quarkslab

"How does it even work?" The question that keeps hackers' hearts pumping, blood pressure rising, and curiosity growing. This is @virtualabs's reverse engineering journey into a cheap smartwatch that measures at least one of those. blog.quarkslab.com/nerd-life-week…

SPONSOR 📣 Today, we are very happy to announce the @quarkslab Gold level sponsoring 😍 📄 @quarkslab provides to companies Security Audit capabilities, Consulting expertise powered by its cutting edge R&D and Qshield, its comprehensive security suite 1/2

One bit flip to corrupt it all: Exploitation of an old Linux kernel vulnerability using PageJack, a modern technique to create Use After Free bugs. Here @AzazheI shows you how blog.quarkslab.com/pagejack-in-ac…

@quarkslab @kaluche_ We were not careful enough and run into that NDA when reporting Avast bugs. To their credit Gendigital ended up being absolutely reasonable about it and greenlit the full disclosure. The truly shameful part is Bugcrowd default policy with the NDA. Very hostile.

🤯 Quarkslab spent five months trying to report vulns to security vendor Avira/Gen Digital but hit a deadlock because Gen Digital would only accept reports through their bug bounty platform (which required an NDA), so Quarkslab eventually just emailed the report and published after 90 days. This timeline explains the madness blog.quarkslab.com/avira-deserial…

If you glitch one, can you glitch many? Extracting automotive firmware is a challenge. @Phil_BARR3TT explains how he bypassed the IDCODE protection in several variants of the RH850 MCU family using both voltage glitching and side-channel analysis ⚡️🚗 blog.quarkslab.com/bypassing-debu…

Reverse engineers often spend a lot of time deciphering third-party firmware libraries. At RE//verse 2026 (Fri, 5 PM), Benoit & Sami will introduce SightHouse, an open-source tool to automatically identify third-party functions and speed up analysis. Join us!

Another antivirus 🛡️, another unfulfilled promise 😣. @kaluche_ turns Avira's protection into a privilege escalation playground. 3 LPE vectors via symlink abuse (CVE-2026-27748, CVE-2026-27750) and unsafe deserialization (CVE-2026-27749). Find out more: blog.quarkslab.com/avira-deserial…

Why macOS AVs shouldn’t trust PIDs 😄🍏 - new post by @Coiffeur0x90 Intego X9: XPC validation falls back to PID → PID reuse + posix_spawn() shenanigans 😏 ⇒ confused deputy / privileged methods abused 🤡🧨 Lesson: PID ≠ identity. blog.quarkslab.com/intego_lpe_mac…

You've never been more right to doubt your MacOS antivirus software 😥 Our latest research by @Coiffeur0x90 shows how Intego can be abused for Local Privilege Escalation Yes, the antivirus. Yes, as root. blog.quarkslab.com/intego_lpe_mac…

"Dr. Bytecode or: How I Learned to Stop Worrying and Obfuscate Java" A tale about how @farenain started his journey in Java software obfuscation. blog.quarkslab.com/how-to-write-y…

"Use a better system prompt" is the new "sanitize your inputs", but when your #AI agent's tools don't check permissions, you've got a problem and no amount of prompting will fix it. Check @kaluche_ 's post about #AgenticAI & the Confused Deputy issue ⬇️ blog.quarkslab.com/agentic-ai-the…

We conducted the first public third-party security assessment of EVerest, an open-source firmware stack for electric vehicle charging stations, deployed in hundreds of thousands of charging points worldwide. The audit was mandated by @OSTIFofficial 🙏 blog.quarkslab.com/everest-securi…

A decade is an eternity in security. 🛡️ Ten years ago, we released the Clang Hardening Cheat Sheet. Today, the landscape has changed. @0xTRIKKSS & @bcreusillet break down the latest mitigations to keep your code secure. 🔗Read the update: blog.quarkslab.com/clang-hardenin…

A modern tale of Blinkenlights, cheap Christmas shopping and curiosity, narrated by @dcauquil Firmware extraction and reverse engineering of a smartwatch FTW! blog.quarkslab.com/modern-tale-bl…

K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation. A story of endpoint post-exploitation by @kaluche_ blog.quarkslab.com/k7-antivirus-n…

Quarkslab is sponsoring @GrehackConf 2025! @rayanlecat is proposing an Active Directory Pwning workshop and our team #qsec will also be there for the CTF. Come & say hi!

Quarkslab engineers @RobinDavid1, @MihailKirov1 and Kaname just completed the first public security audit of Bitcoin Core, led by @OSTIFofficial and funded by @bitcoinbrink. Details on the blog post: blog.quarkslab.com/bitcoin-core-a… Congrats to developers for such software masterpiece !

🔥 Another returning sponsor for this year’s edition, @quarkslab ! Their team combines deep expertise in software security, cryptography and automotive systems to build tools and solutions that strengthen cybersecurity worldwide. 🧠🔐 🤝We thank them for their support!

We are pleased to announce that the KubeVirt Security Audit report has been published, in collaboration with @quarkslab and @OSTIFofficial Check out our blog post for all the details: kubevirt.io/2025/Announcin…