I love this kind of analysis: https://www.synacktiv.com/en/publications/let-me-cook-you-a-vulnerability-exploiting-the-thermomix-tm5

Well done!

Wrapped up an energising Vulnerability Lookup workshop during @circl’s Virtual Summer School 2025.

Video and slides are now available.

Big thanks to everyone who joined the discussions.

:youtube: Video https://youtu.be/imkPqA-1mVE
📜 Slides https://www.vulnerability-lookup.org/files/events/2025/VSS-2025-VulnerabilityLookup.pdf

#opensource #gcve #vulnerability #vulnerabilitymanagement

@gcve
@cedric
@rafi0t

If you’re wondering why half the internet broke tonight for a short period, TCS accidentally hijacked Cloudflare.HT @ssamulczyk

New, at KrebsOnSecurity.com: Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep sense of confidence to learn that Mr. Elez over the weekend inadvertently published a private key that allowed anyone to interact directly with more than four dozen large language models (LLMs) developed by Musk's artificial intelligence company xAI.

https://krebsonsecurity.com/2025/07/doge-denizen-marko-elez-leaked-api-key-for-xai/

Passkeys are an authentication mechanism, but the prf WebAuthn extension lets us use them for symmetric encryption, too!

I wrote about how that works, and how it's implemented in Typage, the TypeScript implementation of age.

Bonus: there's also a CLI plugin to use passkeys stored on FIDO2 hardware tokens.

https://words.filippo.io/passkey-encryption/?source=Mastodon

Torrent client but you can chat with your peers

In case you missed the #pwnies nominations for this year, find the stream here: https://www.youtube.com/live/TuKPA-CeDFA?t=14513s

Talks from the RuhrSec 2025 security conference, which took place in February, are available on YouTube

https://www.youtube.com/playlist?list=PLbDDsIuMYNGym5vK6wcmjHzQNvHU8kq4p

Europe appears to just have given up on doing anything technical. Perhaps we should hurry up & stop pretending we want to do anything ourselves, so we can speed up getting to our eventual destiny of a full time holiday destination for American, Chinese and Russian tourists. And mind you, that is the _best_ outcome I can see right now. https://therecord.media/spain-awards-contracts-huawei-intelligence-agency-wiretaps

Finally some cursed content

So #Google “surprisingly” kills #adblockers by removing webRequestBlocking in MV3…
But forgets to clean up one ancient line of C++ that lets you just spoof a WebView ID…

#priceless

https://0x44.xyz/blog/web-request-blocking/

See how /e/OS protects my device from tracking attempts!
Why mobile apps trackers are one of the most impactful threats regarding your privacy and your freedom: read our Privacy Guide at https://e.foundation/wp-content/uploads/2024/12/murena_white_paper_privacy.pdf

Yikes. Turns out you can send a plaintext radio signal to cause any train in the USA to do an emergency break. The original 'security' was just a checksum, no encryption or authentication. Reporting this took them 12 years (!) because the vendor dismissed it initially https://www.cisa.gov/news-events/ics-advisories/icsa-25-191-10

The Apple Watch has a closed down ecosystem, only compatible with the iPhone. @trusted_device reverse engineered its interfaces and opened it up for compatibility with Android! ✨ WatchWitch ✨ allows you using your Apple Watch ⌚ on Android devices, interpreting your health data, answering messages on the Watch and more.

Demo video: https://www.youtube.com/watch?v=dHz8NHMhtLY
Read the full paper: https://arxiv.org/abs/2507.07210

The Apple Watch uses IPSec over Bluetooth?!?! That’s mildly horrifying but also a certain level of genius

https://arxiv.org/pdf/2507.07210

eBPF: Unlocking the Kernel [OFFICIAL DOCUMENTARY] https://www.youtube.com/watch?v=Wb_vD3XZYOA

So, the #Austrian Parliament ignores all expert opinion and ratifies a law to allow #statetrojan #spyware to be bought and used, making the whole population less safe while spending tax money on (non-EU) malware instead of more actual police forces. #Karner has won - at least until #VfGh nullifies it (again) - in getting his legal illusion past the Parliament, even though it can't be technically implemented as written in the law.

https://orf.at/stories/3399187/

> Nach jahrelanger Diskussion ist die Messengerüberwachung am Mittwoch vom Nationalrat ermöglicht worden. Widerstand gab es nicht nur von FPÖ und Grünen, sondern auch innerhalb der Koalition von NEOS-Abgeordneten. Mit der Vorlage wird es dem Staatsschutz künftig möglich sein, unverschlüsselte und verschlüsselte Nachrichten bei Diensten wie WhatsApp und Signal auszulesen.

I've now also elaborated some more of my thoughts on this in a (way too infrequent) blog post at https://laforge.gnumonks.org/blog/20250709-gsma-esim-euicc-security/

The Journey of Bypassing Ubuntu’s Unprivileged Namespace Restriction

Article by Pumpkin about the internals of the Ubuntu's implementation of restricting unprivileged user namespaces and figuring out another bypass method.

https://u1f383.github.io/linux/2025/06/26/the-journey-of-bypassing-ubuntus-unprivileged-namespace-restriction.html

If you haven’t watched it already, I recommend checking out the “What’s new in passkeys” session from WWDC. It features my colleague Andrew detailing several exciting improvements to passkeys, including the new “Account Creation API” for help native apps create an account (i.e. get the user’s name and email address) that starts off with a passkey — never going through the temporary state of having a password. https://developer.apple.com/videos/play/wwdc2025/279