A good mix of everything to please everyone: CVEs, AI, Integrity Bypass and Unicode
🛠 ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3)
The Doyensec team is following up on their research against ksmbd. It’s raining CVEs! https://blog.doyensec.com/2025/09/02/ksmbd-2.html
🔐 Subverting Code Integrity Checks to Locally Backdoor Signal, 1Password, Slack, and More
Another great post from the Trail of Bits team on attacking code integrity in Electron-based applications: https://blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/
📰 In4m: Keeping up with the Latest Infosec News
The Kulkan team just released a new tool to help you keep up with the Kardashian^wlatest infosec news: https://blog.kulkan.com/in4m-keeping-up-with-the-latest-infosec-news-ff4a045cf8a9
🤖 Executive Offense - Building AI Hackbots, Part 1
A great post from Jason Haddix’s newsletter on how to build Hackbots: https://executiveoffense.beehiiv.com/p/ai-hackbots-part-1
🍪 Cookie Chaos: How to Bypass __Host and __Secure Cookie Prefixes
A great post on bypassing __Host cookies by leveraging Unicode: https://portswigger.net/research/cookie-chaos-how-to-bypass-host-and-secure-cookie-prefixes
