/r/netsecSquidbleed (CVE-2026-47729) - Heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration https://blog.calif.io/p/squidbleed-cve-2026-47729
| Personal website | https://fredericb.info |
- 145 Followers
- 990 Following
- 173 Posts
#YOLOL Information Security
Breaking down the new Qualcomm chip vulnerability - https://www.kaspersky.com/blog/qualcomm-cve-2026-25262/55811/ #bootrom #pbl #edl #CVE-2026-25262
Qualcomm vulnerability: phone repairs and car maintenance are no longer safe
Kaspersky experts have discovered an unpatchable vulnerability in popular Qualcomm chips used in smartphones, cars, smart devices, industrial equipment, and much more. We explain what this vulnerability is and what device owners should do.
Lobstersusbliter8- Apple A12/A13 bootrom exploit https://lobste.rs/s/sclobo #ios #reversing
https://ps.tc/pages/blog-usbliter8.html
https://ps.tc/pages/blog-usbliter8.html
Ars TechnicaTests suggest Russian satellites can jam GPS on a continental scale
Mystery of GPS interference across Europe raises questions about Russian motives.
https://arstechnica.com/space/2026/06/tests-suggest-russian-satellites-can-jam-gps-on-a-continental-scale/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social
Steven MurdochFor 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer
Atc1441Just finished an new E-Paper firmware SoC port🥳
The long hated Realtek RTL8762ESL and RTL8752HJL now got a fully featured ATC_RTL_BLE_OEPL Firmware and so have full OpenEpaperLink Support
Released on GitHub:
https://github.com/atc1441/ATC_RTL_BLE_OEPL
hackadayHoneywell X2S Smart Thermostat Firmware Reverse-Engineering
https://hackaday.com/2026/05/26/honeywell-x2s-smart-thermostat-firmware-reverse-engineering/
raptorsetresuid(⚡): #Glitching Google's TV Streamer from #adb to root by @raelizecom
“TL;DR: We presented this attack at hardwear.io NL 2025. Starting from an unprivileged adb shell on Google’s TV Streamer 4K, we use an ElectroMagnetic (EM) glitch on the Mediatek MT8696’s CPU to bypass the kernel-side capability checks of the setresuid syscall. The kernel falls through to commit_creds(), our calling process gets uid = 0, and we drop a telnetd-static listener on the device. We’re not there all the way, SELinux is still in effect, but the we glitched from shell to root on a 1.8 GHz Cortex-A55 CPU.”
https://raelize.com/blog/setresuid-glitching-google-tv-streamer-from-adb-to-root/
Jake in the desertBrilliant stealth signal method bypassing blackouts in Iran -- great piece about 'Toosheh' and how it works: https://spectrum.ieee.org/iran-internet-blackout-satellite-tv
Hacker NewsCopy Fail – CVE-2026-31431
#HackerNews #CopyFail #CVE2026 #Security #Vulnerability #HackerNews #TechNews
