Jann Hornfrom the Security Cryptography Whatever podcast, talking about openssl API design choices: https://youtu.be/jhdLja5mWbU
| Pronoun | er/he |
Liam
- 153 Followers
- 111 Following
- 233 Posts
in search for flags and vulns
After a long time, I started looking at V8 again this weekend, probably not reachable though: https://chromium-review.googlesource.com/c/v8/v8/+/7594526
@fl0w from what I know about their Fuzzilli fuzzing cluster, it's 4x what we had at the peak. + not just for a few days on one version, but continuously on every version.
Google took our research paper "DUMPLING: Fine-grained Differential JavaScript Engine Fuzzing" and upstreamed the code to both v8 and Fuzzilli, where it will be maintained and actively run on more cores than we could ever rent.
FlΓΌpkehttps://access.redhat.com/security/cve/cve-2025-68973
> To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG.
Before verifying a signature with GnuPG use some secure scheme to verify authenticity? ππππ
Anyone at #39c3 who happens to have TI TMS320C6000 binaries or even actual hardware here. Please reach out over DECT 6087, here, or at the KITCTF assembly in the CTF area.