"Zombie ZIP" CVE-2026-0866 is not really a vulnerability which can evade AV engines, because the resulting ZIP file cannot be opened by normal tools, it's malformed.
It's more like a steganography/obfuscation trick, you need malicious code already running to extract the payload.
Allez au-delà de #GPS, comprenez le système de navigation #Galileo et ses modulations BOC dans le dernier Hackable.
Disponible en kiosque ou peut être commandé en ligne (version numérique ou papier avec ports offerts) sur boutique.ed-diamond.com/nouveautes/1....
Belle exploration !
BOUM 💥 Nouvelle vidéo en ligne consacrée aux casques audio à conduction osseuse. Décorticage, analyse de l'électronique et des transducteurs d'un casque premium et comparaison avec un casque "premier prix". Vous allez tout savoir ! 👀
youtu.be/BvUxSddgdcg
Look Ma, no sensors!
"How does it even work?"
The question that keeps hackers' hearts pumping, blood pressure rising, and curiosity growing.
This is Damien Cauquil's reverse engineering journey into a cheap smartwatch that measures at least one of those.
blog.quarkslab.com/nerd-life-we...
It was well organized, highly caring staff, not to mention the food was really good!
Just to be clear, I’m not affiliated at all; this is genuinely my honest opinion.
If you’re interested in reverse engineering at all, RE//Verse is quickly becoming the top conference!
re-verse.io
Must read
Diagram titled “Transformer attention.” It shows three steps of the attention computation with code snippets beside each step. The first step is “Scale factor 1/√dₖ,” highlighting code that computes the reciprocal square root. The second step is “Dot product Q · K,” showing code performing a dot-product accumulation. The third step is “Scaling + max tracking,” highlighting code that multiplies by the scale factor, stores the value, and updates a running maximum. The phrase “Transformer attention” appears prominently in the center.
The slides from my @re-verse.io talk, "Challenges in Decompilation and Reverse Engineering of CUDA-based Kernels", are now online!
Slides: nicolo.dev/files/pdf/re...
Plugin: github.com/seekbytes/pt...
Simple age check for Linux:
Just have the shell ask the user to check the host IP on first boot.
If they type ifconfig they are old enough, if they type ip addr they deserve to be restricted from their computer 😇
Spread the word! @phrack.org CFP with demoscene cracktro is live. Turn up the volume and enjoy the awesome stylings of @PiotrBania with some hopefully inspiring text from phrack staff :)
phrack.org
We @binarly.bsky.social just open-sourced our VulHunt framework at RE//verse!
GitHub: github.com/vulhunt-re/v...
Documentation: vulhunt.re/docs
Slack: join.slack.com/t/vulhunt/sh...
vulhunt.re
👩🦰 Connaissez-vous les femmes de la tech ? À l’occasion de la journée internationale des femmes, nous voulons proposons de regarder les travaux de
👉 Mathilde Saliou
👉 Ophélie Coelho
👉 Timnit Gebru
👉 Abeba Birhane
👉 Astha Kapoor
👉 Amba Kak
👉 Sasha Luccioni
👉 Rumman Chowdhury
👉 Naomi Klein
Le journalisme peut-il survivre à YouTube, devenu le « premier média de France » avec 43 millions d’utilisateurs ? Récemment arrivé sur @YouTube moi-même, j’en parle avec un vétéran les plus suivis, Gaspard G. Retrouvez notre conversation sur ma chaîne.
youtu.be/N9_-EJleCHM?...
OST2 is putting out a request for proposals for an opportunity to be funded to create classes on UEFI and/or ACPI. If you are interested, please reach out to teach🌀ost2.fyi with a proposed class syllabus.
ost2.fyi/Training-RFP...
I will be speaking at BSides SF in a couple of weeks! It will be about git, certificates, SSH, and, obviously, TPMs. bsidessf2026.sched.com/event/2E1g3/...
Reverse engineers often spend a lot of time deciphering third-party firmware libraries. At RE//verse 2026 (Fri, 5 PM), Benoit & Sami will introduce SightHouse, an open-source tool to automatically identify third-party functions and speed up analysis.
Join us!
Je suis nul en com' mais ce livre est important pour moi, il s'agit d'un récit de mes derniers mois en Russie. Moscou parano sera disponible mercredi prochain dans toutes les librairies ! actu.fr/societe/les-...
Effet Streisand assuré 😂
J'abuse encore.... demande urgente en région de Zaporizhia pour un générateur, un ecoflow et à Kharkiv pour des câbles coaxiaux... Un budget d'environ 1700 euros
Merci d'avance pour eux... ❤️❤️❤️
closeup of diy open wave receiver with overlay text that says "open source hardware summit 2026 may 23/24 TU Berlin Get your ticket!"
We are so excited to announce the talks and workshop schedule for #OHS2026! Check out the lineup and see who is joining us from all over the world to talk open source hardware and maybe even register for one of the incredible workshops we'll have running on Day 2: 2026.oshwa.org/schedule/
Motorola announces a partnership with GrapheneOS Foundation ; they will work to strengthen Smartphone Security and collaborate on future Devices engineered with #GrapheneOS compatibility motorolanews.com/motorola-thr...
Reverse engineers often spend significant time deciphering third-party libraries within firmware. My talk, scheduled for Friday at 5 PM at Reverse, introduces SightHouse, an open-source initiative aimed at automatically identifying third-party functions to enhance analysis efficiency.
Samuel, 10 ans, écrit dans son journal « Là j’ai la sensation du dimanche et c’est une sensation que je veux pas ressentir » et nous non plus. Une image extraite de la série en animation d’Emilie Tronche « Samuel » sur arte.
heureusement, le travail autour de la saison 2 a commencé
Ouvriers sur la tour Eiffel, 1932 📷
HMS Rapp was the patrolboat that jammed the Russian drone, a patrolboat in the Tapper-class (Brave-class).
🆕 #Android Samsung #Knox (Secure Folder) history log artifact in #ALEAPP.
🪵 SQLite database contains a log of items requested be moved in or out of the secure folder in Samsung Android devices.
👏 Thanks to HSI Digital Forensics Examiner Geovanny Perez for the discovery of this artifact.
#DFIR
Think your guest Wi-Fi is isolated from your main network? Think again.
AirSnitch (NDSS'26) breaks client isolation on every router tested: from home APs to enterprise WPA2/3-Enterprise. Full MitM in seconds, sometimes leaking WPA2 traffic in plaintext: 🔗 community.penthertz.com/t/airsnitch-...
We found that Wi-Fi client isolation can often be bypassed. This allows an attacker who can connect to a network, either as a malicious insider or by connecting to a co-located open network, to attack others.
NDSS'26 paper: www.ndss-symposium.org/wp-content/u...
GitHub: github.com/vanhoefm/air...
Cela faisait bien longtemps que je n'étais pas passée par ici ! Merci pour tous vos partages (surtout pour la vidéo sur l'impesanteur qui a été un énorme projet)
www.youtube.com/watch?v=iG6B...
🛰️ We've found our way to BlueSky 📍
Follow us as we navigate the world of satellite navigation: Galileo, EGNOS, Celeste, NAVISP, FutureNAV and so much more!
