Veganism Social

HN SecurityWe have identified some security vulnerabilities (CVE-2025-1731) in Zyxel USG FLEX H Series firewall appliances, that allow local users with access to a Linux OS shell to escalate privileges to root. <a href="https://security.humanativaspa.it/local-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731" rel="nofollow noopener" translate="no" target="_blank">https://security.humanativaspa.it/local-privilege-escalation-on-zyxel-usg-flex-h-series-cve-2025-1731</a> <a href="https://infosec.exchange/tags/Zyxel" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zyxel</a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#VulnerabilityResearch</a> <a href="https://infosec.exchange/tags/CoordinatedDisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#CoordinatedDisclosure</a>

Kevin Thomas ✅We are in the Age of Agentic AI.Ladies and gentlemen, we stand at the dawn of something extraordinary—the birth of Embedded Reverse Engineering and Vulnerability Research in the Agentic AI generation.For years, we’ve reverse-engineered binaries, unraveled obfuscation, and traced execution flows deep into silicon. But now, the game is changing. AI isn’t just a tool anymore—it’s an active agent, reasoning, adapting, and challenging assumptions in ways we’ve never seen before.This is more than automation. It’s more than efficiency. It’s intelligence—embedded, autonomous, and evolving.We are the pioneers in a field where AI meets hardware, where security meets intelligence, and where the vulnerabilities of today shape the resilience of tomorrow.So here’s my challenge to you: 🔹 Push the boundaries of what’s possible. 🔹 Question the architecture of security itself. 🔹 Reimagine what AI-driven reverse engineering can achieve.The next frontier isn’t just about finding flaws. It’s about understanding systems at a level deeper than ever before.We are the ones forging this path. Let’s build the future. 🚀 <a href="https://defcon.social/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReverseEngineering</a> <a href="https://defcon.social/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#VulnerabilityResearch</a> <a href="https://defcon.social/tags/AgenticAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#AgenticAI</a> <a href="https://defcon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a>

Harry SintonenIn 2019 I discovered class of SSH <a href="https://infosec.exchange/tags/spoofing" class="mention hashtag" rel="nofollow noopener" target="_blank">#spoofing</a> attacks that employ the "no auth" supported by the <a href="https://infosec.exchange/tags/SSH" class="mention hashtag" rel="nofollow noopener" target="_blank">#SSH</a> protocol. This lead to some SSH clients implementing trust indicators to clearly identify prompts originating from the application. <a href="https://infosec.exchange/tags/PuTTY" class="mention hashtag" rel="nofollow noopener" target="_blank">#PuTTY</a> added a "trust sigil" to indicate that the prompt originates from the application itself instead of the server: <a href="https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-auth-prompt-spoofing.html" rel="nofollow noopener" translate="no" target="_blank">https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-auth-prompt-spoofing.html</a><a href="https://infosec.exchange/tags/vulnerabilityresearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#vulnerabilityresearch</a> <a href="https://infosec.exchange/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#bugbounty</a>

JamesJust finishing up Obfu[DE]scate! A <a href="https://infosec.exchange/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#Python</a> tool that simplifies de-obfuscation and comparison between <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> APK versions - even after functions have been renamed, removed, or altered as part of obfuscation.<a href="https://github.com/user1342/Obfu-DE-Scate" rel="nofollow noopener" translate="no" target="_blank">https://github.com/user1342/Obfu-DE-Scate</a><a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReverseEngineering</a> <a href="https://infosec.exchange/tags/MalwareAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#MalwareAnalysis</a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#VulnerabilityResearch</a>

JamesI've been working on a <a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReverseEngineering</a>, <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#VulnerabilityResearch</a> , <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenTesting</a>, and <a href="https://infosec.exchange/tags/OffensiveSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#OffensiveSecurity</a> training platform over the past few months. It's still in the 'MVP' stage so I'd love any feedback folk have for it! 🧑‍💻👩‍💻👨‍💻<a href="http://www.TODO.courses" rel="nofollow noopener" translate="no" target="_blank">http://www.TODO.courses</a>

JamesI've finally setup an account on Mastodon 🙌😅 Now that I'm here, thought that I'd fill my feed with a few bits and pieces that I've been up to over the past year. 🧵📱100% off <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#Android</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> Analysis Course: <a href="https://www.udemy.com/course/android-malware-analysis/?couponCode=MASTODON" rel="nofollow noopener" translate="no" target="_blank">https://www.udemy.com/course/android-malware-analysis/?couponCode=MASTODON</a>🤖 100% off Android Games <a href="https://infosec.exchange/tags/ReverseEngineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#ReverseEngineering</a> Course: <a href="https://www.udemy.com/course/learn-reverse-engineering-through-android-games/?couponCode=MASTODON" rel="nofollow noopener" translate="no" target="_blank">https://www.udemy.com/course/learn-reverse-engineering-through-android-games/?couponCode=MASTODON</a>📚 75% Off My Android / <a href="https://infosec.exchange/tags/iOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#iOS</a> <a href="https://infosec.exchange/tags/VulnerabilityResearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#VulnerabilityResearch</a> and <a href="https://infosec.exchange/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenTesting</a> book: <a href="https://ko-fi.com/jamesstevenson/link/MASTODON" rel="nofollow noopener" translate="no" target="_blank">https://ko-fi.com/jamesstevenson/link/MASTODON</a>

Recent searches

Search options

Administered by:

Server stats:

#vulnerabilityresearch