Android, Request Smuggling and Markdown Sanitizer!
📸 Pixnapping Attack
It has been a while since the last vulnerability with its own website and catchy name! This one is worth reading if you are into Android security: https://www.pixnapping.com/
📲 Rust in Android: Move Fast and Fix Things
One year later, see how moving to Rust is allowing the Android team to iterate more securely and faster. A great case study: https://security.googleblog.com/2025/11/rust-in-android-move-fast-fix-things.html
🧩 How I Found the Worst ASP.NET Vulnerability — A $10K Bug (CVE-2025-55315)
HTTP request smuggling strikes again! This time in the Kestrel web server. Read the write-up, which includes some source code analysis: https://www.praetorian.com/blog/how-i-found-the-worst-asp-net-vulnerability-a-10k-bug-cve-2025-55315/
🤖 Hacking Gemini: A Multi-Layered Approach
A great write-up on bypassing the markdown sanitizer used by Gemini: https://buganizer.cc/hacking-gemini-a-multi-layered-approach-md
