Mastodawn

read this and try to tell me cloud wasnt a mistake

https://labs.watchtowr.com/8-million-requests-later-we-made-the-solarwinds-supply-chain-attack-look-amateur/

8 Million Requests Later, We Made The SolarWinds Supply Chain Attack Look Amateur

Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies, supply chains, software development systems and environments, and more. “Ugh, won’t they just stick to creating poor-quality memes?” we hear you moan. Maybe we should, maybe

watchTowr Labs

drone 4d ago

Jann Horn 4d ago

oh, this sounds like an exciting Xen >=4.17 bug affecting HVM/PVH modes:
"Use after free of paging structures in EPT"
https://xenbits.xen.org/xsa/advisory-480.html

XSA-480 - Xen Security Advisories

drone 4d ago

buherator 4d ago

[RSS] From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow

https://osec.io/blog/2026-03-17-virtio-snd-qemu-hypervisor-escape

Unfaithful Claims: Breaking 6 zkVMs

A zkVM verifier should be faithful to one thing above all else: its public claims. Yet we found six systems where this guarantee breaks. Learn how a subtle ordering bug lets an attacker bypass the cryptography entirely and prove mathematically impossible statements.

OtterSec

drone 4d ago

buherator 4d ago

snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

https://www.openwall.com/lists/oss-security/2026/03/17/8

Qualys just can't stop!

oss-security - snap-confine + systemd-tmpfiles = root (CVE-2026-3888)

drone Mar 13

buherator Mar 13

[RSS] A Nerd's Life: Weeks of Firmware Teardown to Prove We Were Right

http://blog.quarkslab.com/nerd-life-weeks-firmware-teardown-we-were-right.html

A Nerd's Life: Weeks of Firmware Teardown to Prove We Were Right - Quarkslab's blog

In a blog post published last December, we demonstrated how we managed to extract the firmware from a smartwatch by exploiting an out-of-bounds read vulnerability and spying on its screen interface. Follow us on our long and unexpected journey to figure out how this smartwatch can measure heart rate or blood pressure with no visible sensor, the problems we encountered while analyzing its firmware, and how we solved them to uncover The Truth about this device.

drone Mar 12

TrendAI Zero Day Initiative Mar 12

Announcing #Pwn2Own Berlin 2026! We've got 10 categories for targets, including an expanded #AI target list. We have 4 AI categories - including coding agents (looking at you #Claude). More than $1,000,000 in cash & prizes available. Read the details at https://www.zerodayinitiative.com/blog/2026/3/11/announcing-pwn2own-berlin-for-2026

Zero Day Initiative — Announcing Pwn2Own Berlin for 2026

If you just want to read the contest rules, click here . Willkommen zurück, meine Damen und Herren, zu unserem zweiten Wettbewerb in Berlin! That’s correct (if Google translate didn’t steer me wrong). After our inaugural competition last year, Pwn2Own returns to Berlin and Offens

Zero Day Initiative

drone Mar 12

Atredis Mar 12

We decided to revisit an old research problem with some new LLM powered tooling. Check out our latest blog post to see how we approached this research, and the new Java deserialization gadget chains it discovered in just two days! www.atredis.com/blog/2026/3/12/findings-gadgets-like-its-2026

drone Mar 11

Lorenzo Franceschi-Bicchierai Mar 10

SCOOP: The iPhone mass hacking toolkit used by Russian spies was developed at U.S. military contractor L3Harris, former employees said.

The Coruna toolkit was used against Ukrainians during the war and by Chinese cybercriminals, according to Google.

But the toolkit was initially developed for governments in the Five Eyes spy alliance, and it was used in Operation Triangulation, according to one source.

https://techcrunch.com/2026/03/09/an-iphone-hacking-toolkit-used-by-russian-spies-likely-came-from-u-s-military-contractor/

The mystery of a globetrotting iPhone-hacking toolkit

Tools used in a series of hacking campaigns by hackers in Russia, Ukraine, and China may have originated inside U.S. government contractor L3Harris, TechCrunch has learned.

TechCrunch

drone Mar 9

Hoshino Lina (星乃リナ) 🩵 3D Yuri Wedding 2026!!!Mar 9

There's a lot of discourse on Twitter about people using LLMs to solve CTF challenges. I used to write CTF challenges in a past life, so I threw a couple of my hardest ones at it.

We're screwed.

At least with text-file style challenges ("source code provided" etc), Claude Opus solves them quickly. For the "simpler" of the two, it just very quickly ran through the steps to solve it. For the more "ridiculous" challenge, it took a long while, and in fact as I type this it's still burning tokens "verifying" the flag even though it very obviously found the flag and it knows it (it's leetspeak and it identified that and that it's plausible). LLMs are, indeed, still completely unintelligent, because no human would waste time verifying a flag and second-guessing itself when it very obviously is correct. (Also you could just run it...)

But that doesn't matter, because it found it.

The thing is, CTF challenges aren't about inventing the next great invention or having a rare spark of genius. CTF challenges are about learning things by doing. You're supposed to enjoy the process. The whole point of a well-designed CTF challenge is that anyone, given enough time and effort and self-improvement and learning, can solve it. The goal isn't actually to get the flag, otherwise you'd just ask another team for the flag (which is against the rules of course). The goal is to get the flag by yourself. If you ask an LLM to get the flag for you, you aren't doing that.

(Continued)

drone Mar 5

Natalie Silvanovich Mar 5

Ivan Fratric shares some tips and tricks for grammar fuzzing

https://projectzero.google/2026/03/mutational-grammar-fuzzing.html

On the Effectiveness of Mutational Grammar Fuzzing

Mutational grammar fuzzing is a fuzzing technique in which the fuzzer uses a predefined grammar t...