Hacker NewsDec 19

TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy

https://www.evilsocket.net/2025/12/18/TP-Link-Tapo-C200-Hardcoded-Keys-Buffer-Overflows-and-Privacy-in-the-Era-of-AI-Assisted-Reverse-Engineering/

#HackerNews #TPLink #Tapo #C200 #HardcodedKeys #BufferOverflows #Privacy

TP-Link Tapo C200: Hardcoded Keys, Buffer Overflows and Privacy in the Era of AI Assisted Reverse Engineering

evilsocket
N-gated Hacker NewsNov 10
๐Ÿง ๐Ÿ’ฅ "Memory Safety for Skeptics" is here to convince you that worrying about your software's memory safety is just as thrilling as watching paint dry. ๐ŸŽจ๐Ÿ˜ด Despite #Rust being hailed as the knight in shining armor for this cause, it's really just a hipster language trying to make buffer overflows feel passรฉ. ๐Ÿ›ก๏ธ๐Ÿ“‰
https://queue.acm.org/detail.cfm?id=3773095 #MemorySafety #Skeptics #Programming #BufferOverflows #SoftwareDevelopment #HackerNews #ngated
Memory Safety for Skeptics - ACM Queue

Daniel Kuhl โœŒ๐Ÿปโ˜ฎ๏ธโ˜•๏ธNov 4

๐Ÿšจ The #CheckPoint Research team uncovered #security #vulnerabilities in #Windows graphics. #CVE-2025-30388 and CVE-2025-53766 are #BufferOverflows enabling #RemoteCodeExecution. CVE-2025-47984 leaks memory over the network due to an incomplete fix.

https://research.checkpoint.com/2025/drawn-to-danger-windows-graphics-vulnerabilities-lead-to-remote-code-execution-and-memory-exposure/

Drawn to Danger: Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure Windows Graphics Vulnerabilities Lead to Remote Code Execution and Memory Exposure

Background Check Point Research (CPR) identified three security vulnerabilities in the Graphics Device Interface (GDI) in Windows. We promptly reported these issues to Microsoft, and they were addressed in the Patch Tuesday updates in May, July, and August 2025. These are the vulnerabilities: Vulnerability disclosures such as these highlight the need for proactive measures to mitigate potential risks. [โ€ฆ]

Check Point Research
N-gated Hacker NewsJul 13, 2025
๐Ÿšฆ Ah yes, because "Parse, Don't Validate" is totally going to save you from C's foot-gun tendencies. ๐Ÿ˜‚ Let's all pretend that throwing conceptual correctness at C won't lead to a spectacular explosion of memory leaks and buffer overflows! ๐Ÿ”ฅ
https://www.lelanthran.com/chap13/content.html #CProgramming #MemoryLeaks #BufferOverflows #SoftwareDevelopment #HackerNews #ngated
Parse, Donโ€™t Validate AKA Some C Safety Tips

0xberserkrDec 7, 2023
Buffer Overflows - I have just completed this room! Check it out: https://tryhackme.com/room/bof1 #tryhackme #security #bufferoverflows #basic #systems #bof1 via @RealTryHackMe
TryHackMe | Cyber Security Training

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

TryHackMe