On March 31, 2025, Apple released iOS 18.4, reportedly fixing 76 vulnerabilities. One of those vulnerabilities was in IOGPUFamily, a kernel driver responsible for handling communication with the GPU. Apple describes the issue as an out-of-bounds write: > IOGPUFamily > > Impact: An app may be able to cause unexpected […]

**DARKNAVY**, headquartered in Singapore and Shanghai, is an independent cybersecurity research and services organization. We are pioneers in **AVSS** (Adversarial Vulnerability Scoring System) and **quantitative security**, as well as the founding team behind the international hacking competition GEEKCON. Founded upon the legacy of KeenTeam, established in 2011 and globally recognized […]

# LinkPro: eBPF rootkit analysis During a digital investigation related to the compromise of an AWS-hosted infrastructure, a stealthy backdoor targeting GNU/Linux systems was discovered. This backdoor features functionalities relying on the installation of two eBPF modules, on the one hand to conceal itself, and on the other hand to […]

# Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office In June, 2025, Shubs Shah and I discovered a vulnerability in the online poker website ClubWPT Gold which would have allowed an attacker to fully access the core back office application that is used for all administrative site functionality. […]

# More Than DoS (Progress Telerik UI for ASP.NET AJAX Unsafe Reflection CVE-2025-3600) Welcome back. We’re excited to yet again publish memes under the guise of research and inevitably receive hate mail. But today, we’ll be doing something slightly different to normal. “Wow, watchTowr, will you actually be publishing useful […]

Since we launched the public Apple Security Bounty program in 2020, we’re proud to have awarded over $35 million to more than 800 security researchers, with multiple individual reports earning $500,000 rewards. We’re grateful to everyone who submitted their research and worked closely with us to help protect our users. […]

## Introduction The digital threat landscape is in a constant state of flux, with attackers perpetually seeking new avenues to compromise users and corporate environments. As a result, the Edge browser security team must remain vigilant, adapting to both emerging and evolving threats. The team recently received intelligence indicating that […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]