My talk at ContainerDays in Hamburg was accepted. See you there!

Why do attackers love bootkits? 🔗Persistence + ♻️stealth. At the RE//verse, Binarly REsearcher Takahiro Haruyama shows how mapping common hook chains & persistence logic led us to six brand-new bootkits, three with ZERO anti-malware detections. 📺youtube.com/watch?v=pMZqvv…

Playground. German version

At this point most of the programmers I respect the most are AI positive and finding a lot of value in it. And of course understanding the limits, as with any good tool. Thomas H. Ptacek, Kenton Varda, antirez bsky social, and many more. This post is mostly perfect: fly.io/blog/youre-all…

New books arrived, always wanted to read these two.

🚨Binarly is documenting the discovery of CVE-2025-3052, a memory-corruption flaw in a Microsoft-signed UEFI module that lets attackers bypass Secure Boot and run unsigned code before the OS starts. 🔗 Full details: binarly.io/blog/another-c… 🛡️ Advisory: binarly.io/advisories/brl…

Why tf do you send me a password reset Facebook ? I deleted the account long ago. Seems like it was not actually deleted?

Playing with opencode from SST on a weekend. Good impressions so far, not intrusive and runs directly in the terminal.

Wails v3.0.0-alpha.10 released. It's a big one! - New API for Go Runtime - 50 additions - 48 bugfixes - 30 changes, 4 of them breaking changes github.com/wailsapp/wails…