We describe two vulnerabilities in the learning management platform ILIAS that we found as part of a recent client engagement. Exploiting a stored XSS we achieve command execution as root.
A new version of the free open-source flight simulator FlightGear.
Fuzzing is an effective technique for finding bugs, but it’s only as effective as your fuzzing harness. We explore the secrets of good harnessing for fuzzing, from common mistakes to best practices.
Time to catch up on some recent trailers.
Jeremy Allen White’s next big project is Springsteen: Deliver Me From Nowhere, for which we now have a trailer. It’s another musician biopic by 20th Century Studios, following the success of “A Complete Unknow…
Time to catch up on some recent trailers.
Jeremy Allen White's next big project is Springsteen: Deliver Me From Nowhere, for which we now have a trailer. It's another musician biopic by 20th Century Studios, following the success of "A Complete Unknown".
Xeno takes a scary alien (?) and turns it into maybe something not so scary, while even mentioning the alien in Project Hail Mary is kind of a spoiler, but the trailer already did that for us so it's cool. The latter is probably one of the movies I'm most looking forward to in 2026.
Well you know, it wouldn't be Hollywood without another remake, even if this new The Running Man is closer to the book than the classic 1987 movie.
And just today, we've received the new trailer for Mortal Kombat II. Following the relative success of the first movie back in 2021 (a COVID release meant that it was simultaneously released on HBO Max, so it's modest box office returns was still impressive given this fact), it was always a matter of time before the sequel arrived.
For the kids, we have the new trailer for The Cat in the Hat, Pets on a Train, The SpongeBob Movie: Search for SquarePants and Pixar's next adventure, Hoppers.
Notable mentions include Roofman, Yorgos Lanthimos's next flick Bugonia (music only version here), After the Hunt, and I Wish You All The Best.
Check out all of our recently added trailers here. And a reminder that if you want the highest quality version of these trailers, all of them are available to download in 4K (and sometimes 8K) in our Trailers section.
We developed the first open-source toolchain for full-system emulated fuzzing of any Hexagon firmware, addressing a critical gap in baseband security research.
We now accept financial donations to support the project.
Ethical hackers help reduce SS7 abuse by finding security problems to protect phone users, and clear rules are needed to ensure only trusted testers have SS7 access.
We combine human expertise with AI as a co-pilot to enhance code audits, carefully protecting client confidentiality by analyzing closed-source code in-house, and continuously improving our models through benchmarking and fine-tuning without replacing …
Xiaohongshu exposes users to network-level attacks through partially unencrypted traffic, collects more device data than disclosed, and actively obstructs app analysis efforts.
We developed GoLibAFL, a new fuzzer for Go code built on top of LibAFL.