The April 2025 Security Update Review

April 08, 2025 | Dustin Childs CONTINUE READING

(Web)Access (Un)Control

Blog post

(Web)Access (Un)Control

March 07, 2019
Advantech, SCADA, Research

Finding Unicorns: When the C++ Compiler Writes the Vuln

Blog post

Finding Unicorns: When the C++ Compiler Writes the Vuln

February 28, 2019
Microsoft, Visual Studio, Research

Using the Weblinks API to Reach JavaScript UAFs in Adobe Reader

Blog post

Using the Weblinks API to Reach JavaScript UAFs in Adobe Reader

February 06, 2019
Adobe, Acrobat, Research

Implementing Fuzz Logics with Dharma

Blog post

Implementing Fuzz Logics with Dharma

January 31, 2019
Dharma, Research, Foxit, Fuzzer

ZDI-18-1372 – The Elegant Bypass

Blog post

ZDI-18-1372 – The Elegant Bypass

December 21, 2018
Top 5, Adobe, Research

Really Check Errors: Pointing to the Object of your Desire

Blog post

Really Check Errors: Pointing to the Object of your Desire

December 20, 2018
Top 5, Apple, Research

An Insincere Form of Flattery: Impersonating Users on Microsoft Exchange

Blog post

An Insincere Form of Flattery: Impersonating Users on Microsoft Exchange

December 19, 2018
Top 5, Exchange, Research

Top 5 Day Two: Electron Boogaloo - A case for technodiversity

Blog post

Top 5 Day Two: Electron Boogaloo - A case for technodiversity

December 18, 2018
Top 5, Electron, Research

Seeing Double: Exploiting a Blind Spot in MemGC

Blog post

Seeing Double: Exploiting a Blind Spot in MemGC

December 17, 2018
Microsoft, Top 5, Research

When one corruption is not enough: Analyzing an Adobe Pwn2Own Exploit

Blog post

When one corruption is not enough: Analyzing an Adobe Pwn2Own Exploit

December 12, 2018
Adobe, Research, Pwn2Own