CoinpaperNov 20
🔍 NEW: #Quarkslab completed the first public third-party audit of #Bitcoin Core’s codebase, reporting no critical or high-severity issues after a four-month review of its P2P and consensus layers!
N-gated Hacker NewsOct 15, 2025
Ah, another *riveting* tale of tech wizards turning software quirks into security nightmares 🎩✨. NVIDIA's drivers are as stable as a unicycle on a tightrope, and #Quarkslab is here to make sure everyone knows it, because apparently, there are not enough blogs to repeat their name 🥱📝.
https://blog.quarkslab.com/./nvidia_gpu_kernel_vmalloc_exploit.html #techsecurity #softwarebugs #NVIDIA #cybersecurity #tales #HackerNews #ngated
Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers - Quarkslab's blog

This article details two bugs discovered in the NVIDIA Linux Open GPU Kernel Modules and demonstrates how they can be exploited. The bugs can be triggered by an attacker controlling a local unprivileged process. Their security implications were confirmed via a proof of concept that achieves kernel read and write primitives.

Hacker NewsJun 29, 2025

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

https://blog.quarkslab.com/./technical-dive-into-modern-phishing.html

#HackerNews #Phishing #ModernTech #CyberSecurity #DeepDive #Quarkslab

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies - Quarkslab's blog

A technical exploration of modern phishing tactics, from basic HTML pages to advanced MFA-bypassing techniques, with analysis of infrastructure setup and delivery methods used by phishers in 2025.

Jeroen Ruigrok van der WervenAug 21, 2024

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

Backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.

https://www.securityweek.com/major-backdoor-in-millions-of-rfid-cards-allows-instant-cloning/

#RFID #Cloning #Security #ShanghaiFudanMicroelectronics #Quarkslab

Major Backdoor in Millions of RFID Cards Allows Instant Cloning

A backdoor allows cloning of contactless RFID smart cards that are used to open office doors and hotel rooms around the world.

SecurityWeek
Christophe Brocas Dec 13, 2022

Congratulations @cryptocorn 💙​ for your #pwn2own experience with #quarkslab team ( Robin David, Benoit Forgette and @virtualabs )!

#pwn2own 2022 Toronto wrap up: https://www.youtube.com/watch?v=bJkod2sJTHA

#StepByStep accomplishment 👏​
#ProudFather 😇​

Wrapping Up Pwn2Own Toronto 2022

YouTube
erAckApr 30, 2021

The #Oxen (ex #Loki) #Session #messenger had its code #audit by #Quarkslab completed and published.

https://getsession.org/session-code-audit/

https://blog.quarkslab.com/audit-of-session-secure-messaging-application.html

#security #privacy #onion tied to #cryptocurrency

Session code audit: Technical report published by Quarkslab - Session

A Session code audit for the Android, iOS, and Desktop versions of Session been completed by the cybersecurity research company Quarkslab.

Session
ReverberationApr 30, 2021

se vi interessa è uscito il report degli audit formali di session , fatti da quarkslab:

https://blog.quarkslab.com/audit-of-session-secure-messaging-application.html

se non ho capito male però solo durante l'ultimo audit del client desktop era già stato implementato il nuovo protocollo

Dicono che alcune vulnerabilità (in teoria quelle più rilevanti), riscontrate negli audit sono già state fixate:

https://getsession.org/session-code-audit/

#session #audit #quarkslab #privacy #security #freesoftware #messenger #opensource #foss #oxen #sicurezza #metadata #metadati

Audit of Session Secure Messaging Application - Quarkslab's blog

Oxen [1] mandated Quarkslab to perform an audit of their instant messaging solution Session [2]. This application, forked from Signal, aims to improve users privacy by using an onion routing mechanism [3]. This mechanism differs from Tor's one by requiring a deposit in their own cryptocurrency to operate a Service Node (Snode [4] ), the Oxen equivalent of a Tor Entry, Relay or Exit Node. While reviewing the architecture of this solution, we found some issues and provided recommendations to improve parts of the implementations.