Israeli warplanes carry out heavy bombardments on Deir Al Balah in central Gaza.

Israeli soldiers film and cheer for an ongoing series of brutal bombardments on Khan Yunis and Deir Al Balah in central Gaza.

Three Palestinians were killed late last night in an Israeli airstrike targeting the Al-Jeneina neighborhood of Rafah, southern Gaza, on the first day of Ramadan.

The Biden administration:

CVE-2024-22247 VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance dur… cve.org/CVERecord?id=C…

CVE-2024-22246 VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to t… cve.org/CVERecord?id=C…

CtF hAs nOThInG tO dO wiTh AcTuAl SeCuRity ReSeArcH

Finally found some time this weekend to work on an IDA plugin I've always wanted

HIND’S HALL. Once it’s up on streaming all proceeds to UNRWA.

RAFAH WAS NEVER A “SAFE ZONE” IT WAS AN ETHNIC CLEANSING PLAN! TRULY PSYCHOPATHIC!

Why do we only talk about Israel ?

I just published an advisory for 4 vulnerabilities I discovered earlier this year in the HTTP server of multiple ZTE routers. Some of these vulnerabilities allow an attacker to gain preauth RCE as root. wr3nchsr.github.io/zte-multiple-r…

Few things about exploding communication pagers Thread ⬇️

The exploding Hezbollah pagers situation is an incredibly impressive supply chain attack by Israel (most likely). I am sure more details will come, but there are already some educated guesses to be made that narrow it down. 🧵1/n

Pro-Palestine activists released 649-page document with the names, ages, genders, IDs, and number of every Palestinian killed in Gaza from October 7 to August 31. The first 14 pages of the document are for children under 1 year old.

Mount Hermon was fully stolen from Syria a month ago and they are already calling it Israel. Tells you everything about Israel’s “historic” lands in Palestine

🔐 Just launched DVBank Lab - an open-source vulnerable banking app for hands-on AppSec training! Built with Python/Flask & React. Learn source code review through real banking scenarios 👨‍💻 github.com/mamgad/DVBLab #AppSec #CyberSecurity

It's been 2 years since the last potato exploit—miss it? I’ve been researching a new LPE technique. It looks like the classic potato exploits, but it’s NotAPotato. So far, I can escalate from Network Service to SYSTEM—but this might be just the start :). Something big is coming.

"Decoding Signal: Understanding the Real Privacy Guarantees of E2EE" I am thrilled to announce that my talk at Black Hat has been accepted. Looking forward to sharing some of my research with everyone 💙🔐 #BHUSA

The real account is a parody. There's literally no point running this parody page anymore.