Arseniy Sharoglazov

🐘 Attack arithmetic: how an integer overflow in PostgreSQL libpq leads to denial of service. Our researcher Aleksey Solovev discovered the vulnerability CVE-2025-12818, which may cause a product using the libpq PostgreSQL library to crash. swarm.ptsecurity.com/attack-arithme…

🚨 Our researcher Alexander Zhurnakov identified two vulnerabilities in Dell Wyse Management Suite prior to version 5.5. In certain configurations, they can be chained to achieve unauthenticated remote code execution. Upgrade now → dell.com/support/kbdoc/…

📞 Microsoft fixed an authenticated RCE in Windows Telephony Service (CVE-2026-20931), discovered by our researcher Sergey Bliznyuk @justbronzebee Read the write-up: swarm.ptsecurity.com/whos-on-the-li…

📑 A new article from our researchers Aleksey Solovev, Nikita Sveshnikov and Vladimir Razov — "Blind trust: what is hidden behind the process of creating your PDF file?". swarm.ptsecurity.com/blind-trust-wh…

📱 New article by our researcher @Fi5t: Injection for an athlete. Read about a vulnerability discovered in the Garmin Connect mobile application: swarm.ptsecurity.com/injection-for-…

🌎 Positive Hack Talks lands in Brazil 🇧🇷! 📍 São Paulo 🗓️ Dec 10, 2025 REMINDER: PHT is a fun and free cybersec event, see last pics: phtalks.ptsecurity.com/saopaulo ⬆️ Register to attend or speak. Vamos!

New article by @a13xp0p0v: "Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel." Alexander used his pet project kernel-hack-drill to exploit a hard race condition that received the Pwnie Award 2025. swarm.ptsecurity.com/kernel-hack-dr…

🚨 We've launched dbugs.ptsecurity.com, a new home for vulnerabilities. More than CVEs. More than MITRE. ✅ Trends & Insights ✅ AI-generated, multi-source vulnerability descriptions ✅ Researcher credits ✅ [drop your own tip in the comments] Follow the project: @ptdbugs

👑 Our researcher has discovered LPE in VMWare Tools (CVE-2025-22230 & CVE-2025-22247) via VGAuth! Write-up by the one who broke it: Sergey Bliznyuk (@justbronzebee) swarm.ptsecurity.com/the-guest-who-…

😈 Read the new article "Daemon Ex Plist: LPE via MacOS Daemons" by our researcher Egor Filatov. This research reveals a vulnerability affecting popular apps like Mozilla VPN, Tunnelblick & more. swarm.ptsecurity.com/daemon-ex-plis…

🧠 Our researcher Sergey Tarasov discovered a vulnerability (CVE-2025-49689) in NTFS on MS Windows. The article dives into the exploitation path, file system internals, VHD format, and more. 🔗 Read the article: swarm.ptsecurity.com/buried-in-the-…

🦊 Mozilla Foundation fixed CVE-2025-6430, discovered by our researcher Daniil Satyaev! This vulnerability allows the Content-Disposition: attachment header to be ignored if the page is opened using <embed> or <object>, resulting in files being displayed instead of downloaded.

⚡️ FreeIPA fixed critical CVE-2025-4404, discovered by our researcher Mikhail Sukhov! This vulnerability allows an authenticated attacker to escalate privileges from host to domain admin. 🔗 Advisory: freeipa.org/release-notes/…

📢 Positive Hack Talks is heading to Indonesia 🇮🇩! 📍 Jakarta 🗓 July 23, 2025 Join us for a free in-person hacker event — everyone’s welcome! CFP & attendee registration now open ⬇️ phtalks.ptsecurity.com/jakarta phtalks.ptsecurity.com/jakarta

🔥 Microsoft fixed CVE-2025-47955, discovered by our researcher Sergey Bliznyuk! This vulnerability allows a locally authenticated attacker to elevate privileges to SYSTEM via the Windows RasMan service. 🔗 Advisory: msrc.microsoft.com/update-guide/e…

⚠️ We’ve reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

🔥 Last barrier destroyed: The compromise of Fuse Encryption Key in Intel CPUs! Full story by our researcher @_markel___ swarm.ptsecurity.com/last-barrier-d…

📟 Our researcher a1exdandy has uncovered vulnerabilities in GD32 microcontrollers (GigaDevice) that bypass protection mechanisms, allowing memory extraction. The article 👉 swarm.ptsecurity.com/gigavulnerabil…

📢 Positive Hack Talks is heading to Egypt 🇪🇬! 📍 Cairo, Egypt 🗓️ Feb 26, 2025 We invite everyone to our in-person hacker event 😊 Sign up for CFP & Participants ⬇️ phtalks.ptsecurity.com

@5mukx Cool setup. Nice. I learned debugging on Linux simply because I hate OllyDbg 64 🙈

@_mohemiv Implementing Process Ghosting technique in Rust... mannn ... spent whole day for debugging : )

I'm cooked nerds : |