1+ week, 7+ hour ago  (478+ words) Two weeks ago we told you about how we used AI to find a radare2 0-day, and the day after that, an auth bypass in NSA's Ghidra Server that has been hiding in plain sight since 2019. Some of you were, understandably,…...

2+ week, 5+ day ago  (853+ words) He shared exploit. py with me. Two problems: It imported rsync_lib, which wasn't in the repo. He just forgotto share it. Claude had generated this custom protocol library tohandle all the heavy lifting: daemon handshake, multiplexed I/O, file list parsing,…...

4+ week, 1+ day ago  (275+ words) It started like this: Vim maintainers fixed the issue immediately. Everybody is encouraged to upgrade to Vim v9. 2. 0272. Full advisory can be found here. The original prompt was simple: Somebody told me there is an RCE 0-day when you open a…...