Explore >> Select a destination
|
You are here 
|
blog.thalium.re | ||
| | | | |
comsecuris.com
|
|
| | | | | [AI summary] This blog post discusses a detailed exploit chain targeting a mobile phone's application processor OS through a compromised modem. The author outlines the process of identifying vulnerabilities in the baseband firmware, reverse engineering the MT6795's cellular stack layers, and attempting to fuzz the MM layer for potential memory corruption issues. The post also touches on the challenges of creating a persistent rootkit via the modem and the importance of hardware isolation in securing mobile platforms. | |
| | | | |
insinuator.net
|
|
| | | | | Nowadays, Bluetooth is an integral part of mobile devices. Smartphones interconnect with smartwatches and wireless headphones. By default, most devices are configured to accept Bluetooth connections from any nearby unauthenticated device. Bluetooth packets are processed by the Bluetooth chip (also called a controller), and then passed to the host (Android, Linux, etc.). Both, the firmware on ... | |
| | | | |
blog.quarkslab.com
|
|
| | | | | Following our presentation at Black Hat USA, in this blog post we provide some details on CVE-2022-20233, the latest vulnerability we found on Titan M, and how we exploited it to obtain code execution on the chip. | |
| | | | |
www.sysdig.com
|
|
| | | CVE-2025-49844 (RediShell) is a critical Redis remote code execution vulnerability (CVSS 10.0) affecting all versions with Lua scripting. Discovered by Wiz and patched on October 3 2025, it allows authenticated users to gain host access. Learn how it works, who's affected, and how to detect and mitigate it. | ||
