How the 8086 processor's microcode engine works righto.com/2022/11/how-80…

KmsdBot Botnet Is Down After Operator Sends Typo In Command packetstormsecurity.com/news/view/3410…

Exploiting CVE-2022-42703 - Bringing back the stack attack googleprojectzero.blogspot.com/2022/12/exploi…

Old news for us, but others might find it interesting: willsroot.io/2022/12/entryb… See: x.com/grsecurity/sta… (2019) x.com/grsecurity/sta… (2018) Users should not take too seriously the cover stories used to disguise embargoed vulnerability fixes.

It's time everybody!!! the OffensiveCon23 ticket shop is now open! Get your tickets quickly, as they tend to run out pretty soon. offensivecon.org/register.html

mast1c0re: Part 3 – Escaping the PS5 emulator reddit.com/r/netsec/comme…

"a software engineer and user of 4chan."

✨Amazing detection and analysis by clem1 and Google TAG on 2 different campaigns using 5 different 0-days and numerous n-days. Android, iOS, and Samsung devices were targeted blog.google/threat-analysi…

Here are the slides for my keynote, 'Mobile Exploitation, the past, present, and the future' at #Zer0Con2023. Zer0con was a blast as always, thank you POC_Crew 👨‍👩‍👦‍👦!! 🚀💫 github.com/externalist/pr…

New blog post is up! Dumping the AMLogic A113X/A113D BootROM (and eFUSE/OTP data): haxx.in/posts/dumping-…

Driver adventures for a 1999 webcam blog.benjojo.co.uk/post/quickcam-…

I can finally have closure and peace of mind

CVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driver by Manuel Blanco and Eloi Sanfelix labs.bluefrostsecurity.de/blog/cve-2023-…

A rowhammer-style but different (and worse?) mechanism to induce DRAM bit flips. Get popcorn.

Me, starting to analyze a new piece of software: I basically know how this works already, I just need to learn a few of the finer details Me, a week later: I don't know anything about this software, or computers in general.

finally... hello, PS5 PSP :)

Hello.. is this thing still on? It's 2023, so here's a fun new blogpost on how we used Intel's x86 CPU JTAG to dump the infamous "secret bootrom" in Microsoft's original Xbox: blog.ret2.io/2023/08/09/jta…

Enhancing Chromium’s Memory Safety with Armv9 -- community.arm.com/arm-community-…

PS5 Release: Kernel Exploit (Webkit – v1.03) compiled for ESP8266 Blog post: wololo.net/2023/08/13/ps5… Downloads : github.com/frwololo/PS4_P…

💥BOOM!💥 Another privilege escalation blog, this time showcasing how to convert arbitrary file deletions 🗑️ to SYSTEM command prompt🌈 CVE-2023-27470. Learn about TOCTOU, pseudo-symlinks, MSI rollback exploits, and, of course, how to protect yourselves! mandiant.com/resources/blog…