Find out the best Capture The Flag that match your interests. Prove your mettle and win exciting prizes like job opportunities and cash rewards from leading ... | 2025 | 1557733

Another week, another mix of hardware-level hacks, fresh zero-days, and even law-enforcement news. Let’s break down what mattered most.

EDR-Freeze exploits the vulnerability of WerFaultSecure to suspend the processes of EDRs and Antimalware, halting the operation of Antivirus and EDR

Were tracking an ongoing, widespread infostealer campaign targeting Mac users through fraudulent GitHub repositories.

What's electron?, the design of electron desktop app, the story bug of the bug, the static code of the bug and how to find it, how to develop it and explain the code, explain how to discover it,...

Why vendors can’t and shouldn’t be trusted

BlackLock has quickly climbed the ranks in the global ransomware scene, setting new benchmarks for attack frequency and technical complexity. Emerging in March 2024 under the name El Dorado, t…

Introducing OpenFirebase - Time to clean up the Firebase mess

We will delve into general satphone SIGINT capabilities, supply chain security, and security aspects of the latest Huawei Mate Tiantong-enabled smartphones.

Built-into all iPhone Air, iPhone 17 and 17 Pro.

File transfer used to be simple fun - fire up your favourite FTP client, log in to a glFTPd site, and you were done.

Fast forward to 2025, and the same act requires a procurement team, a web interface, and a vendor proudly waving their Secure by Design pledge.…

"Even a small key can open a big lock" Azerbaijani Proverb ---[ Index 1 - Introduction 2 - Tradition 2.1 - ReDoS, not the OS 2.2 - REGEXP, RLIKE and others 3 - How insecure, secure implementations are? 4 - Study Case: myBB 4.1 - Identification 4.2 - Perfect…

In one of our recent posts, Dennis shared an interesting case study of C# exploitation that rode on Random-based password-reset tokens. He demonstrated how to use the single-packet attack, or a bit of old-school math, to beat the game. Recently, I performed…

This post analyzes Furbo’s BLE communication, uncovering flaws that expose Wi-Fi credentials, allow device resets, and reveal hidden GATT data.