🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

New keenlab blog post, iOS multi-path exploit analysis: keenlab.tencent.com/en/2018/07/19/…

Woot! The heap-backed pool allocator (with randomization) is enabled by default in Windows 10 Build 17723 (Fast Ring) and 18204 (Skip Ahead). Great work by Mehmet Iyigun & team :)

I've said it before, I'll say it again. Andy Luhrs & co's new WinDbg/JS/NatVis/LINQ features literally change the entire approach to forensics/IR, reverse engineering and malware analysis, on top of all the goodness it does to Plain Old Debugging.

Check out our BlueHat slides about WSL @zer0mem KEENLAB slideshare.net/AnthonyLAOUHIN…

Windows Kernel Internals: Windows Sandbox techcommunity.microsoft.com/t5/Windows-Ker…

Fantastic talk on Chakra by Jonathan Jacobi - Well worth the watch youtube.com/watch?v=xp1YDO…

Go vs rust is the new python vs ruby

Welcome to the largest competition in history with... @Blast_L2 🪐 💰 $1,200,000 USDC 🗓️ January 30th, 3:00 PM EST / 20:00 PM UTC 📍 cantina.xyz/competitions Invite only. Don't have one? Details below:

New blog post: Cosmos IBC Reentrancy Infinite Mint. A critical reentrancy bug in ibc-go could have enabled the infinite mint of IBC tokens on Cosmos chains. asymmetric.re/blog/cosmos-ib…

Fun vulnerability for my first big bug while at Asymmetric Research. Worth the read if you like weird vulns in weird things!

Firedancer is running a public audit contest on Immunefi before its v0.1 mainnet launch. A completely new C codebase parsing untrusted network input, featuring a handwritten QUIC implementation and multi process sandboxing. No crypto background needed. DoS is in scope. 1M$ prize

🔥💃 We’re now running Firedancer v0.3 on mainnet! Validators running Firedancer benefit from cutting-edge security, reliability, and performance, improving Solana's liveness and safety. firedancer.asymmetric.re Learn why delegating to AR’s validator supports Solana's future ⇣

It takes a village…

Announcing AR’s Intern Program We’re launching an intern program that’s hands-on, high-impact, and fully remote. Looking for security research types who are curious, skilled, and ready to work on security challenges that matter ↓

We’re seeing confusion around @Firedancerio — to clarify: ❌This is not an official account. ✅Official Comms: Firedancer 🔥💃🏻 ✅Official Releases: github.com/firedancer-io/… Stay safe out there.

We'll be playing a big role at Solana Breakpoint 🇦🇪 Abu Dhabi Dec 11-13 this year: - Speaking on designing holistic security programs for high-stakes projects - Hosting a dedicated space for security-focused builders - Awarding a few travel grants Details to come. Accelerate.

New blog post: Navigating Vulnerabilities in Solana CPIs, by @dooflin5. It breaks down how unchecked programs, signer privileges, and account handling pitfalls can lead to exploits—and how developers can design defensively. asymmetric.re/blog/invocatio…

Lots of under-appreciated value in differential fuzzing campaigns, especially for regression safety.

Thank you to everyone who stopped by the Dev Cave during Scale or Die. It was a privilege to host a space like this for builders. Huge thanks to the entire Solana Breakpoint 🇦🇪 Abu Dhabi Dec 11-13 team and everyone who made this possible. We’ll be around the rest of the week! Reach out or come say hi.

Boredom > Beauty: Why Code Quality Is Code Security by John Saigle Some of the most devastating vulnerabilities stem from complexity, inconsistency, and chaos. This post explains why predictable, well-formed code is the foundation of security. blog.asymmetric.re/boredom-over-b…