# Never Trust the Output: Data Pollution in AI Agents and MCP > **Disclaimer:** This article is intended for educational purposes and security specialists conducting authorized testing. The author assumes no responsibility for any misuse of the information provided. Distribution of malicious software, system disruption, and privacy violations are punishable […]

– **Published:** 06 January 2026 at 15:31 UTC – **Updated:** 06 January 2026 at 15:31 UTC Over the last year, security researchers have shared a huge amount of work with the community through blog posts, presentations, and whitepapers. This is great, but it also means genuinely reusable techniques can get […]

**security-research** Public # TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Arbitrary Out-of-Bounds Write) ## Package ## Affected versions ## Patched versions ## Description #### Summary Multiple arbitrary Out-of-Bounds (OOB) `”` byte write vulnerabilities affecting the ARM Ampere Management Mode (MM) PCIe driver were discovered. This code is bundled into […]

**security-research** Public # TrustZone Break-in Vulnerabilities in Ampere UEFI MM Drivers (Buffer Overflow and Stack Information Leak) ## Package ## Affected versions ## Patched versions ## Description ### Summary A buffer overflow and stack information leak affecting the ARM Ampere Management Mode (MM) Boot Error Record Table (BERT) driver. This […]

# Windows ARM64 Internals: Pardon The Interruption! Interrupts on Windows for ARM ## Introduction Recently, I posted a blog which introduced some building blocks related to Windows on ARM (WoA) systems. I have always “known” that interrupts are fairly architecture-specific, and that the implementation of an “interrupt schema” can differ […]

# Agentic ProbLLMs: Exploiting AI Computer-Use And Coding Agents (39C3 Video + Slides) It was great to attend the `39C3 – Power Cycles` in Hamburg this year. The Chaos Communication Congress was once again packed with great talks, amazing people, awesome events and side quests – and I even got […]

**Want to learn how to start fuzzing?** Check out our Fuzzing 101 course at gh.io/fuzzing101 > # Bugs that survive the heat of continuous fuzzing Learn why some long-enrolled OSS-Fuzz projects still contain vulnerabilities and how you can find them. Even when a project has been intensively fuzzed for years, […]

Every day, thousands of web services generate PDF (Portable Document Format) files—bills, contracts, reports. This step is often treated as a technical routine, “just convert the HTML,” but in practice it’s exactly where a trust boundary is crossed. The renderer parses HTML, downloads external resources, processes fonts, SVGs, and images, […]

The open source ecosystem continues to face organized, adaptive supply chain threats that spread through compromised credentials and malicious package lifecycle scripts. The most recent example is the multi-wave Shai-Hulud campaign. While individual incidents differ in their mechanics and speed, the pattern is consistent: Adversaries learn quickly, target maintainer workflows, […]

# Livewire: remote command execution through unmarshaling However, this mechanism comes with a critical vulnerability: a dangerous unmarshalling process can be exploited as long as an attacker is in possession of the APP_KEY of the application. By crafting malicious payloads, attackers can manipulate Livewire’s hydration process to execute arbitrary code, […]