OffSequenceMay 4
⚠️ CVE-2026-7712: MEDIUM severity deserialization vuln in MindsDB ≤26.01 (pickle.loads). Public exploit available, remote attack possible. No vendor response yet. Check your exposure. https://radar.offseq.com/threat/cve-2026-7712-deserialization-in-mindsdb-da28edb5 #OffSeq #MindsDB #Vuln #Deserialization
LOGIC AND LEGACYMay 3

⚔️ Backend Serialization — JSON, Pickle Opcodes & The Universal Type Fallacy (2026)

Serialization bridges hardware and language divides, but are your current

Read more: https://logicandlegacy.blogspot.com/2026/05/backend-serialization-json-pickle.html?utm_source=mastodon&utm_medium=social&utm_campaign=dharma_engine

#serialization #deserialization #endianness

Backend Serialization — JSON, Pickle Opcodes & The Universal Type Fallacy (2026)

Master Python serialization architecture. Learn why you cannot send memory across a network, the fallacy of universal types, and how Pickle's Stack

N-gated Hacker NewsApr 26
🚀 Wow! A 5-minute epic on how rearranging some #structs 🏗️ in #Rust saves a whopping 475 MB of #memory. Who knew struct feng shui could revolutionize #JSON deserialization? 🙄 Next up, "How I Saved The World by Organizing My Sock Drawer." 🧦
https://dystroy.org/blog/box-to-save-memory/ #Optimization #Deserialization #HackerNews #TechHumor #HackerNews #ngated
Box to save memory

dystroy - blog

Python PeakJan 12

YAML Load Executes Arbitrary Code Compromising 470 Servers?!

YAML RCE APOCALYPSE! yaml.load() executes Python! Attacker uploads malicious config! Backdoor on all servers! 4.7M database exfiltrated! $47M breach! CISO ARRESTED!

#python #pythondisaster #yaml #remotecodeexecution #configloading #productionbug #pythonshorts #pythonwtf #deserialization #careerending #criminalcharges #pyyaml

https://www.youtube.com/watch?v=Lvvwf-SaDeE

YAML Load Executes Arbitrary Code Compromising 470 Servers?! #YAML

YouTube
PSConfEUDec 24
💣 CLIXML #deserialization in #PowerShell isn't harmless… At #PSConfEU 2025, Alexander Andersson showed how it enables: ✔ Lateral movement ✔ Privilege escalation ✔ Guest-to-host VM breakouts 🎟️ Early bird 2026 tickets → psconf.eu #Security #CLIXML

- YouTube
Home - PSConfEU

Discover PowerShell scripting & automation at psconf.eu. Join experts, learn, & boost productivity. Elevate your skills today!

PSConfEU
RedPacket SecurityDec 19

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed FileTransfer vulnerability - https://www.redpacketsecurity.com/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-filetransfer-vulnerability/

#threatintel
#CVE-2025-10035
#GoAnywhere MFT
#Deserialization vulnerability
#Storm-1175
#Medusa ransomware

RedPacket SecurityDec 19

Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed FileTransfer vulnerability - https://www.redpacketsecurity.com/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-filetransfer-vulnerability/

#threatintel
#CVE-2025-10035
#GoAnywhere MFT
#Deserialization vulnerability
#Storm-1175
#Medusa ransomware

Alexandre BorgesDec 4

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478):

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber

This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed an incredible amount of incorrect PoCs floating around on GitHub that do not

Searchlight Cyber
Alexandre BorgesDec 4

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478):

https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/

#exploit #exploitation #infosec #informationsecurity #cve #rce #hacking #deserialization

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) › Searchlight Cyber

This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed an incredible amount of incorrect PoCs floating around on GitHub that do not

Searchlight Cyber
Alexandre BorgesNov 13, 2025

Making Serialization Gadgets by Hand - .NET:

https://www.vulncheck.com/blog/making-dotnet-gadgets

#dotnet #infosec #deserialization #hacking #programming #exploit #exploitation