WOOT 2025 Conference starting in Seattle. The program prepared by Alyssa Milburn and Jiska includes sessions on hardware security, wireless attacks, network security. And tomorrow physical attacks, application security. And Keynote by Falcon Darkstar

WOOT 2025 schedule, all papers are now online open access: usenix.org/conference/woo… Talks are recorded, and should be online in a few weeks.

Next week we host an online instance of our BootPwn training with a small group of attendees. This is your chance to experience this training in such an intimate setting! Aug 18-21, 2025 (8:00-12:00 PST) raelize.com/bootpwn/ Reach out here or by email if you are interested!

In how many ways can you break #secureboot on embedded devices? Explore a wide variety of techniques in our #BootPwn with Cristofaro Mune at #hw_ioNL2025. Understanding principles with a holistic system perspective, is key for unlocking next level attacks. hardwear.io/netherlands-20…

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org

PoC for bootchain exploit on the Nothing Phone 2a / CMF Phone 1 and possibly other MediaTek devices github.com/R0rt1z2/fenrir #MobileSecurity #DFIR #infosec by Roger

Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]

The measure of greatness in a scientific idea is the extent to which it stimulates thought and opens up new lines of research. - P. A. Dirac

Our #TAoFI will be at #RomHack2025! 4 days of advanced attacks to: - Build up solid #FI fundamentals, with a methodical approach - Learn an FI methodology - Master instruction corruption - Get PC control in ROM - ... And you get to enjoy Rome ;) romhack.io/training/2025/…

First post-lunch talk at Out Of The Box Security Conference Bankok goes straight down to the nitty gritty: Why'd You Only Call Me When You're In SMM? Exploiting UEFI SMM Vulnerabilities For Persistent Firmware Implants by the hugely impressive ic3qu33n

Had such a great experience speaking at Out Of The Box Security Conference earlier today about UEFI & SMM RE/xdev ✨ thank you to the entire team Out Of The Box Security Conference l33tdawg for organizing and for having me as a speaker. 🖤 my talk slidedeck will be made public, link will be shared when that’s up!

A while ago I taught an Android programming class. If Google's plan to demand government ID from programmers for the privilege of running their programs on Android is realized, I don't think I'll ever teach one again. I wouldn't want to endorse such a platform to the students.

There's a fine line between addressing a market and locking a customer base in. IDA Pro old-timer here (as you may guess) and I have been loving it as anyone in our field. Yet, the new licensing model isn't a fit. Time to evolve.

Important message from joernchen in his NULLCON keynote presentation 🚀❤️

The best reward a trainer... or, better, in this case, a mentor, can get. This, after a great TAoFI week at #romhack2025. Thanks to all our students for their passion and insights. You made it amazing.

[POC2025] SPEAKER UPDATE 👥 Xingyu Jin(1ce0ear) & Martijn Bogaard - "Dirty Ptrace: Exploiting Undocumented Behaviors in Kernel mmap Handlers" #POC2025

🚨 Save the Date for #offensivecon26 Mark your calendars, spread the word, and stay tuned for when registrations open! 📍 Hilton Berlin 🧠 Trainings: 11–14 May 2026 🎤 Conference: 15–16 May 2026 Visit 🔗offensivecon.org for more details.

Have a Furby 0-day? A Juicero exploit? A bewitched 🪄PoC for some cursed, End-of-Life 👻 product that your friends keep begging you to stop reverse engineering & touch grass? We see you: your real friends are at DistrictCon Junkyard. 9 days to submit your most unhinged bugs!

Fault injection attacks on microcontrollers: everything you need to know and more. 👨🏽‍🏭📟⚡☠️📤 More details on: LinkedIn: linkedin.com/posts/dlaskov_… Substack: it4sec.substack.com/p/fault-inject…

It's kind of sad that I see more and more academic papers reusing my code and even removing the copyright notice and referrals to me. This is clearly a violation of academic work where all work from others has to be cited and a clear abuse of open source code.