We @binarly.bsky.social just open-sourced our VulHunt framework at RE//verse!
GitHub: github.com/vulhunt-re/v...
Documentation: vulhunt.re/docs
Slack: join.slack.com/t/vulhunt/sh...
vulhunt.re
Thanks for shout out!
Binarly's Alex Matrosov has launched SBOM Tools, a platform to compare and analyze SBOM files to understand software supply chain risks
sbom.tools
It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))
This research demonstrates how easily full persistence can be achieved on Supermicro BMC, allowing complete takeover of the server.
- CVE-2025-7937: bypassed “fix” for CVE-2024-10237.
- CVE-2025-6198: Supermicro RoT bypass.
www.binarly.io/blog/broken-...
Another Crack in the Chain of Trust: Uncovering (Yet Another) #SecureBoot Bypass
https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
#Hydroph0bia (CVE-2025-4275) - a trivial #SecureBoot bypass for UEFI-compatible firmware based on Insyde #H2O, part 1
https://coderush.me/hydroph0bia-part1/
We're are happy to announce a new release of our #Rust bindings for idalib.
What's new:
- New APIs for working with IDBs, segments, and more
- Rust 2024 support
- New homepage: idalib.rs
H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy
github.com/binarly-io/i...
Listening to @matrosov.bsky.social and @pagabuc.bsky.social at #RSAC
In case you missed it from #LABScon24: BINARLY’s @matrosov.bsky.social and @pagabuc.bsky.social reveal their research into a firmware supply-chain security issue that affected major device vendors and hundreds of models, PKfail.
📺 Watch the full video: s1.ai/PKfail
