histre

email

MIT students stole $25M in seconds by exploiting ETH blockchain bug, DOJ says • arstechnica.com

51 points • 1 day ago • 22 comments

news

New WiFi Vulnerability: The SSID Confusion Attack • www.top10vpn.com

12 points • 2 days ago • 2 comments

Speculating the entire x86-64 instruction set in seconds (2021) • blog.can.ac

102 points • 3 days ago • 4 comments

assembly

Flatpak – a security nightmare – 2 years later (2020) • flatkill.org

39 points • 6 days ago • 35 comments

linux

I Accidentally Uncovered a Nationwide Scam Run by Fake Hosts on Airbnb (2019) • www.vice.com

105 points • 1 week ago • 104 comments

Novel attack against virtually all VPN apps neuters their entire purpose • arstechnica.com

192 points • 1 week ago • 74 comments

Exploit for Minecraft uses LLL lattice reduction, to locate all players in world [video] • www.youtube.com

6 points • 1 week ago • 2 comments

video

Novel attack against virtually all VPN apps neuters their entire purpose • arstechnica.com

20 points • 1 week ago • 3 comments

Common Google XSS • matan-h.com

154 points • 1 week ago • 15 comments

web

Forcing master to main was a good faith exploit • world.hey.com

6 points • 2 weeks ago • 7 comments

Xz sshd backdoor collecting usernames from logs • isc.sans.edu

136 points • 3 weeks ago • 10 comments

Linux Xz Backdoor Damage Could Be Greater Than Feared • thenewstack.io

10 points • 3 weeks ago • 8 comments

linux

Attackers spread backdoor via eScan antivirus software update process • decoded.avast.io

55 points • 3 weeks ago • 56 comments

Windows vulnerability reported by the NSA exploited to install Russian malware • arstechnica.com

46 points • 3 weeks ago • 2 comments

windows

news

Windows vulnerability reported by the NSA exploited to install Russian backdoor • arstechnica.com

8 points • 3 weeks ago • 0 comments

windows

Some Fritz!Box modems might have been hijacked • crapts.org

224 points • 3 weeks ago • 119 comments

GPT-4 can exploit vulnerabilities by reading CVEs • www.theregister.com

73 points • 3 weeks ago • 27 comments

ai

Randar: A Minecraft exploit that uses LLL lattice reduction to crack server RNG • github.com

523 points • 1 month ago • 116 comments

java

reversing

An Obscure Actions Workflow Vulnerability in Google's Flank • adnanthekhan.com

20 points • 1 month ago • 1 comment

Palo Alto – Putting the Protecc in GlobalProtect (CVE-2024-3400) • labs.watchtowr.com

39 points • 1 month ago • 28 comments

python

Forcing master to main was a good faith exploit • world.hey.com

5 points • 1 month ago • 3 comments

reversing

Forcing master to main was a good faith exploit • world.hey.com

4 points • 1 month ago • 3 comments

reversing

"Highly capable" hackers root corporate networks by exploiting firewall 0-day • arstechnica.com

18 points • 1 month ago • 1 comment

Palo Alto Networks PAN-OS Zero-Day Exploitation • www.volexity.com

91 points • 1 month ago • 57 comments

Cipherleaks is the first demonstrated attack against AMD SEV-SNP (2021) • cipherleaks.com

46 points • 1 month ago • 12 comments

research

cryptography

Unauthenticated, RCE vulnerability in Palo Alto firewalls, exploits in the wild • security.paloaltonetworks.com

32 points • 1 month ago • 13 comments

H-1B visa fraud alive and well amid anti-abuse efforts • www.theregister.com

183 points • 1 month ago • 203 comments

Backdoor in XZ Utils That Almost Happened • www.lawfaremedia.org

14 points • 1 month ago • 8 comments

law

Hackable Intel and Lenovo hardware went undetected for 5 years • arstechnica.com

30 points • 1 month ago • 11 comments

hardware