Explore how AI hiveminds and autonomous agents are transforming cyber attacks in 2025. Learn about their speed, adaptability, and impact

Chromium's advanced security still leaves enterprises vulnerable to local attacks. But it’s not Chromium’s fault. A deeper look via the Chromium issue tracker

How “Chimera” Nearly Destroyed X Business in 2025 — and What Every Small Business Must Learn

Instant YARA rule testing and validation in the browser.

A Foray into the Shadowy Corners of Reddit: Understanding Reddit Shadowbans

Author(s): Vlad Pasca DragonForce ransomware deploys payloads derived from leaked LockBit3.0 and Conti source code DragonForce logs all its ...

Getting Started with Fuzzing FreeRTOS Firmware

Snowflake’s Cortex AI can expose sensitive data if misconfigured. Learn how it happens—and how Cyera helps protect against AI-driven data leaks

“If you shame attack research, you […]

It’s… another week, and another vendor who is apparently experienced with ransomware gangs but yet struggles with email.

In what we've seen others term "the watchTowr treatment", we are once again (surprise, surprise) disclosing vulnerability research that…

Posted by ethicalhack3r - 12 votes and 0 comments

Control characters like SOH, STX, EOT and ETX were never meant to run your code - but in the world of modern terminal emulators, they sometimes do. In this post, I'll dive into the forgotten mechanics

It’s that time of the year again, Black Hat USA is just a few months away and I’m honored to be back again for another year teaching about…

This blog post will dive into the world of some of the recently published potato techniques that can lead to more serious risks than

AI-generated slop reports are making bug bounty triage harder, wasting maintainer time, and straining trust in vulnerability disclosure programs.

Santizer is the most effective way to enhance the memory safety. Fuzzer helps as well! Fil-C...

CVE-2024-11477, a buffer overflow vulnerability in 7-Zip's ZSTD decompression algorithm; explore the technical details.

Single Sign-On (SSO) related bugs have gotten an incredible amount of hype and a lot of amazing public disclosures in recent years. Just to cite a few examples: