The next battleground is in sight, and things are going to move fast. Half-baked tech pitched as transformational will be quickly adopted and thrown in front of children without any validation, but the demos will be amazing!
We just published @firefox.com updates to fix the exploits used at the Pwn2Own contest yesterday and today. Both contestants achieved RCE in our content process but did not escape the sandbox.
blog.mozilla.org/security/202...
It’s only Tuesday but the first night of Lobbycon has already started! 🍻
Well, there is a Hofbräu. Secret takeover? 🤔
Because the fix took long or just long process in general?
the takeover has begun..
trainings start tomorrow morning!
RUMOURS are TRUE 🤷♀️
PHRACK will be releasing a SPECIAL #71.5 👉HARDCOVER👈 at www.offensivecon.org BERLIN ("The 𞅀-Day Edition").
Main #72 release THIS SUMMER at MULTIPLE conferences (main release at WHY2025). ❤️
2025 agenda is out!
www.offensivecon.org/agenda/2025....
Two photos. In the first, deep in a conifer forest a man in winter clothes holds a reindeer and sprays something from an aerosol can on the antlers. The second photo is of a small town street in the dead of night. Little shops and dim street lights. A deer stands in the middle of the road. It's barely visible, just a feint silhouette. But, its eyes and antlers glow like something ancient and supernatural.
To prevent deer from being hit by cars Finland has tried using reflective paint. (www.smithsonianmag.com/smart-news/avoid-deer-st...
File this under "solutions to modern problems that summon the old gods."
Very cool, bsky becomes more and more a complete replacement for the dead bird on my topics.
Still adding people as they wash up here
go.bsky.app/EhGFSVj
Karriere als Youtube-DJ? 😁 Sehr cool jedenfalls
The BlackHoodie training at OffensiveCon has a whole of 2 seats left, and we will have a special give-away with this edition :) blackhoodie.re/Offensivecon...
Don't forget, the CFP for the 40th anniversary issue of Phrack is open until June 15th 2025. You can be someone's favorite article in the future!!
bsky.app/profile/phra...
Save the date - @blackhoodie.bsky.social is partnering with
@offensivecon.bsky.social this year to bring a BlackHoodie training to Berlin! Students will learn how to place compiler backdoors in innocent code. Mark your calendars for May 15th! Registration opens tomorrow, space is very limited ☺️
Happy to share my slides from BOOTSTRAP25. Unfortunately the bug discussed is still not patched in Linux 6.14.0 despite it being reported explicitly. Slides are in markdown but there's a PDF in "releases" too github.com/jduck/bs25-s...
We are proud to announce our first keynote for Offensivecon 2025, Perri Adams! @perrib.us
Our second keynote for Offensivecon 2025 will be Dino Dai Zovi! @ddz.bsky.social
Must be @argp.bsky.social and karl's article on the FreeBSD kernel allocator. The first one I worked really through, introduced me to kernel exploitation, and finally helped me with my first real exploit for
FreeBSD-SA-19:02.fd.
phrack.org/issues/66/8#...
That story gets better and better every year with new details and court cases internationally.
Good analysis by the syzkaller developer, how some of thr latest ITW vulns could have been found.
Pumpkin (@u1f383 on X) does cool work. Here is another cool read about an interesting race condition involving signal handling
u1f383.github.io/linux/2025/0...
Really great read by @h0mbre (on X) about his journey to exploit a Linux n-day on kCTF. Not only the exploit but the process to understand the bug including own failures, e.g. deal with CONFIG_DEBUG_LIST, is full of insights. h0mbre.github.io/Patch_Gappin...
Hackers rejoice!
We are releasing the Phrack 71 PDF for you today!
Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue!
The CFP is still open, you can find it and the PDF link at phrack.org
Tbh, Hector Martin was very good at alienating himself.
To all our Bluesky friends, feel free to follow us here as we will be posting regular updates as the conference gets closer. See you in May!
Thank you @phrack.org !
That's the spirit
As of today I'm not longer with CrowdStrike. Looking forward to new challenges in VR :)