36 - Zoom-ers, VM Escapes, and Pegasus Resurfaces

First, we talk about Facebook trying to buy some spyware, and then we feast upon a number of Zoom "vulns." Follow that up wtih some interesting vulnerabilities including a hyper-visor Guest-to-host escape, a complicated Safari permissions bypass, and a Gitlab Parser Differential.
 

Learn Exploit Development While Not Dying from COVID-19

With so many countries recommending self-isolation in the past little while we thought it might be useful to recommend some excellent learning resources to help enable you make the most of the extra time you might find yourself with. These are generally solid resources that will also be entertaining and engaging to work through and a focus on beginner friendly resources. We've also put out a Youtube video discussing all of these points along with some side discussion about stuff like whether