Researchers have discovered a novel way to exploit speculative dereferences,enabling direct leakage of data values stored in registers, showing that this effect can be adapted to Foreshadow by using addresses not valid in any address space of the guest. arxiv.org/pdf/2008.02307…

Go check Pesidious --> Malware Mutation using Deep Reinforcement Learning youtube.com/watch?v=aplHu2… github.com/Vi45en/Pesidio…

github.com/yanminglai/Mal…

Latest CVEs with PoCs cvebase.com/cve/pocs Add it to bookmarks #bugbountytip #bugbounty

Enter the Vault: Authentication Issues in HashiCorp Vault googleprojectzero.blogspot.com/2020/10/enter-…

Google open-sources Atheris Python Fuzzer that can automatically find bugs in Python code and native extensions in Python 2.7 and Python 3.3+ github.com/google/atheris

Technical Write-Up - ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again, by jtd research.nccgroup.com/2020/12/10/abs…

OpenCVE, a platform used for your CVE alerting and formerly known as Saucs, is now available ! The code is on Github, so you can install it or directly use opencve.io ;)

If you missed my free workshop on #docker & #kubernetes defense, here is the recording 👌 ⬇️ sectrain.hitb.org/hitb-workshops/

I'm feeling generous tonight ☺️ I'm giving away 100 FREE subscriptions for LiveOverflow!! Please retweet to spread the word! youtube.com/c/LiveOverflow…

This year there is two talk about eBPF as Linux kernel Rootkit. (some CVE inside too) youtu.be/g6SKWT7sROQ youtu.be/5zixNDolLrg Ok eBPF is must have for observability/securit. But where is basic law of speration of the priviliege. Is the cure worse than the disease?

youtube.com/watch?v=72uzIZ… This is so cazy and scary !! Shir

guidovranken.com/2022/06/27/not…

Great post by @jub0bs explaining Same-Site stuff: jub0bs.com/posts/2021-01-…

blog.isosceles.com/the-webp-0day/

Releasing full 2+hr video of my browser exploitation workshop from VXCON 2024: youtube.com/live/b9OhamkAY… In which I show what goes inside the mind of a skilled hacker while exploiting a highly non-trivial vulnerability in v8, from zero to exploit concept. Especially this workflow

This weekend, I gave a talk on web browser security research at a student-organized conference. I tried to make the talk reasonably beginner-friendly, so the slides (linked here) could hopefully be useful to someone as a learning resource. docs.google.com/presentation/d…

Remember that great OffensiveCon talk? Or sad you missed it? Well, here are the slides for it! github.com/TrenchantARC/G…

Nice. JS0N Haddix is a legend. He just published a treasure trove of context to feed your agents to help them produce more secure code. github.com/Arcanum-Sec/se…