There is a lot of new content and we are pretty sure you will enjoy it. You can have a sneak peak on the V8 type confusion module I added to section 2 on the Off by One Security stream: youtu.be/kuAfEcQAD6o

We are looking for a junior security researcher 🤠 No university degree or previous work experience required, but MUST be able to demonstrate interest in the field and some basic skills by either: 1. Have published blog post detailing 0-day vulnerability (found by yourself)

We've already received many high-quality submissions to our CFP, thank you! 🚀 Don't miss your chance to submit before July 14! 📅 hexacon.fr/conference/cal…

Good morning! Just published a blog post diving into Windows Kernel Pool internals: basics, memory allocation functions, internal structures, and how Segment Heap, LFH, and VS work. r0keb.github.io/posts/Windows-…

Attackers love RDP for sneaky lateral moves—but every pixel leaves a clue! 🕵️‍♂️ Check out my latest blog on tracking attackers through logs, bitmap caches, and clipboard trails (plus a printer tale too funny to miss). #DFIR #BlueTeam #CyberSecurity medium.com/@mathias.fuchs…

We released our Fuzzilli-based V8 Sandbox fuzzer: github.com/googleprojectz… It explores the heap to find interesting objects and corrupts them in a deterministic way using V8's memory corruption API. Happy fuzzing!

𝗖𝗩𝗘-𝟮𝟬𝟮𝟱-𝟮𝟳𝟬𝟲𝟮 is one of my favorite Linux kernel vulnerabilities that we have discovered/exploited together with my brilliant former colleague Slava Moskvin | Path Cybersec docs.qualcomm.com/product/public…

My slides are available now! Thank you Alex Plaskett !!!

Black Hat Bonus: Learn more about Kyle Avery 's research on training self-hosted LLMs to generate evasive malware and creation of a 7B parameter model that generates evasive Cobalt Strike shellcode loaders able to bypass Microsoft Defender for Endpoint. ow.ly/1EUf50WBI5e

If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: youtu.be/qhhJCLy0YBA?si…

Hey Austin folks (or close by), this is a great opportunity to speak at this event. We have the amazing Pedram Amini and Marcus J. Carey delivering the keynotes, and a great line up of amazing speakers and workshops. We'd love to hear from you if you have a talk!

Well described, worth the read, ty ☺️

We’re hiring offensive security researchers Apple SEAR! We’re looking for skilled researchers across multiple security domains. Learn more and apply here: jobs.apple.com/en-us/details/… If you’re into low level systems like firmware, RTOS, coprocessors, embedded components, or

Tools such as PsExec.py from Impacket are usually flagged for lateral movement due to the pre-built service executable that is dropped on the remote system. However, some vendors also flag Impacket based on its behaviour. With RustPack, you can easily create

I've just finished teaching the new version of @sans sec760. What a blast to present it to students for the first time. Thank you all for your participation and interaction, it was a lot of fun. More info: sans.org/cyber-security…

Interesting read

We’re less than 1 hour away from #BSidesPyongyang2025, and western dissidents have already tried to stop our supreme conference by targeting #CloudFlare. THE SHOW MUST GO ON!