15
12
Opening the AWS European Sovereign Cloud (amazon.com)
2
Releasing Rainbow Tables to Accelerate Net-NTLMv1 Protocol Deprecation (cloud.google.com)
2
Petlibro: Pet Feeder Is Feeding Data to Anyone Who Asks (bobdahacker.com)
1
Reverse Engineering a Phase Change in GPT with the Seahorse Emoji (pratyushmaini.substack.com)
2
Pixel phone can now be used as a webcam for the Nintendo Switch 2 (androidauthority.com)
2
About Signal Pin (s1m.fr)
3
Drawbot: Let's Hack Something Cute (atredis.com)
4
New spyware exploited a Samsung 0-day delivered through WhatsApp messages (paloaltonetworks.com)
4
Hacking the World Poker Tour: Inside ClubWPT Gold's Back Office (samcurry.net)
2
Exploring GrapheneOS secure allocator: Hardened Malloc (synacktiv.com)
3
Exploiting the GPU and the 90s crypto wars to crack the APT code signing keys (put.as)
1
All You Need Is MCP – LLMs Solving a DEF Con CTF Finals Challenge (wilgibbs.com)
105
How the “Kim” dump exposed North Korea's credential theft playbook (domaintools.com)
1
Painting stolen by Nazis believed discovered in Argentine real estate listing (go.com)
1
BadCam: Now Weaponizing Linux Webcams (eclypsium.com)
2
Hacking every Intel employee and various internal websites (eaton-works.com)
1
Deleting a file in Wire doesn't remove it from servers – and other findings (almond.consulting)
1
Decrypting Encrypted files from Akira Ransomware using a bunch of GPUs (tinyhack.com)
13
The ESP32 "backdoor" that wasn't (darkmentor.com)
1
Reinventing PowerShell in C/C++ (scrt.ch)
2
We Hacked a Software Supply Chain for $50K (landh.tech)
19
Push Notifications for Decentralized Services (unifiedpush.org)
4
Laser Fault Injection on a Budget: RP2350 Edition (courk.cc)
88
WorstFit: Unveiling Hidden Transformers in Windows ANSI (blog.orange.tw)
2
Backdooring Your Backdoors – Another $20 Domain, More Governments (watchtowr.com)
1
Using AFL++ on bug bounty programs: an example with Gnome libsoup (almond.consulting)
2
CVE-2024-45844: Privilege escalation in F5 BIG-IP (almond.consulting)
1
Tinkerers Are Taking Old Redbox Kiosks Home and Reverse Engineering Them (404media.co)
3
CVE-2024-23113 a Super Complex Vulnerability in a Super Secure Appliance in 2024 (watchtowr.com)
94
Vulnerabilities in the Feeld dating app (fortbridge.co.uk)
407
We spent $20 to achieve RCE and accidentally became the admins of .mobi (watchtowr.com)
1
PHPFuck: Using only 7 different characters to write and execute PHP (splitline.github.io)
1
The Certification Trap (pentesterlab.com)
1
NAS Performance: NFS vs. SMB vs. Sshfs (2019) (ja-ke.tech)
1
Mark Dowd – Inside the 0day market [pdf] (github.com/mdowd79)
1
Tombolo (wikipedia.org)
1
Deep Diving into F5 Secure Vault (almond.consulting)
1
Post-Exploiting an F5 Big-IP: root, and now what? (almond.consulting)
24
Palo Alto – Putting the Protecc in GlobalProtect (CVE-2024-3400) (watchtowr.com)
1
Microsoft Edge's Marketing API Exploited for Covert Extension Installation (guard.io)
2
Same Same, but Different (margin.re)
1
Ivanti Connect Secure CVE-2024-22024 – Are We Now Part of Ivanti? (watchtowr.com)
52
Building a Password Cracker in 2024 (sevnx.com)
3
Rare usernames and 11 chances to win Proton's most exclusive plan (proton.me)
1
LDAP authentication in Active Directory environments (almond.consulting)
1
Cutcutgo: Open-source firmware for Cricut Maker (virtualabs.github.io)
3
Russian 0day broker pays $20M for 0day exploits for iPhones devices (securityaffairs.com)
4
Phineas Fisher, Hacktivism, and Magic Tricks (isosceles.com)
2
Silk Road’s Second-in-Command Gets 20 Years in Prison (wired.com)
2
XORtigate: Pre-Authentication Remote Code Execution on Fortigate VPN (lexfo.fr)
135
[dupe] Iconic Torrent Site Rarbg Shuts Down, All Content Releases Stop (torrentfreak.com)
10