01 April 2025 Show Notes 00:00:28 Next.js and the corrupt middleware: the authorizing artifact 00:06:15 Pwning Millions of Smart Weighing Machines with API and Hardware Hacking 00:20:37 oss-sec: Three bypasses of Ubuntu's unprivileged user namespace restrictions Additional Links: https://discourse.ubuntu.com/t/understanding-apparmor-user-namespace-restriction/58007 00:32:10 CimFS: Crashing in memory, Finding SYSTEM (Kernel Edition) Additional Links: https://github.com/containerd/containerd/issues/8346 https://se.ri0.us/fuzzing-meme.png 00:43:18 Blasting Past Webp Additional Links: https://dayzerosec.com/podcast/234.html https://dayzerosec.com/podcast/218.html 00:47:50 We hacked Google’s A.I Gemini and leaked its source code (at least some part)