codeneverdies

Gained two CVEs this week. National Instruments ships on every defense contractor, chip fab, NASA test stand, and national lab in the country. their core kernel driver nipalk.sys is EV signed and valid through 2027. arbitrary physical memory read/write with zero authentication. CVE-2026-8035. CVE-2026-8036.

The attack also works on physical machines- use a usb to com cable- get one that dont require its driver to download. It works all the way back to windows xp. I have no azure account-but I think that the emm driver is auto loaded even in not RE there. You can then without logging in still dump any process to none encrypted drive. ps. booting in safe mode dont trigger tpmlock but downgrade lsaiso to just ppl. pps. without login can also kill ppl process like defender. 3 times it stop starting again.

I wanted to address the speculation about the recently introduced Device Bound Session Credentials (DBSC) security feature in Google Chrome. Does it help increase the security of session cookies against infostealer malware and MFA phishing? The feature has been available and enabled by default since the Chrome 146 update (April 2026), if you're running Windows with a hardware-backed TPM security module (macOS support is coming in future updates). DBSC allows the browser to upgrade session cookies from long-lived to short-lived, requiring the browser to refresh them approximately every 10 minutes to maintain access to the user's account. > Does DBSC prevent account takeover by threat actors using a stolen session cookie obtained from the user's browser via infostealer malware? Yes (kind of). The extracted session cookie will be valid for up to 10 minutes from the time it is extracted. The attacker will be unable to maintain long-term access to the user's account. Still, the timeframe may be sufficient, for example, to exfiltrate the inbox if the attack is automated. The attacker cannot refresh the short-lived session cookie because it requires the private key (stored in the TPM) assigned to the account to sign the challenge. The malware cannot access the private keys stored in the TPM. > Does DBSC prevent account takeover by threat actors during a phishing attack? No. Servers need to provide legacy support for the browsers that do not yet support DBSC. By default, the server registers and sends a long-lived session cookie to the browser. If the server supports DBSC, it will announce the DBSC API endpoint URL in the `Secure-Session-Registration` HTTP header of the response packet that contains the long-lived session cookies. Only after the short-lived session cookie is registered via the DBSC API endpoint is the long-lived session cookie invalidated. When the attacker removes the `Secure-Session-Registration` HTTP header retrieved from the server during a phishing attack, the browser will continue using long-lived session cookies and assume the server does not support DBSC. In short, removing that HTTP header while proxying traffic during a phishing attack allows the attacker to maintain long-term access to the user's account using the stolen long-lived session cookie. I hope I've managed to clear up some confusion. On a related note, you will soon be able to simulate phishing attacks against Google Workspace accounts (and other websites) that bypass DBSC and MFA protections using Evilginx Pro with the Phishlets 2.0 update.

Thousands of GTA V Players Have Been Exposed After Cheat Service Has Been Hacked A GTA V cheat service called Atlas Menu has reportedly been hacked, exposing data linked to around 64,000 user accounts. The person behind the breach claims they gained full access to Atlas Menu’s systems and leaked the database online. This means user information tied to the service could now be in the hands of others.

Does Vanguard physically damage hardware? No. Does this impact hardware or software in any ways unrelated to Riot’s games? No. The IOMMU security protection does not impact hardware, and would only impact the ability of players using DMA cheat devices to play our games. Are normal players affected? Players not using DMA cheat hardware are unaffected. Why target DMA cheats? DMA-based cheats are among the most sophisticated forms of cheating because they attempt to bypass traditional software detection by accessing memory directly through external hardware. I’m affected by this. How do I fix it? To continue cheating in other titles with this device, you may simply disable IOMMU in BIOS in the same place that you enabled it. Of course, you still won’t be able to play our games with these cheat devices enabled. Why did Riot joke about “bricking” PCs? We didn’t. The “paperweight” comment was about VALORANT cheat devices that no longer work in VALORANT. No hardware is being damaged and no other functionalities are impacted.

All the people citing legality have no idea how this works, the sensational bullshitters like Pirat_Nation as well. It’s an IOMMU block, that is it. If you don’t know what that is: Google. - https://t.co/YDj76wmvGu - https://t.co/UhwNLb6rFJ You’re not going to suddenly have things on your PC stop working. The DMA device will stop working until you remove it. It will operate normally if you put it on a PC that doesn’t have the block. Never seen so many sweats worked up about something they couldn’t even explain with a gun to their head.

Hi vx-underground is 7 years old, as of 2 days ago. I forgot my own website birthday. Some of you who found vx-underground as early to mid teenagers are now adults. Some of you who found vx-underground while attending university are now in the work force. Some people who follow this account have unfortunately passed away. Some followers have been arrested. Some followers have already been released from prison. Some of you (including myself) have had children. A lot has changed over the past 7 years. The only thing that hasn't really changed is the website: free malware source code, samples, and papers, forever. Thank you for letting me serve the community. It has been a pleasure. I look forward to serving all of you for another ... unknown duration of time, probably a long time, I don't know. I'm not sure how long I'll do this, but I'm already 7 years deep.