hi, it's an awesome blog about Advanced Module Stomping kuwaitist.github.io/posts/Astral-P…

TPM 2.0 is cool, actually: hardware attestation for bare-metal fleets apas.tel/blog/tpm-is-co…

AirTouch from Hack The Box is a wireless box featuring SNMP enumeration, WPA2-PSK capture and crack, WireShark traffic decryption, client-side cookie role bypass with a phtml upload, and an evil twin via eaphammer to capture a crackable challenge. 0xdf.gitlab.io/2026/04/18/htb…

The coolest FTP server in the world by ever and ever!! ftp.zx.net.nz/pub/archive/ft…

Introducing OpenMythos An open-source, first-principles theoretical reconstruction of Claude Mythos, implemented in PyTorch. The architecture instantiates a looped transformer with a Mixture-of-Experts (MoE) routing mechanism, enabling iterative depth via weight sharing and

⏰ CFP reminder: submissions for #AGNTCon + #MCPCon North America close June 7! Share your work on agent architectures, MCP design, multi-agent systems, security, evals & more. San Jose, Oct. 22-23. Submit → bit.ly/4tFfCdz

Finally, it is published 😁 Making Vulnerable Drivers Exploitable Without Hardware - my latest research on driver vulnerability hardware-gating, explaining the concept of hardware-dependent code and diving deep into creative deployment techniques - software-emulated phantom

My new article: "Some notes on the security properties of the pipe_buffer kernel object" Many Linux kernel exploits use the pipe_buffer kernel object to build strong exploit primitives. I experimented with pipe_buffers and discovered something interesting a13xp0p0v.tech/2026/04/20/pip…

worried mythos is gonna pwn your code ? just dont write buggy code bro ^⁠_⁠^

chromereleases.googleblog.com/2026/04/stable…

How Browser Exploits Work: A Case Study of CVE-2025-43529 (DarkSword iOS Chain) 8ksec.io/how-browser-ex…

There is also a pre-alpha Linux version brewing 👀

Security properties of the Linux kernel pipe_buffer object for building exploit primitives by Alexander Popov a13xp0p0v.github.io/2026/04/20/pip… #infosec

New blog post on register renaming in CPUs fp32.org/register_renam…

Find zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents. github.com/416rehman/Deep…

Pentest Coverage Tracker: Never forget what you tested during a pentest github.com/codewithvamp/B…

Offensive security knowledge base — 50+ docs covering web exploitation, bug bounty, privilege escalation, CTF writeups, APT emulation, and forensics. Real payloads, real workflows, built from the field. github.com/Abdowaer098/Wa…

HackTheBox AD Machines Writeups, by serioton github.com/seriotonctf/Ha…

firefox 150 AI changes broke my system dark theme compatibility. AI slop 😭😭 It's not even something weird just adwaita dark

Registry Writes Without Registry Callbacks deceptiq.com/blog/ntuser-ma…