Mastodawn

Who needs containers? You do! If you reverse firmware, macho files, malware, or many other formats! Come see what's unlocked in Binary Ninja by this feature in our latest blog post from Brian:

https://binary.ninja/2026/03/31/container-transforms.html

avallach 2d ago

Catalin Cimpanu 2d ago

Squiblydoo has released the CertGraveyard, a centralized place to document the abuse of code-signing certificates

https://certgraveyard.org/

https://squiblydoo.blog/2026/04/01/the-certgraveyard/

The Cert Graveyard

avallach 2d ago

Virus Bulletin 2d ago

Proofpoint Threat Research Team reports that China-aligned TA416 resumed targeting European government and diplomatic organizations from mid-2025. They also observed a March 2026 expansion into Middle Eastern diplomatic and government entities, alongside evolving PlugX delivery chains. https://www.proofpoint.com/us/blog/threat-insight/id-come-running-back-eu-again-ta416-resumes-european-government-espionage

avallach 3d ago

Binary Ninja 3d ago

Sludge?! In Binary Ninja? Happy April 1st! (Yes, the plugin is real though)

https://github.com/CouleeApps/sludge_content_sidebar

Now available in the plugin manager.

avallach 3d ago

Jimmy Wylie 3d ago

TIL FLARE distributes educational content for free on GitHub.

https://github.com/mandiant/flare-learning-hub

avallach 4d ago

Natalie Silvanovich 4d ago

Just put a reminder in my calendar for November 1, 2026 to check whether we still have bugs

avallach 4d ago

Miron 🇪🇺5d ago

If you're using OPNSense, you should know there's a high quality blocklist made in the EU called https://qfeeds.com/ that you can use.

Check this video out, it's really easy to setup: https://www.youtube.com/watch?v=RYEizNBE9Y0

#opnsense #pfsense #security #malware #selfhosted

Boost your security posture with Q-Feeds' CTI Integration

Q-Feeds delivers real-time cyber threat intelligence with actionable data and easy integration to protect organizations from phishing, botnets, and more.

Q-Feeds

avallach 4d ago

Tillmann Werner 4d ago

Two scenarios possibly resulting from today's Claude Code source code leak¹:

1. Attackers study the built-in permission system to figure out how to bypass it. Claude Code is the target here. It is strange that the software requesting permission is the same that enforces security boundaries, anyway.

2. Attackers distribute custom builds that
do nasty stuff like stealing API keys, running commands, backdooring code. Here, a specially crafted Claude Code is the attack vector.

¹: https://x.com/Fried_rice/status/2038894956459290963

Chaofan Shou (@Fried_rice) on X

Claude code source code has been leaked via a map file in their npm registry! Code: https://t.co/jBiMoOzt8G

X (formerly Twitter)

avallach 4d ago

Decoder Loop 4d ago

We just wrapped up Deconstructing Rust Binaries, our Rust reverse engineering course, at Ringzer0 last week! It was a real pleasure teaching an engaged class.

Missed out? We're running Deconstructing Rust Binaries again at @NorthSec in Montreal, May 11-13, in a hybrid format: https://nsec.io/training/2026-deconstructing-rust-binaries/

3 full days of the first comprehensive course on reversing Rust binaries, using real Rust malware as practice. Save your spot now!

#rustlang #ReverseEngineering #MalwareAnalysis #malware #infosec

avallach 5d ago

HD Moore 5d ago

Tom Ptacek posted a great writeup titled "Vulnerability Research Is Cooked", covering the state of vulndev and its rapidly accelerating future:
https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/

mlget	http://github.com/xorhex/mlget
blog	https://blog.xorhex.com
twittodon	https://twittodon.com/share.php?t=xorhex&[email protected]

The Cert Graveyard

Boost your security posture with Q-Feeds' CTI Integration

Chaofan Shou (@Fried_rice) on X

Vulnerability Research Is Cooked — Quarrelsome