Caido, Learning and Food aituglo.com/aituweek-53/

There is only one atomic building blocks: I call it Context Confusion! which I believe LiveOverflow 🔴 referees as Injection in his tweet. Single data becomes part of the another data. It’is still “data” for you but the moment that data switched the context, for instance sent

Such a good read!

You can watch the recording of today's Off By One Security stream with James Kettle here: youtube.com/live/B7p8dIB7b…

$5 Membership sale is live for the next 24 hours: account.shodan.io/billing/member

Infosec folks when porn needs ID verification: 🗣️🗣️🗣️🗣️🗣️ Infosec folks when children are being killed by the IDF: 😴🧑‍🦯🙊🙈

Hello everyone, A little out of context this time, I'm leaving my current job to start a new adventure on my own. I wanted to thank you for all the strength you give me and for all your feedback on my tools ! 🤜🤛❤️ I love what I do and I'll keep doing it, but it's always nice

Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]

Slow bounties, AI and travel aituglo.com/aituweek-55/

Imagine you have a XSS vulnerability but you have a undefined variable before your injection. Is all hope lost? Not at all you can use a technique called XSS Hoisting to declare the variable and continue your exploit. Big thanks to ycam for the XSS cheat sheet submission

Please join me on the next Off By One Security stream with guest Eugene Lim (spaceraccoon | Eugene Lim ) on 4-Sept at 6PM PT for a session on "0-day Hunting Strategy!" This will be a great session for those interested in vulnerability research! Note the time at 6PM PT youtube.com/watch?v=dMt2qy…

I'm not good enough at guessing obvious things, so it took me way too many DLLs to reverse and a few rabbit holes to go down, only to find that the final payload was a very classic one. Still, the research journey was really fun, with a happy ending 😁

Looks like I’ve got a printer for sale 😅😒

Synacktiv Volker bsecure.fr Orange Cyberdefense France Pierre Milioni 📢 #GreHack25 program release! We're kicking off this weekend with a bang by announcing our guest speaker for this edition 👀 👤 Gynvael Coldwind from HexArcana ➡️ CTF in a box ? The weirdest NETGEAR network switch 2021 exploit chain See you tomorrow for a next talk 🔥

Anotha week, another VR newsletter 🏴‍☠️📰 NCC Group Research & Technology (McCaulay, Alex Plaskett) pop a Tesla TCU unit kCTF 1-day breakdowns from Faith 🇧🇩🇦🇺 & Pumpkin 🎃 Jann Horn - [email protected] talks potential remote ASLR leaks + Jobs and MORE 👇 blog.exploits.club/exploits-club-…

Learning vs Working, Be locked in and DomLogger++ aituglo.com/aituweek-60/

Today at 11AM PT! This will be an interesting session on Windows Shellcode. You can watch on X, LinkedIn, or YouTube here: youtube.com/watch?v=WR7M_U…

💣 We caught Y Combinator–backed Gecko Security stealing two of our CVEs, one on ollama , one on Gradio. They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts. Here’s the full story 👇

My imposter syndrome now that I know there’s no entry for Brother printer at this p2o edition. Still looking forward to seeing what others found - especially this WhatsApp zero-click bug (or bugs).

PoV: you wakeup and go run a pwn2own exploit Trend Zero Day Initiative