Busy week: Android, Django and MCP!
🤖 Runtime Android Object Instrumentation
A great write-up on runtime instrumentation for Android using SQLite as a case study: https://knifecoat.com/Posts/Runtime+Android+Object+Instrumentation
🐍 Critical SQL Injection Vulnerability in Django (CVE-2025-64459)
Some details around the latest issue impacting Django: https://www.endorlabs.com/learn/critical-sql-injection-vulnerability-in-django-cve-2025-64459
🌽 Defeating KASLR by Doing Nothing at All
Project Zero looking at KASLR on arm64: https://googleprojectzero.blogspot.com/2025/11/defeating-kaslr-by-doing-nothing-at-all.html
🤖 Assessing the Attack Surface of Remote MCP Servers
A thorough post from the Kulkan team on attacking MCP servers: https://medium.com/@kulkan-security/assessing-the-attack-surface-of-remote-mcp-servers-92d630a0cab0
🧑🏻💻 Claude Code Can Debug Low-level Cryptography
Debugging post-quantum cryptography with Claude and finding low-level bugs without reference implementations: https://words.filippo.io/claude-debugging/
