How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack - writeup.md

Principal Security Engineer Tao Sauvage uncovers four SAPCAR bugs, where parsing a SAR archive could lead to local privilege escalation.

We don’t lack cybersecurity ideas. We lack companies hiring juniors and products that are secure by default. These two problems are connected, and until we fix both, we’ll keep talking about a skills shortage while making it impossible to build a secure society.

In this blog post, we present our approach for uncovering vulnerabilities by combining LLM reasoning with static analysis. By layering an LLM on top of CodeQL, we significantly reduce the...

A critical vulnerability in mcp-remote affected 558,846 downloads. The bug was client-side, but the attack exploited OAuth dynamic discovery—a trust assumption that breaks for autonomous agents.

CyberCTF.space is launching soon. Join the waitlist for early access to hands-on cybersecurity CTF and Blue Team labs.

About 2 years ago, Microsoft first released Win32-App-isolation which is a sandbox-like mechanism to further separate application access to resources on Windows clients. Brokering File System (BFS) was released around the same time to specifically …

AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…

A year-in-review going over 19+ bugs in Mediatek’s MT76xx/MT7915 (and others) wifi chipsets I reported this year, PoCs included!

Detect Claude Computer Use and OpenAI Operator through timing analysis, cursor patterns, and prompt

I was chatting with a close friend of mine and he sent me a link to his new SaaS that he's developing.

The List-Unsubscribe SMTP header is standardized but often overlooked during security assessments. It allows email clients to provide an easy way for end-users to unsubscribe from mailing lists.
This post discusses how this header can be abused to perform…

Deep dive into MacSync Stealer (UserSyncWorker variant), a MaaS infostealer featuring Gatekeeper bypass via notarized Swift dropper, code signature validation, and multi-layer payload obfuscation

Docket for United States v. LICHTENSTEIN, 1:23-cr-00239 — Brought to you by Free Law Project, a non-profit dedicated to creating high quality open legal information.

This paper presents a groundbreaking cryptanalytic framework for the SHA-256 hash function. By mapping the 2^32 modular addition space into a fractional domain [0, 1), I demonstrate that the non-linear "noise" generated by modular overflows is not random…

Explore our extensive archive of in-depth tech reviews, scientific breakthroughs, and cybersecurity analysis. Find the specs, facts, and expert insig