# Agentic ProbLLMs: Exploiting AI Computer-Use And Coding Agents (39C3 Video + Slides) It was great to attend the `39C3 – Power Cycles` in Hamburg this year. The Chaos Communication Congress was once again packed with great talks, amazing people, awesome events and side quests – and I even got […]

**Want to learn how to start fuzzing?** Check out our Fuzzing 101 course at gh.io/fuzzing101 > # Bugs that survive the heat of continuous fuzzing Learn why some long-enrolled OSS-Fuzz projects still contain vulnerabilities and how you can find them. Even when a project has been intensively fuzzed for years, […]

Every day, thousands of web services generate PDF (Portable Document Format) files—bills, contracts, reports. This step is often treated as a technical routine, “just convert the HTML,” but in practice it’s exactly where a trust boundary is crossed. The renderer parses HTML, downloads external resources, processes fonts, SVGs, and images, […]

The open source ecosystem continues to face organized, adaptive supply chain threats that spread through compromised credentials and malicious package lifecycle scripts. The most recent example is the multi-wave Shai-Hulud campaign. While individual incidents differ in their mechanics and speed, the pattern is consistent: Adversaries learn quickly, target maintainer workflows, […]

# Livewire: remote command execution through unmarshaling However, this mechanism comes with a critical vulnerability: a dangerous unmarshalling process can be exploited as long as an attacker is in possession of the APP_KEY of the application. By crafting malicious payloads, attackers can manipulate Livewire’s hydration process to execute arbitrary code, […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

/ **security-research** Public # Palo Alto Vulnerability Report ## Package No package listed ## Affected versions TBD ## Patched versions TBD ## Description ### Impact Vendor Palo Alto Networks ### Affected Product PA-54xx All supported versions of PAN-OS. Tested: PAN-OS 10.x – 10.2.16-h1 PAN-OS 11x – 11.2.1 ### Important Dates […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]