buherator's Avatar

buherator

@buherator

"I'm interested in all kinds of astronomy." https://scrapco.de Mostly cross-posting from Fediverse: @buherator@infosec.place

509
Followers 268
Following 3,049
Posts 06.02.2024
Joined
Posts Following

Latest posts by buherator @buherator

ised โ€“ A program rewriting tool


aff-wg.org ->

h/t @badsectorlabs


Original->

10.03.2026 11:28 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Reverse engineering the Logi Options+ agent's IPC protocol to switch Logitech devices between Bluetooth hosts on macOS


github.com ->


Original->

10.03.2026 11:23 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Thanks to samples provided by @pinkflawd you can now look at the beauty of #Lockbit's obfuscated control-flow via @cfgbot by @tmr232


>Quoted post<


Original->

10.03.2026 07:52 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

The Anthropic marketing person who came up with this whole shitshow will get a massive bonus


>Quoted post<


Original->

09.03.2026 18:15 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Misskey/Sharkey "extremely severe" vulnerabilities


www.openwall.com ->

#Fediverse #ActivityPub #misskey #sharkey

CVE-2026-28431
CVE-2026-28432
CVE-2026-28433


Original->

09.03.2026 17:20 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

It's a bit hard to find in the announcement publications, but this is the technical analysis one of the #Firefox bugs Anthropic's agents found:


red.anthropic.com ->

#LLM


Original->

09.03.2026 16:15 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

TIL Leif Svalgaard passed away last year:


solarnews.aas.org ->

A true #AS400 (lately #IBMi ) hacker legend:


svalgaard.leif.org ->


www.itjungle.com ->

R.I.P.


Original->

09.03.2026 12:49 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Challenges in Decompilation and Reverse Engineering of CUDA-based Kernels


nicolo.dev ->


Original->

09.03.2026 11:39 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks


www.ndss-symposium.org ->


Original->

09.03.2026 11:34 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Watching pro developers discussing how stupid some of the exploits of widely used software are is pretty entertaining:


www.youtube.com ->

Good to see the "other side" gets it!


Original->

07.03.2026 18:03 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Phrack 73 CFP


phrack.org ->

With a demo!


Original->

07.03.2026 17:08 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets


blog.calif.io ->


Original->

07.03.2026 16:03 ๐Ÿ‘ 4 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Reverse-engineered the WiFi transfer protocol for HeyCyan smart glasses (BLE + USR-W630 WiFi module) -- first iOS implementation


alexschar.dev ->


Original->

07.03.2026 16:03 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Reviving a 20-year-old puzzle game Chromatron with Ghidra and AI


quesma.com ->


Original->

07.03.2026 15:58 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] U-Boot security improvements using Arm memory permissions


www.linaro.org ->


Original->

06.03.2026 16:54 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Getting a Shell on the Tapo C260 Camera (CVE-2026-0651, CVE-2026-0652, CVE-2026-0653)


spaceraccoon.dev ->


Original->

06.03.2026 16:44 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Coercing machine accounts through MsSense.exe -- MDE becomes the attack vector


medium.com ->


Original->

06.03.2026 16:44 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Neptune's Spatuala is a great scene about care and quality (see how I carefully avoid the A word?):


www.youtube.com ->

IT people should watch more Sponge Bob!


Original->

06.03.2026 14:13 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

"some risks for users facing a strong adversary, such as a government focusing all its resources on a very specific target"

Translation: The police has to write a carefully worded mail to Switzerland.


Original->

06.03.2026 11:28 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Bypassing debug password protection on the RH850 family using fault injection


blog.quarkslab.com ->


Original->

05.03.2026 16:57 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0


wh40k.lexicanum.com ->


Original->

05.03.2026 15:56 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

appearance.[...] Much of [REDACTED] technology is unreliable and sometimes seemingly inoperable to other races, in some cases only working properly in the hands of an [REDACTED]."

Solution below...
2/2

Original->

05.03.2026 15:51 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

Daily fill-the-blanks game:

"[REDACTED] technology is characterised by a constant stream of poorly thought-out experimentation and constantly trying to outdo the competition [...] Therefore [REDACTED] technology is not uniform, lending [REDACTED] a cobbled together and random
1/2

05.03.2026 15:51 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 1 ๐Ÿ“Œ 0

[RSS] Aha, I found a counterexample to the documentation that says that Query-Performance-Counter never fails


devblogs.microsoft.com ->


Original->

05.03.2026 14:16 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

I'm here waiting until the multi-trillion dollar wunderchild of human progress finishes "Finagling..."

Btw. is it me or these pinnacles of technology only ask confirmation for `echo` when they are about to execute `echo lol && rm -rf ~/`?


Original->

05.03.2026 13:11 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Reverse Engineering Crazy Taxi, Part 1


wretched.computer ->


Original->

05.03.2026 10:10 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

If you as a journalist bring up the fact the Linus Torvalds vibe-codes, but fail to add "for his guitar effect pet-project" you can consider yourself a permanent resident of the tabloid/propaganda shelf.


Original->

05.03.2026 10:05 ๐Ÿ‘ 1 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

[RSS] Building a Custom Architecture and Platform: Part 3


binary.ninja ->

#BinaryNinja


Original->

05.03.2026 05:58 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0
Alt text TBD, sorry!

Alt text TBD, sorry!




Original->

04.03.2026 20:41 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0

My secret sin is cringe metal covers of even cringer(?) pop songs:


eternalseptember.bandcamp.com ->


Original->

04.03.2026 20:21 ๐Ÿ‘ 0 ๐Ÿ” 0 ๐Ÿ’ฌ 0 ๐Ÿ“Œ 0