com/blog/pwn2own-2…

💥This is wild! github.com/XieyangSun/TEM…

During my course preperation, I have created the following cheat sheet for the rasp pico PIO functionalities. It covers everything you need to know to reimplement different type of protocols, perform glitching attacks or side channel analysis. High res picture on my website.

No OTA signature bypass found so far 🥲 But did create an WebBluetooth tool which allows you to connect to your Power bank and reads basic info's via the encrypted protocol There is a potential bug which lets you set the OTA Size to uint32, read more about it in the GitHub Repo