infosex.exchange <3

You are probably looking for the infosec.exchange Mastodon instance

This host is mostly for my random stuff, and in little part acts like a well-intentioned placeholder for the typosquatted domain.

Discoverability and Archiving

Currently I'm using this host for saving the items from my own feeds to the Wayback Machine and provide in-links for search engines. I hate that I have to do this, but the non-sense ideology of Mastodon pretty much ruined the search feature for Fediverse as a whole, and this wasn't changed by the fact that they owned their mistake and implemented search eventually.

Yes, I (or anyone else) could do similar things with other peoples published feeds, regardless of the tantrum. No, you can't defederate this, because the process doesn't rely on an instance.

Gluttony Section for Search Engines

Binary packages for our radare2-Ghidra bridge released for Ghidra 11.4:

https://github.com/radareorg/ghidra-r2web/releases/tag/ghidra-11.4

I cut down the release to support the last 3 minor Ghidra versions (11.4, 11.3.x, 11.2.y), if you need supoort for older versions, please let us know by opening an Issue!

#Ghidra #radare2
this post | permalink
[RSS] RedirectionGuard: Mitigating unsafe junction traversal in Windows

https://msrc.microsoft.com/blog/2025/06/redirectionguard-mitigating-unsafe-junction-traversal-in-windows/
this post | permalink
[RSS] Sandbox Security Escapes in ColdFusion and Lucee (CVE-2025-30288 and CVE-2024-55354)

https://www.hoyahaxa.com/2025/06/sandbox-security-escapes-in-coldfusion.html
this post | permalink
Hungarian astronaut Tibor Kapu is on his way to space on Ax-4 \o/

https://www.youtube.com/watch?v=YAue1QljRg4
this post | permalink
#IBMi is affected by a user gaining elevated privileges due to an unqualified library call vulnerability in IBM Facsimile Support for i [CVE-2025-36004]

https://www.ibm.com/support/pages/node/7237732

Another one by @silentsignal !
this post | permalink
[RSS] Keiro Control authentication bypass (0-day?) #NoCVE

https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/
this post | permalink
[RSS] Finding a 27-year-old easter egg in the Power Mac G3 ROM

https://www.downtowndougbrown.com/2025/06/finding-a-27-year-old-easter-egg-in-the-power-mac-g3-rom/
this post | permalink
[RSS] CFCamp 2025 Slides - Understanding CFML Vulnerabilities, Exploits, and Attack Paths

https://www.hoyahaxa.com/2025/06/cfcamp-2025-slides-understanding-cfml.html

#coldfusion
this post | permalink
I updated the generated #Ghidra documentation I host for 11.4:

https://scrapco.de/ghidra_docs/

Here's the documentation for Decompiler Taint Operations:

https://scrapco.de/ghidra_docs/Features/DecompilerDependent/DecompilerTaint/DecompilerTaint.html
this post | permalink
#Ghidra 11.4 released with support for (external) taint engines in the decompiler:

https://github.com/NationalSecurityAgency/ghidra/releases/tag/Ghidra_11.4_build
this post | permalink
Next Page