This is a scarily impressive vulnerability: Earlier this year, Apple patched one of the most breathtaking iPhone vulnerabilities ever: a…
After writing Go for years, many of us have learned the error-checking pattern down to our bones: “Does this function…
A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post…
Some years ago, during the renaissance of security information and event management (SIEM), security became log crazy. The hope was…
In our October monthly episode we finish our three part series on targeted attacks. In this episode we discuss the…
The initial release of yVault contained logic for computing the price of yUSDC that could be manipulated by an attacker…
This is a weird story: Hernandez was able to evade capture for so long because he used Tails, a version…
Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only…
It’s been four years since my blog post “2000 cuts with Binary Ninja.” Back then, Binary Ninja was in a…
The Ethereum Name Service (ENS) contract recently suffered from a critical bug that prompted a security advisory and a migration…