Dear #Ghidra experts, I am trying to import and analyze a plain flat binary file with firmware for a known CPU architecture. As I am not sure about the start address, I am playing around with it. For analysis, it's super useful to create the memory map (ROM section, RAM sections, NVM and memory-mapped peripherals). Especially access to peripherals will assist in finding out what the code is doing. I don't want to manually write the map. What's best? 🧵

#reverseEngineering #hacking #infoSec

ReVa 7.3.0 is released! ✨

- Support for binary diffing and version tracking. A lot of time optimizing this for the LLM to work on small and large binaries 🫠
- Support for background analysis (useful for large firmware!)

https://github.com/cyberkaida/reverse-engineering-assistant/releases

#Ghidra #ReverseEngineering #ReVa #Malware

After being stupid and deleting everything that I collected in my previous attempts to reverse engineer Origin's 1995 game CyberMage: Darklight Awakening, I took the release of #Fable 5 as motivation to start over, but this time fully automated, with the agent controlling headless #Ghidra.

tl;dr: Fable does very much NOT like to patch binaries, not even 30 year old DOS EXEs. 🤣

CVE-2026-52750 - Command Injection in Ghidra on Windows. Malicious URLs in comments execute arbitrary commands. CVSS 7.8. Disable URL clicking or block untrusted files. #CVE #Ghidra #infosec

https://www.valtersit.com/cve/CVE-2026-52750/

📣🚨 Watch out as hackers are cloning Ghidra, dnSpy, ILSpy and other free tool sites to spread malware through fake downloads, including RemusStealer, crypto clippers and loaders.

Read: https://hackread.com/hackers-clone-ghidra-dnspy-tool-sites-spread-malware/

#Cybersecurity #Malware #Ghidra #dnSpy #RemusStealer

🚨 #Google piégé ? Ce script invisible infecte les utilisateurs d'outils open source

https://goodtech.info/google-recherche-malware-faux-sites-open-source-click-hijacking/

> Attention où vous cliquez ! 🚨 Une gigantesque campagne cyber usurpe l'identité de projets open source célèbres (#Ghidra, #SpiderFoot) directement sur Google. Grâce à un script invisible, le bouton de téléchargement vous pirate même si le lien affiché pointe vers le vrai GitHub. On vous dévoile les coulisses de ce piège diabolique 👇