charitable disclosure noun char·i·ta·ble dis·clo·sure 1. describing a security researcher's donation in time and expertise to report flaws to a vendor for the benefit of the vendor or another party related: coordinated disclosure archaic: responsible disclosure (deprecated)

Full RCE PoC is now live @ https://t.co/VFu7NxJ3TQ Credit goes to @maple3142. Great job! Brilliant idea for the root reference. Felt like a CTF challenge indeed. Writing the full breakdown now.

My teen is taking Harvard’s @cs50 for free online through edX. I’m super impressed by the quality of that class. @davidjmalan is a really dynamic teacher and explains and illustrates low level foundational concepts simply and enthusiastically. Not only do you get updated video

Software bug? Ordered at @Starbucks for a family member with caffeine sensitivity today and a $5.75 drink is now $9.50 to make it decaf! 😳🤯 Apparently their new POS software won’t let them ring up decaf without “adding” shots, so +$3.75 for a grande drink. Looks like the

Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]

Despedida da H2HC! (My goodbye to H2HC!) (English Version Just After the Portuguese) TLDR: Para aqueles que não conseguem ler uma carta longa, estou saindo da organização da H2HC a partir do ano que vem (este ano ainda estarei à frente do evento, como sempre). Todas as

Everyone who attended our @blackwinghq anniversary party received a bootable 3.5” floppy 💾 with a fun little puzzle in a custom bootloader I made. I’ll post the floppy image if anyone’s interested.

I missed out on getting a @defcon edition @phrack 😭

iykyk

We had an amazing 20th anniversary celebration last night! Thanks to our team, amazing customers, and good friends for coming and helping us celebrate. ❤️❤️ #blackwing20

#blackwing20

My company @blackwinghq is celebrating our 20th anniversary this year and a big chunk of the team have descended on Vegas to celebrate together! 🎉🎉 let’s gooooooooo

👋👋 I’m in Vegas all week for Blackhat and Defcon! Hit me up if you’re around and you want to chat (vulns, cyber, hax, whatevs!). Please say hi if you see me!

Infosec

sup vegas

I keep hearing how great LLMs are at CTFs, but I don’t think they’d make it past the first chal 😕

It’s funny how we invented high-level languages so that humans could more easily instruct the machines. And now the machines have to use high-level languages to instruct machines, because they learned from us.

CVE-2024-46993: Heap Buffer Overflows in Electron’s API: https://t.co/Bp7GsyiVXB An advisory for the heap overflows I found in Electron is now live. For details on how I found them see my write-up at: https://t.co/tKXlCbJUKg #CVE-2024-46993 #electron

\o/ Thanks @phrack!

Public reporting confirms the percentage of code written by AI models at some companies is now well into the double digits. This is inevitably going to require security teams to adapt to this new world. CISO’s who primarily “securely enable the business” and security engineering

I have stickers with me too! Hit me up if you want one. Also — I’m hiring, ping me if you’re looking for something new, happy to chat.