👾 GDDRHammer and GeForge: GPU Rowhammer Now Achieves Full System Compromise • 🤖 Assessing Claude Mythos Preview’s cybersecurity capabilities
With Anthropic's Opus 4.5, Ralph Wiggum Loop and GastOwn, a few people on the bleeding edge of AI-based software development are ...
🤖 Semgrep's Agent Skills • 🤿 Shaking the MCP Tree: A Security Deep Dive • 🤖 Evaluating and mitigating the growing risk of LLM-discovered 0-days
Rails is great at making the happy path simple. You need a record, you write Model.find(params[:id]). You need an authorization check, ...
Security and privacy have always been about doing the right thing while balancing it with staying productive. People do not work ...
🪟 Corrupting the Hive Mind: Persistence Through Forgotten Windows Internals • ␛ On the clock: Escaping VMware Workstation at Pwn2Own Berlin 2025 • 🪲 Insecure Defaults Detection
🤯 On the Coming Industrialisation of Exploit Generation with LLMs • 🚨 Cloudflare Zero-day: Accessing Any Host Globally • 🤖 Claude Magic String Denial of Service
I didn't know Harbour even existed as a language when I found this bug. The fun part is that I also ...
🤖 AI models are showing a greater ability to find and exploit vulnerabilities on realistic cyber ranges • 🏴☠️ Pwning Claude Code in 8 Different Ways • 🔐 The State of OpenSSL for pyca/cryptography
💧 Cross-Site ETag Length Leak • 🛠️ Detect Go's silent arithmetic bugs with go-panikint • 💎 Ruby Array Pack Bleed
A quieter week that perfectly fits the two deep dives! 📚 ORM Leaking More Than You Joined For The latest opus ...
SAML bypasses & LLM-assisted crash triage. 🔒 The Fragile Lock: Novel Bypasses for SAML Authentication Ruby SAML falls again. An extraordinary ...
WAF bypasses, CVE research & constant-time crypto. ⏰ Introducing constant-time support for LLVM to protect cryptographic code Trail of Bits explains ...