Binary Security found the undocumented APIs for Azure API Connections. In this post we examine the inner workings of the Connections allowing us to escalate privileges and read secrets in backend resources for services ranging from Key Vaults, Storage Blobs…

HOWTO: build ATF (Trusted Firmware ARM) and OPTEE for RK3588 To better implement the protection of digital assets in embedded systems, we have chosen the RK3588 as the prototype platform.

Learn about CVE-2025-1094, a critical SQL injection vulnerability in PostgreSQL's escaping functions. Discover affected versions, mitigation strategies, and how to protect your systems.

Looking for network management that is effortless? Try Auvik for free, no credit card required and see how easy it is to use and manage. Try it free and get a Raspberry Pi 5 16GB Kit-on us!

Discover old-medpy-vulnerability article on partywave.

I thought I was being recruited. Instead, I gave hackers access to my system by running a simple 'npm run start'. Discover how the tech details of this supply chain attack and how to protect yourself.

Akamai researchers have created detection noscripts and additional details for the Apache Camel vulnerabilities CVE-2025-27636 and CVE-2025-29891.

Writing secure code today is easier than making a mistake that would lead to an XXE vulnerability. While examining a library, I wondered: is its code truly secure? At first glance, everything appeared to be filtered, and the function didn’t have the attributes…

Lumma Stealer and AMOS are used in the campaign.

Recently, I paid attention to some open-source projects and technical articles related to security that involve large language models (LLMs). The authors emphasized the use of LLMs, but a closer look…

Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.

Cybermonit is a modern platform for monitoring CVS vulnerabilities, data leaks, ransomware attacks and ongoing DDoS attacks, enabling rapid threat identification and effective response to cyber incidents.

Latest version: v2.10.0 CRADLE Intelligence Hub Batteries included collaborative knowledge management solution for threat intelligence researchers.

Hacking a Low-Cost Electric Toothbrush

In our team's latest blog post, we build a few examples that showcase ways in which memory corruption vulnerabilities could manifest in Delphi code despite being included in a list of "memory safe" languages within a paper published by the NSA. We cover how…

I recently helped a company recover their data from the Akira ransomware without paying the ransom. I'm sharing how I did it, along with the full source code.



The code is here: https://github.com/yohanes/akira-bruteforce



To clarify, multiple ransomware…

This article marks the first in a series aimed at sharing my adventures, personal notes, and insights into the Android kernel. My focus…

Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.