Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware,…

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

Partially solving the problem for procedures that need valid complex parameter types to fuzz, and open sourcing the tool

For my internship, I was tasked by my mentor Le Qi to analyze CVE-2024-30088, a double-fetch race condition bug in the Windows Kernel Image ntoskrnl.exe. A public POC demonstrating EoP from Medium Integrity Level to SYSTEM is available on GitHub here.
Additionally…

This course teaches you how to use the Binary Ninja debugger well enough to use it in classes that depend on it.

Inside Evalian’s SOC investigation of a Red Bull recruitment scam: fake job offers, Facebook phishing, and the detection techniques that stopped it.

A critical unauthenticated remote code execution (RCE) vulnerability was discovered in the Broadcom Symantec Altiris Inventory Rule Management (IRM) component of Symantec Endpoint Management.

Out of multiple conversations with people at BSD conferences, I noticed that many would love to see a chatbot that provides precise information on FreeBSD—for users, admins, and developers.
I strongly believe that there should not be an official chat.freebsd.org.…

Are you experienced in cybersecurity, ethical hacking, or penetration testing? We’re conducting a research study exploring how personality traits influence decision-making in cyber operations, and we want your perspective.📊 ~20-30 minutes | 🔐 100% anonymous

How a single alert led our team down a rabbit hole of sophisticated deception — and what we learned about the evolving threat landscape

In the never-ending cat-and-mouse game of cybersecurity, every advancement in defense inevitably drives attackers to evolve their tactics, exploiting new gaps and vulnerabilities. From the early days of signature-based antivirus solutions in the 1980s to…

This is the story of how I used a Gmail message to trigger code execution through Claude Desktop, and how Claude itself (!) helped me plan the attack.

I installed it from here: https://crystalmark.info/en/download/

The install file was called
"CrystalDiskInfo9_7_0Ads.exe"

The "ads" part has me worried. I tried downloading it 5 different times...

MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework.

LibAFL # The LibAFL fuzzer implements features from AFL-based fuzzers like AFL++. Similarly to AFL++, LibAFL provides better fuzzing performance and more advanced features over libFuzzer. However, with LibAFL, all functionality is provided in a modular and…

We bypassed leading Android root-detection SDKs and show what that means for banking, government-ID and anti-fraud apps running on rooted devices.

Get the latest information on security vulnerabilities and zero day exploits.

GitLab patched critical auth bugs. McDonald's leaked 64M records through a basic IDOR. Authorization bugs aren't new but AI can now find them at scale. We turned LLMs loose on modern codebases and discovered why 2025 is the year IDORs go from manual pentest…

Modern crypto jacking has evolved into a silent, multi-stage attacks.