Our talk at #BHUSA Black Hat Briefings has been accepted! This is a presentation on an initiative to make the BIOS usable even after the OS has booted, enabling malbehavior to occur solely within the BIOS, independent of the OS. blackhat.com/us-25/briefing…

The embargo (12:00 UTC 2025-06-10) is over, let's start a thread on Hydroph0bia (CVE-2025-4275), a trivial SecureBoot and FW updater signature bypass in almost any Insyde H2O-based UEFI firmware used since 2012 and still in use today. English writeup: coderush.me/hydroph0bia-pa…

🔎From Hidden Semantics to Structured Insights✨ By combining static analysis techniques and tailored heuristic improvements, we've significantly enhanced the precision of type inference, enabling more effective vulnerability triage. lukas seidel Sam Thomas 👏 binarly.io/blog/type-infe…

My #idalib based tools are featured in the latest Hex-Rays SA blog! hex-rays.com/blog/4-powerfu…

Nvidia OSR (Alex Tereshkin, Adam 'pi3' Zabrocki) reveals high-impact Supermicro BMC vulnerabilities (CVE-2024-10237/38/39). Binarly REsearch documenting the details: 👻Ghost in the Controller: Abusing Supermicro BMC Firmware Verification. Read the full story: binarly.io/blog/ghost-in-…

🐳 𝗣𝘀𝘀𝘁, 𝘆𝗼𝘂𝗿 𝗰𝗼𝗻𝘁𝗮𝗶𝗻𝗲𝗿 𝗶𝘀 𝗹𝗲𝗮𝗸𝗶𝗻𝗴 𝘀𝗲𝗰𝗿𝗲𝘁𝘀 𝗴𝗮𝗹𝗼𝗿𝗲 The Binarly REsearch examine more than 𝟴𝟬,𝟬𝟬𝟬 popular Docker Hub images (𝟭𝟯 𝗧𝗕 𝗮𝗰𝗿𝗼𝘀𝘀 𝟱𝟰 𝗼𝗿𝗴𝘀) and 𝗳𝗹𝗮𝗴𝗴𝗲𝗱 𝟳𝟱𝟳 𝘂𝗻𝗶𝗾𝘂𝗲 𝘀𝗲𝗰𝗿𝗲𝘁𝘀 ranging from generic

I'm happy to finally release NovaHypervisor! NovaHypervisor is a defensive hypervisor with the goal of protecting AV/EDR vendors and crucial kernel structures that are currently uncovered by VBS and PatchGuard. Full explanation below 1/6. github.com/Idov31/NovaHyp…

hyper-reV: A powerful memory introspection & reverse engineering hypervisor leveraging Hyper-V. Read/write guest memory, SLAT hooks, and hide pages, all while evading detection. Supports Intel/AMD, tested on Win10/11. Check it out: github.com/noahware/hyper… #HyperV

🚨More than a year after the XZ Utils crisis, we found 35+ publicly available Docker Hub images still carrying the backdoor, some tagged “latest”. Long-tail supply-chain risk is real! Read the blog: binarly.io/blog/persisten…

Sorry not to respond on Keybase. I've not used it over 1 year since I changed my laptop

As promised Blogpost is here! I find that a lot of the times people ask “how can researchers find complex bugs” This is my small contribution to show how the journey looked for me. I presented this content at hitcon last week! bughunters.google.com/blog/580034147…

#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/6

QUANTUMSTRAND beta 1 released: built for analysts to quickly understand *where* strings are, *what* they might be, and *how* important they are, without getting lost in a sea of undifferentiated text. Thanks Moritz and the crew at Mandiant (part of Google Cloud) FLARE github.com/mandiant/flare…

Rustで作成されたバイナリのリバースエンジニアリングに関するレポートを公開しました。 レポートはGitHubリポジトリにて公開されているため、そちらもご覧ください。^TK blogs.jpcert.or.jp/ja/2025/09/rus… github.com/JPCERTCC/rust-…

🔐BYOVD, but in firmware. Signed UEFI shells, vulnerable modules offer new paths for Secure Boot bypasses. Read the latest REsearch from Fabio Pagani and Yegor on the fragile foundation of UEFI ecosystem. binarly.io/blog/signed-an…

#ESETresearch has discovered #HybridPetya ransomware on VirusTotal: a UEFI-compatible copycat of the infamous Petya/NotPetya malware. HybridPetya is capable of bypassing UEFI Secure Boot on outdated systems. Martin Smolar welivesecurity.com/en/eset-resear… 1/8

🚨Binarly REsearchers revisit an already-patched Supermicro BMC bug and discover two new high-impact vulnerabilities that expose major gaps in software supply chains. CVE-2025-7937: bypassed “fix” for CVE-2024-10237. CVE-2025-6198: Supermicro RoT bypass. binarly.io/blog/broken-tr…

他のBriefingsの発表紹介は下記の発表をまとめました - Machine Check 例外による ring 0 → ring -2 権限昇格 - BYOVB(ootloader)可能なセキュアブートバイパスの脆弱性 - BitUnlocker. Windows リカバリーの脆弱性を使って Bitlocker をバイパス

Had a blast attending and presenting at LABScon 2025 for the second year in a row! If you are curious about BYOVD in UEFI, and how we at BINARLY🔬 uncovered an incomplete patch for a Supermicro BMC bug, check out our talk slides below👇

NtDoc has been updated with definitions and documentation from the official Windows Driver Kit DDI reference and portions of the Win32 API reference. This update reduces the need to switch between NtDoc and Microsoft Docs, addressing one of the most common suggestions for NtDoc.