30 October 2024

An analysis of the Keycloak authentication system

Earlier this year, I was working […]

Read more

9 October 2024

Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 3

In the previous part of the […]

Read more

2 October 2024

Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 2

Welcome back! We concluded the previous […]

Read more

25 September 2024

Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1

After attending the OST2 – Exp4011 […]

Read more

28 May 2024

Multiple vulnerabilities in Eclipse ThreadX

“Why don’t you pick on projects […]

Read more

7 May 2024

Multiple vulnerabilities in RIOT OS

“Where there is parsing, there are […]

Read more

5 March 2024

Multiple vulnerabilities in RT-Thread RTOS

“Security is in the mind of […]

Read more

7 November 2023

OST2, Zephyr RTOS, and a bunch of CVEs

“When hackers tell me it’s so […]

Read more

18 January 2023

Nothing new under the Sun – Discovering and exploiting a CDE bug chain

“What has been will be again, […]

Read more

22 August 2022

Useless path traversals in Zyxel admin interface (CVE-2022-2030)

During our analysis of Zyxel’s device […]

Read more

26 July 2022

Zyxel authentication bypass patch analysis (CVE-2022-0342)

A few months ago, new firmware […]

Read more

7 June 2022

Multiple vulnerabilities in Zyxel zysh

“We live on a placid island […]

Read more