This challenge was solved with a memory corruption bug in Internet Explorer 5
for Solaris/SPARC, specifically in libwininet.so's Gopher+ handling.
The short version is:
FUN_0004e1c8 write a second logical body line
through a shifted pointer into a fixed stack buffer
Date: 2026-04-10
Analyst: nemesis
Classification: Trojan / Backdoor (Alien RAT variant)
Severity: CRITICAL
Campaign ID: CityOfSin (extracted from C2 callback UTM parameters)
Scope: CPUID official domain compromise affecting CPU-Z, HWMonitor, HWMonitor Pro, PerfMonitor 2, powerMAX + separately FileZilla
Status: Breach confirmed and fixed by CPUID; site was compromised ~6 hours on April 9-10, 2026
CPUID Statement: "A secondary feature (a side API) was compromised for approximately six hours [...] causing the main website to randomly display malicious links. Our signed original files were not compromised."
| ; x96 shellcode (x32+x64) by [email protected] | |
| ; yasm -f bin -o x96shell_msgbox x96shell_msgbox.asm | |
| section .text | |
| bits 32 | |
| _main: | |
| call entry | |
| entry: | |
| mov ax, cs | |
| sub ax, 0x23 | |
| jz retTo32b |
| /* | |
| * blasty-vs-fiwix.c -- by blasty <[email protected]> | |
| * | |
| * 0day exploit for Fiwix OS i386 (tested on Fiwix 1.7.0) | |
| * | |
| * THEY HAVE PLAYED US FOR ABSOLUTE FOOLS! | |
| * DO NOT TRUST SMALL UNIX-LIKE KERNELS! | |
| * | |
| * Fiwix OS has multiple TTY ioctl vulnerabilities that allow | |
| * arbitrary kernel memory read and write. |
| using System; | |
| using System.IO; | |
| using System.Security.Cryptography; | |
| using System.Runtime.Serialization.Formatters.Binary; | |
| namespace hawktracewsus | |
| { | |
| class Program | |
| { | |
| static void Main() |
hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.
3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.
I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:
By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k
| // based on https://gist.github.com/hax0kartik/e358ce447a4537bcef534aa8de84817c | |
| #include <idc.idc> | |
| static FuncDump(f, start) | |
| { | |
| auto ea, str, teststr; | |
| ea = start; | |
| while( ea != BADADDR ) |
| #include <idc.idc> | |
| static FuncDump(f, start) | |
| { | |
| auto ea, str, count, ref; | |
| auto end; | |
| auto teststr; | |
| ea = start; |
(or nearly so...)
GDB is undeniably an extremely versatile debugger, with the ability to add breakpoints, watchpoints, dump memory, registers, and the source code (along with its corresponding assembly). These features make it the perfect Swiss Army knife for most programmers. In addition to that, the possibility of implementing a 'GDB Stub' and automatically supporting GDB in your application makes it an almost universal debugger for a variety of tasks.
Qemu, like other virtual machines (such as 86Box), also implements debugging via GDB Stub, which enormously facilitates the development of bootloaders, operating systems, and more. The support for 32-bit and 64-bit code is quite good, and I have never seen any complaints about it. However, for 16-bit/real mode...
If you have ever tried to debug 16-bit code on Qemu, you know how painful it can be:
| /** | |
| * This DLL is designed for use in conjunction with the Ruler tool for | |
| * security testing related to the CVE-2024-21378 vulnerability, | |
| * specifically targeting MS Outlook. | |
| * | |
| * It can be used with the following command line syntax: | |
| * ruler [auth-params] form add-com [attack-params] --dll ./test.dll | |
| * Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch). | |
| * | |
| * After being loaded into MS Outlook, it sends the PC's hostname and |