🎙️ Next Behind the Binary episode is now live! In this episode, I'm joined by @__sethJenkins from @Google's Project Zero to discuss a recent zero-click exploit chain in the Pixel 9—groundbreaking research he co-authored with @natashenka. We also dive into how AI features are rapidly changing the modern mobile attack surface. 🎧 open.spotify.com/episode/3XB…

Threat actors are impersonating real recruiters and sending bulk, tailored phishing emails by using ChatGPT, your public LinkedIn profiles, and a tool known as blinq. More details: jaiminton.com/internal-blog/…

I asked ChatGPT to create a graphic depicting Adversarial AI. 😂

Meet our new friend, Starchild-1 ❤️ Starchild-1 is the first ever real-time multimodal world model. A world model understands and simulates the world. Starchild-1 has learned to generate not just the visuals of the world, but the sounds of it too!

🤔 Can you truly dismantle what you don't know how to build...? In my upcoming @BlackHatEvents 2-day training, we’re using modern LLVM pipelines to write the same obfuscation passes used by nation-states. Once you see the "why" behind the transform, the "how" of the reversal becomes more apparent. Learn how compilers work effectively so you can too 😉 ⏳ Early bird pricing ends May 22. Join me in Vegas: 🔗 blackhat.com/us-26/training/…

This is an excellent and comprehensive deep dive into EDRs and how they work 👇

The latest episode of Behind the Binary is here! Debugger architect Xusheng Li (@vector35 ) breaks down why Time Travel Debugging (TTD) is the future of debugging—from solving the "granularity problem" in malware analysis to catching hardware-level microcode bugs. 🎧 podcasts.apple.com/us/podcas…

Microsoft reports an evolving macOS infostealer campaign using ClickFix-style instructions hidden in blog posts and user-driven platforms. Posing as system utility fixes, the commands load stealers such as Macsync, Shub Stealer and AMOS. microsoft.com/en-us/security…

I trust AI to plan vacations, but analyzing malware and producing a final report? Not so much. If you’re looking for a way to start using AI to support parts of your workflow, watch this: youtu.be/4ok4e0Jvy_4

Episode 95: Vigilant Labs director Mark Dowd joins the show to shed light on the state of offensive research, the economics of the exploit market, and why "Mark Dowd in a box" isn't quite the threat the AI hype machine suggests. He talks through the daily stresses of running an offensive shop, how AI is reshaping vulnerability discovery, exploit development, and the pricing of full exploit chains. Plus, thoughts on Lockdown Mode and Apple's MIE, whether mitigations actually work or just push attackers toward less access, the rise of HarmonyOS and the Balkanization of device security, persistence, baseband attacks, GrapheneOS, and Samsung Knox. We discuss customer vetting and OpSec fears, policymakers who've never written an exploit, and the strange afterlife of The Art of Software Security Assessment, the 20-year-old book now possibly training data for the very tools coming for his job. @mdowd @juanandres_gs @craiu @wearetlpblack YouTube youtu.be/NEDlOKHG8nY?si=19wE…

New Video: Build your own LLM dynamic analysis lab 🦔🎥 ➡️ AI debugs and unpacks with x64dbg ➡️ AI can access powershell terminal youtube.com/watch?v=QrWzRgPs…

Adobe has confirmed our findings and has issued an emergency security update for all Adobe Reader (and other affected products) users. helpx.adobe.com/security/pro… The underlying exploited zero-day vulnerability has been rated Critical (CVSS 9.6) and is tracked as CVE-2026-34621. It appears that Adobe has determined the bug can lead to arbitrary code execution — not just an information leak. This aligns with our findings and those of other security researchers over the last few days. EXPMON would like to thank Adobe for releasing this emergency security update quickly to help protect users. UPDATE NOW! #expmon #zeroday #0day #pdf #adobereader #CVE-2026-34621

🌚🚀

ClickFix technique uses Script Editor instead of Terminal on macOS jamf.com/blog/clickfix-macos… innovative

Episode 4 of Breach Log is now out! In this episode I'm joined by Cameron Cottam who tells his story about responding to a critical alert at 2am. Enjoy. Spotify: open.spotify.com/episode/26L… Other Providers: creators.spotify.com/pod/pro…

📢 Live stream this Thursday with @allthingsida! We're chatting: - QScripts: Improving the iteration speed of script development. - idacpp: Using C for robust plugin development. - eject_idb: Best practices for database management and portability. - idasql: Interacting with IDA databases using SQL queries. - windbg_agent: Practical integration between IDA and WinDbg. 🔔 youtube.com/live/rYnxLsNqE2g

🔥 Ready to chat about IDA productivity tools?! @allthingsida joins the stream Thursday April 9th to do just that: - QScripts - idacpp - eject_idb - idasql - windbg_agent Join us on YouTube -> youtube.com/live/rYnxLsNqE2g…

🎉 We’ve released capa v9.4 with 26 new rules and various performance improvements. Additionally, the standalone tool now supports Ghidra as a feature extraction backend. Check out the release for more details 👉 github.com/mandiant/capa/rel…

Liftoff. The Artemis II mission launched from @NASAKennedy at 6:35pm ET (2235 UTC), propelling four astronauts on a journey around the Moon. Artemis II will pave the way for future Moon landings, as well as the next giant leap — astronauts on Mars.

🎙️ You may have heard of the Glupteba botnet, but did you know @Google didn't just disrupt it—they sued the operators? In a wild twist, the Russian operators didn't stay in the shadows. They hired a US attorney and showed up in a New York court to fight back. In the latest episode of Behind the Binary, @pmbureau discusses the wild tale of the technical and legal takedown! 🎧 Listen here: open.spotify.com/episode/0Tg…