🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Here's part 1 of my blog series on hacking the Xbox 360 hypervisor. This covers the design of the hypervisor and hardware security features that back it. Consider it prerequisite material for part 2 which will be released next week (along with the exploit) icode4.coffee/?p=1047

Here's part 2 of my Hacking the Xbox 360 Hypervisor blog series, where I find and exploit bugs in hypervisor code to create the "Bad Update" exploit: icode4.coffee/?p=1081

You can now jailbreak your AMD CPU! 🔥We've just released a full microcode toolchain, with source code and tutorials. bughunters.google.com/blog/542484235…

We're delighted to welcome Boris Larin to the #TyphoonCon2025 lineup! 🎤 Join us in Seoul on May 29-30! 🔗typhooncon.com/agenda

We (me + Igor Kuznetsov) have discovered a new Google Chrome 0-day that is being used in targeted attacks to deliver sophisticated spyware 🔥🔥🔥. It was just fixed as CVE-2025-2783 and we are revealing the first details about it and “Operation ForumTroll” securelist.com/operation-foru…

Nintendo website in 2001 #WebDesignHistory

Someone pointed out that MITRE is letting go of 400+ employees, which is definitely a big number. But with ~9,000 employees total, that’s still less than 5%. To me, that doesn’t explain why the CVE team had to be part of the cut. It’s probably a small group, maybe 5–10 people.

🎉 It’s official – #SAS2025 is coming! The world’s GReATest cybersecurity event returns with cutting-edge research, mind-blowing hacks, and the ultimate CTF finale. You won't want to miss this, book your place now: kas.pr/97zh

I'm really happy to announce that we've just opened registration for the SAS CTF 2025 qualifying round!⛳️ This year's top 8 teams will qualify for the onsite finals to compete for a share of the $18.000 prize pool at the Security Analyst Summit conference in Khao Lak, Thailand

🌪️ TyphoonCon 2025: Full Speaker Lineup Revealed! We're thrilled to announce our complete speaker assembly for TyphoonCon 2025 This year's lineup represents our most diverse and technically impressive collection of offensive security talent yet. From cutting-edge hardware

My talk about the recent SMM architecture and security at TheSAS2025 : youtube.com/watch?v=AIGj6Q… The conference was well organized and had plenty of networking opportunities. Though, the best thing was the venue :) It is at a beautiful resort again this year, so you will love it.

🚨 Less than 10 days until the SAS CTF 2025 Quals kick off! 🚨 Register your team now and claim the spot in the top 8 to compete for a share of the $18,000 prize pot at the on-site finals at the SAS conference in Thailand. Register: ctf.thesascon.com

Really enjoyed TyphoonCon🌪️ keynote of Andy Andy Nguyen about his journey of hacking gaming consoles. One of the best and most inspiring talks on bug hunting I have ever seen!

Check out our analysis of the SharePoint ToolShell vulnerabilities: how the ITW exploit works, how it was patched, and why the initial patches could be easily bypassed securelist.com/toolshell-expl…

Encountered this situation many times this year. As the disrespect for research continues, fewer and fewer reseacher will cooperate with MSRC(Microsoft) in the future.

TheSAScon is one of the best conferences I've ever attended and now is a great time to submit your research while CFP is still open!

#CFP extended — your last chance to rock the floor at #TheSAS2025! Just 10 days left to propose your research for the BIG stage and share your findings with peers from world-class cybersecurity organizations. If you research: ▪️ Transportation and smart city vulnerabilities ▪️