Podcast Episodes (Page 3)

A shorter episode this week, featuring some vulnerabilities impacting Google's AI and a SAML auth bypass.

VirtualBox has a very buggy driver, PostgreSQL has an Out of Bounds Access, and lifetime issues are demonstrated in Rust in "safe" code.

This week's episode features a cache deception issue, Joomla inherits a PHP bug, and a DOM clobbering exploit. Also covered is a race condition in Chrome's extension API published by project zero.

Linux becomes a CNA and takes a stance on managing CVEs for themselves, and underutilized fuzzing strategies are discussed.

In this bounty episode, some straightforward bugs were disclosed in GhostCMS and ClamAV, and Portswigger publishes their top 10 list of web hacking techniques from 2023.

Google makes some changes to their kCTF competition, and a few kernel bugs shake out of the LogMeIn and wlan VFS drivers.

DEF CON moves venues, the Canadian government moves to ban Flipper Zero, and some XSS issues affect Microsoft Whiteboard and Meta's Excalidraw.

Libfuzzer goes into maintenance-only mode and syslog vulnerabilities plague some vendors in this week's episode.

This week we have a crazy crypto fail where some Android devices had updates signed by publicly available private keys, as well as some Docker container escapes.

This week's binary episode features a range of topics from discussion on Pwn2Own's first automotive competition to an insane bug that broke ASLR on various Linux systems. At the lower level, we also have some bugs in UEFI, including one that can be used to bypass Windows Hypervisor Code Integrity mitigation.