This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

# Quantum readiness: Hybridizing key exchanges Following our previous article on signatures hybridization, this article covers the basics of hybridizing your key exchanges to ensure maximal security of your data. Looking to improve your skills? Discover our **trainings** sessions! Learn more. More urgently than digital signature schemes, the way we […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

# Exploit Development: Unveiling Windows ARM64 Pointer Authentication (PAC) > This blog post is from the original post I made on the Prelude Security blog. The original can be found here. ## Introduction Pointer Authentication Code, or PAC, is an anti-exploit/memory-corruption feature that signs pointers so their use (as code […]

On March 31, 2025, Apple released iOS 18.4, reportedly fixing 76 vulnerabilities. One of those vulnerabilities was in IOGPUFamily, a kernel driver responsible for handling communication with the GPU. Apple describes the issue as an out-of-bounds write: > IOGPUFamily > > Impact: An app may be able to cause unexpected […]

**DARKNAVY**, headquartered in Singapore and Shanghai, is an independent cybersecurity research and services organization. We are pioneers in **AVSS** (Adversarial Vulnerability Scoring System) and **quantitative security**, as well as the founding team behind the international hacking competition GEEKCON. Founded upon the legacy of KeenTeam, established in 2011 and globally recognized […]

# LinkPro: eBPF rootkit analysis During a digital investigation related to the compromise of an AWS-hosted infrastructure, a stealthy backdoor targeting GNU/Linux systems was discovered. This backdoor features functionalities relying on the installation of two eBPF modules, on the one hand to conceal itself, and on the other hand to […]

# Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office In June, 2025, Shubs Shah and I discovered a vulnerability in the online poker website ClubWPT Gold which would have allowed an attacker to fully access the core back office application that is used for all administrative site functionality. […]