cryptonite
@cryptonitemmk
Followers
47
Following
128
Media
0
Statuses
32
Security engineer @ Quarkslab
Bulgaria
Joined August 2021
Six months ago, three colleagues and I at Quarkslab audited parts of the PHP source code. We uncovered 17 security vulnerabilities, including three high-severity issues, leading to four new CVEs.
Quarkslab audited PHP-SRC, the open source interpreter of PHP. The security audit, sponsored by @OSTIFofficial with funding from @sovtechagency, aimed at strengthening the project's security ahead of the upcoming PHP 8.4 release. Here is what we found: .
0
0
0
RT @quarkslab: こんにちは Tokyo!. "Of all things, I liked bugs best.". ― Nikola Tesla. Quarkslab is happy to participate in Pwn2Own .Automotive….
0
7
0
RT @bozhobg: Служебният министър на електронното управление в интервю по БНТ обяснил за някои казуси с машините, в което чувствително ухо м….
0
52
0
RT @evilsocket: * Unauthenticated RCE vs all GNU/Linux systems (plus others) disclosed 3 weeks ago. * Full disclosure happening in less tha….
0
507
0
RT @quarkslab: Creating an OCI image from source code that can run on any cloud could be very challenging. Quarkslab assessed the security….
0
7
0
RT @quarkslab: Ready for part 3 of our travel into the dynamic instrumentation of #Golang during runtime? In this article, @cryptonitemmk a….
0
18
0
RT @quarkslab: Last year @cryptonitemmk and Damien Aumaitre embarked on a journey to the depths of #Golang. Their mission? To boldly instru….
0
18
0
RT @quarkslab: 🪓Yes we hacked!.Last week QSEC, our CTF team, participated in the European Cyber Cup at the InCyber Forum. Our team finished….
0
8
0
RT @CERT_FR: 🚨 Alerte CERT-FR 🚨 .Une porte dérobée (backdoor) a été découverte dans la bibliothèque Linux xz dans les versions 5.6.0 et 5.6….
0
510
0
RT @EuCyberCup: 🎉Voici le classement complet de cette édition #EC2 2024 ! Bravo à toutes les équipes !
0
19
0
RT @AviadCarmel: We (@SaltSecurity ) could access *private* GitHub repos of *other* users, using. ChatGPT!.Open the comments below to….
0
129
0
RT @quarkslab: Interested in navigation of source code, binaries and other artifacts? Let a marsupial and goddess help you. Here @_cryptoco….
0
35
0
RT @quarkslab: Interested in dynamically hooking Golang programs ?.TL;DR: it's complicated, but fear not because today @cryptonitemmk start….
0
26
0
RT @quarkslab: Fuzzing is one of the top bug finding techniques and to celebrate the 25th year of ntop, one of the top network monitoring t….
0
26
0
RT @androidmalware2: New 0-click exploit chain discovered targeting iOS devices delivers #Pegasus Spyware. Exploit chain was capable of com….
0
101
0
RT @quarkslab: Our annual conference will be back on April 18th at @CampusCyberFr! On the agenda: our latest R&D findings on pastis, #Googl….
0
3
0
RT @quarkslab: We're looking for an experienced SR pentester for our new "Pentest by Qb" service. We're not a commodity pentesting shop, w….
0
4
0
I’m happy to announce the publishing of my 4th blog post on Quarkslab’s blog. I would like to thank my colleagues for their support and advices 😎.
Do not get stuck trying to understand container specifications!.Here is a blog post by @cryptonitemmk that dissects the OCI Image Specification with practical examples and hints 😉at why it is Not A Good Idea to leave any secrets in them.
0
2
13
RT @quarkslab: Our 2022-2023 internship season is open! Looking for a 6-month immersion in a top-notch security research environment? Searc….
0
18
0
RT @quarkslab: Congratulations @DarkaMaul !!.Yesterday Alexis Challande successfully defended his PhD thesis: "Towards 1-day Vulnerability….
0
6
0