Founder & CEO of runZero (@runZeroInc - https://runzero.com), previously the founder and lead developer of Metasploit, a CSO, a consultant, and the head of various security research teams.
My work is focused on #infosec, #security, #networking, #discovery, #osint, #postgresql, #aws, #engineering, #opensource, #devops, and #startup stuff. For fun I write #golang, build #IoT projects, and #run in circles.
| Home | https://hdm.io |
| Github | https://github.com/hdm |
| Work | https://www.runzero.com/ |
| https://twitter.com/hdmoore | |
| Bluesky | https://bsky.app/profile/hdm.bsky.social |
| Signal | hdm.01 |
ATX Go is TONIGHT (a week early this month):
Hey gophers! Join us Wednesday (May 6th, today), 6:30β8:30pm at Station Austin (ie. Capital Factory) 16th floor, in "Antones" for our monthly meetup. You know the drill: π pizza, π» beer, and a few short talks on Go. Bring a talk, a friend, or an idea!
ATX Go is a week early this month, tomorrow night!
Hey gophers! Join us Wednesday, 6:30β8:30pm at Station Austin (ie. Capital Factory) 16th floor, in "Antones" for our monthly meetup. You know the drill: π pizza, π» beer, a few short talks on Go, and general discussion. Whether you write Go all day or just dabble on the weekends, come hang out and meet other folks in the Austin Go community.
RE: https://infosec.exchange/@runZeroInc/116493908814143481
Excited to share what we've been cooking for the last few months:
Interactive attack graphs, with hop-by-hop planning, support for over 220 protocols, and no-auth backplane enumeration to identify non-IP systems unauth over the network!
Our free trial includes a fun Demo Organization you can explore and converts into our free Community Edition at the end (with all of the same capabilities, just a lower asset limit)!
π¨ New runZero 4.9: Shatter the segmentation illusion and reveal hidden attack paths across IT and #OT environments!
Experience the power of our latest release:
π Interactive attack path mapping
ποΈ Multi-homed & bridge detection
πΊοΈ 2D/3D searchable topology
π§ Deep OT intelligence, including field-level discovery
π₯ Real-world risk prioritization
β
Identify protocol exposures
π» UI/UX enhancements
π Learn more at: https://www.runzero.com/blog/runzero-4-9
There is a bunch of buzz along the lines of "Apple FINALLY backports DarkSword related fixes to 18.x and will release this on April 1".
Based on publicly available information this is incorrect.
What Apple has actually done broadened the device models that are eligible to upgrade to iOS/iPadOS 18.
Per Google [1] every vuln in the DarkSword kit except for CVE-2026-20700 had already been patched in iOS 18 as of 18.7.3 which was released on Dec 12, 2025.
Per Apple [2], CVE-2026-20700 is not included in 18.7.7 which was released today.
Apple has placed an easy to miss note at the top of the release notes:
"We enabled the availability of iOS 18.7.7 for more devices on April 1, 2026, so users with Automatic Updates turned on can automatically receive important security protections from web attacks called Darksword. The fixes associated with the Darksword exploit first shipped in 2025."
Unfortunately I don't see an indication of which devices are newly eligible to upgrade to iOS/iPadOS 18.
References:
Google DarkSword writeup - https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Apple iOS/iPadOS 18.7.7 release notes:
https://support.apple.com/en-us/126793
runZero, Inc
Tom Sellers