Exploring GrapheneOS secure allocator: Hardened Malloc Exploring GrapheneOS secure allocator: Hardened Malloc

A technical look at @grapheneos.org Hardened Malloc, a memory allocator designed to mitigate heap corruption vulnerabilities (UAF, overflows) and break common exploit primitives.
Deep dive for security researchers & exploit developers by @nicoski.bsky.social
www.synacktiv.com/en/publicati...

Let Me Cook You a Vulnerability: Exploiting the Thermomix TM5 Hardware Analysis The Thermomix TM5 is a multifunctional kitchen appliance composed of two key electronic boards: the power board, which handles the motor and heating functions, and the main board, w

Ever thought your kitchen appliance could harbor a persistent threat?
We reverse-engineered the Thermomix TM5 and uncovered vulnerabilities allowing arbitrary code execution, persistence, and secure boot bypass.
Discover our step-by-step breakdown!
www.synacktiv.com/en/publicati...

It's already #SSTIC2025 day 2! @remi-j.bsky.social and us3r present the Windows kernel shadow stack mitigation 🪟

For our first talk, Ambre presents her previous research about firmware images identification #SSTIC2025

iOS 18.4 - dlsym considered harmful Observations We first observed the bug in a custom iOS application compiled for the arm64e architecture (thus supporting PAC instructions).

In iOS 18.4, Apple introduced a bug in dynamic symbol resolutions for some specific exports. @0xf4b.bsky.social took a long journey down a rabbit hole to understand its root cause.
www.synacktiv.com/en/publicati...

Exploiting Neverwinter Nights Introduction Neverwinter Nights is an RPG based video game developed by BioWare and Obsidian Entertainment in 2002.

Interested in vulnerabilities in video games? 🎮
@tomtombinary.bsky.social presented critical flaws in Neverwinter Nights Enhanced Edition at #Hexacon, which could allow attackers to take control of players' computers. 🛡️
Check out the full details of these bugs!👇
www.synacktiv.com/en/publicati...

Speedrunners = vulnerability researchers Video game enthusiasts are developing experience in the cybersecurity industry by accident. Discover how gaming skills can translate into intriguing careers.

Speedrunners are vulnerability researchers, they just don't know it yet Discussion

Hackers rejoice!

We are releasing the Phrack 71 PDF for you today!

Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue!

The CFP is still open, you can find it and the PDF link at phrack.org

Image of the game cartridge showing the RJ15 jack at the top for modem connectivity. Image contributed by GreatPants and shared from fandom: https://nintendo.fandom.com/wiki/Morita_Shogi_64?file=Sans_titre5.png

Today I learned that the N64 game "Morita Shogi 64", a Shogi game with a built in modem for online play, has a RCE exploit that was granted a CVE

nvd.nist.gov/vuln/detail/...

Crazy Taxi with Live Backing Band by chuckles825 in 18:59 - Awesome Games Done Quick 2025 YouTube video by Games Done Quick

Words cannot describe how amazing that Crazy Taxi run was. Thanks for tuning in! VOD is already up on YouTube for those who missed it or want to see it again! #AGDQ2025 youtu.be/G4AomNJHzHk?...

We are now on #BlueSky! We'll start posting our news here too 😊

Frinet: reverse-engineering made easier

Discover a new tool for reverse engineers: "Frinet", by myr and hexabeast

Hello bsky!