After 5 years of work, security.txt is officially an RFC. I am pleased to announce RFC 9116: rfc-editor.org/rfc/rfc9116. I would like to use this opportunity to thank those who made this possible. Thank you. ❤️

I wrote a new blog post about how to bypass CSP if wordpress is hosted on same-domain or subdomain. Exploit abuses the Same Origin Method Execution trick. #bugbountytips 🌴 octagon.net/blog/2022/05/2…

We recently found a vulnerability affecting Hyundai and Genesis vehicles where we could remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012. To explain how it worked and how we found it, we have ꙅɿɘƚɔɘqꙅ as our mock car thief:

Check out my latest research, Prototype Pollution but in Python this time blog.abdulrah33m.com/prototype-poll…

Completely missed the Android 14 preview/beta releases, but looks like the 'safer dynamic code loading' feature will kill some RCE scenarios on Android applications which leverage an arbitrary file write via e.g. an unsafe unzip. developer.android.com/about/versions…

Citrixbleed: On Oct 10th, Citrix announced a security advisory for CVE-2023-4966, a sensitive information disclosure bug marked as CVSS 9.4 affecting Netscaler Gateway. The security research team at Assetnote was able to reproduce the vulnerability. Blog post here:

Enjoyed Lisbon 🇵🇹! Thanks for the very well organized event, Intigriti. Congrats to the award winners @karel_origin, Arne Swinnen, MattiBijnens, erbbysam ㋬, Peter, and all participants for the great results! #1337UP1023

I threw together a quick blog post explaining the recent attack on AirDrop privacy, and how Chinese law enforcement is exploiting it. blog.cryptographyengineering.com/2024/01/11/att…

Bouncy castles on one side, starvation and death on the other.

happy to release my new article entitled: Next.js and cache poisoning: a quest for the black hole zhero-web-sec.github.io/research-and-t… good reading;

I love crossover bugs that go between web/mobile/native because there's so much strange interactions that occur and a lot can go wrong - this research was another result of this! spaceraccoon.dev/universal-code…

My latest blog about my discovery for Evernote Client All-platform RCE via PDF.js font-injection to preload.js exposed ipcRenderer-BrokerBridge-boron.actions bypassing Electron's nodeIntegration | context-isolation; Enjoy reading! 0reg.dev/blog/evernote-…

Pass-the-{token} attacks are still very much relevant. Tokens may change: Cookie, NT Hash, Kerberos ticket, MFA token, ... However, the problem is not in the "token" but in the "pass". We need a solutions to make tokens stay put, such as device and channel binding.

in a couple weeks, i built a nuclear fusor in my bedroom – with zero hardware experience the secret? Claude sonnet 3.5 + projects a glimpse into the process below

We did it! We tested 300 Bay Area foods for plastic chemicals. We found some interesting surprises. Top 5 findings in our test results: 1. Our tests found plastic chemicals in 86% of all foods, with phthalates in 73% of the tested products and bisphenols in 22%. It's

x.com/i/article/1872…

Today I used a technique that’s probably not widely known in the community. In what cases could code like this lead to a vulnerability? ->

A fix from Google was released today. Part of the issue was due to my misunderstanding based on previous reports. Big thanks to chromium team for the quick resolve I hope everyone had some fun, and apologies to the triagers on HackerOne XD

Imagine not having had any food to give your kids for 10 days.