Skip to main content


We need to move to memory-safe image codecs (PNG, etc.) EVERYWHERE, including firmware. This is really scary. infosec.exchange/@dangoodin/11…


If you use a Windows or Linux device, it's vulnerable to a new post-exploit attack that can remotely install an undetectable backdoor at the UEFI level. Updates from just about every vendor available today. Impressive work from @matrosov and the rest of Binarly.

arstechnica.com/security/2023/…


in reply to Federico Mena Quintero

and just simplify the hell out of the firmware? If you need to be able to load an image (really??) you don't need 6 formats!