Apple's filtering of iMessage and iCloud is not a slippery slope to backdoors that suppress speech and make our communications less secure. We’re already there: this is a fully-built system just waiting for external pressure to make the slightest change. eff.org/deeplinks/2021…

Introducing the new #PtracePwn bug to Firefox in Linux! exploit: ps aux | grep firefox (gather PIDs for FF processes) gcore <pid> Will work on any thread, dumps the entirety of virtual memory. Bye bye ASLR, hunting for gadgets, canary values, secrets (pws), and more!

Paw · The most advanced REST & GraphQL API client for Mac paw.cloud · Our crazy🤯 2021 Black Friday offer: Retweet this and get a free Paw license (worth $49.99) 💙

The MAGIC Grants board is extremely excited to announce the MAGIC Monero Fund! #monero #xmr MAGIC Grants is a 501(c)(3) public charity that supports the maintenance of public payment infrastructure, including Monero! This Fund will focus on Monero. magicgrants.org/Monero-Fund/

Periodic reminder that Apple has not officially abandoned its photo scanning plans, and could still flip the switch on a billion users at any moment.

What has four wheels, collects your biometric data and sells your personal information? Probably your car 🙃 Our #PrivacyNotIncluded team has released its first ever report on Cars + Privacy, and well, it's all bad. Dig into the 25 reviews here ⤵️ mzl.la/483QJ0X

Deanonymization of the Dero Network gist.github.com/kayabaNerve/b7… TL;DR An insecure message encryption protocol enables breaking message, amount, receiver, and sender (on wallets with a recent patch) privacy, even if the sender doesn't explicitly specify a message.

NEW Darknet Diaries COMIC! We did a new collab w/ Jack Rhysider 🏴‍☠️ and it will be available at DEF CON BHIS booth. Inspired by Episode 122 w/ Lisa Forte. Jack is signing copies on Friday - 12pm Get physical copies from our store ($2.50+shipping) -- spearphish-general-store.myshopify.com/collections/re…

Hacking into Apple's new USB-C controller: Electromagnetic fault injection (EMFI) on the ACE3 chip, bypassing verification and dumping firmware for just ~$60. 🍎 📱 🪢💲 Link to Post: linkedin.com/posts/dlaskov_…

**NEW** BHIS | Blog How can you detect a XSS vulnerability on your website in real-time? Canary in the Code: alert()-ing on XSS Exploits by: @HacksandHops Published: 3/20/2024 Learn more: blackhillsinfosec.com/alerting-on-xs…

FCMP++ Optimization Competition Now Live! Help improve #Monero by optimizing the helioselene and ec-divisors libraries for the upcoming FCMP++ upgrade. Full contest rules and details available here. getmonero.org/2025/04/05/fcm…

We're excited to announce the FCMP++ Optimization Competition to optimize the helioselene and ec-divisors libraries used in Monero's upcoming Full-Chain Membership Proofs (FCMP++) upgrade, with prizes of 100 XMR (helioselene) and 250 XMR (ec-divisors)!

The FCMP++ Optimization Competition is now open for submissions!

🚨You have a true positive alert on a Windows/Linux endpoint—this is not a drill! Learn how to investigate & respond fast in Rapid Endpoint Investigations w/ Patterson Cake. Live demos + hands-on labs. 📅 Friday, June 6 💸 Pay-What-You-Can Register Now: antisyphontraining.com/course/worksho…

Ring Signature Resiliency to AI Analysis A test of machine learning attacks on Monero's untraceability (2022) donate.magicgrants.org/monero/project…

I just found the coolest csp bypass ever! did you know that a valid pdf can ALSO be valid javascript? (details below)

I'm launching a newsletter!! The IoT Security Digest is a weekly newsletter where I will share my take on the latest IoT security news, tools and educational resources. Informative and to the point. First post drops next week! iotsecd.brownfinesecurity.com/subscribe

Introducing Havoc Professional: A Lethal Presence We’re excited to share a first look at Havoc Professional, a next-generation, highly modular Command and Control framework, and Kaine-kit our fully Position Independent Code agent engineered for stealth! infinitycurve.org/blog/introduct…

If you have never tired mining Monero on your cpu, now’s the time to start. Go to : gupax.io Download, install. Turn the miner on. It really is simple. Come ask questions here if you run into some issue.

0-day Hunting Strategy with Eugene “Spaceraccoon” Lim x.com/i/broadcasts/1…