Alexandre Borges
@alexandreborges.bsky.social
Vulnerability Researcher | Exploit Developer (speaker 3x at DEF CON)
Pinned
So far, I have already written 15 articles (1045 pages), which have been published on my blog:
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
Mojo GPU Puzzles:
puzzles.modular.com/introduction...
#crypto #gpu #python #infosec #informationsecurity #programming
puzzles.modular.com/introduction...
#crypto #gpu #python #infosec #informationsecurity #programming
November 11, 2025 at 8:16 PM
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices:
unit42.paloaltonetworks.com/landfall-is-...
#exploitation #spyware #rce #infosec #cybersecurity #mobilesecurity #samsung #android #rce #vulnerability
unit42.paloaltonetworks.com/landfall-is-...
#exploitation #spyware #rce #infosec #cybersecurity #mobilesecurity #samsung #android #rce #vulnerability
November 8, 2025 at 12:25 AM
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices:
unit42.paloaltonetworks.com/landfall-is-...
#exploitation #spyware #rce #infosec #cybersecurity #mobilesecurity #samsung #android #rce #vulnerability
unit42.paloaltonetworks.com/landfall-is-...
#exploitation #spyware #rce #infosec #cybersecurity #mobilesecurity #samsung #android #rce #vulnerability
Evading Elastic EDR's call stack signatures with call gadgets:
offsec.almond.consulting/evading-elas...
#edr #hacking #evasion #cybersecurity #informationsecurity #windows #programming #elastic
offsec.almond.consulting/evading-elas...
#edr #hacking #evasion #cybersecurity #informationsecurity #windows #programming #elastic
November 7, 2025 at 11:14 PM
Evading Elastic EDR's call stack signatures with call gadgets:
offsec.almond.consulting/evading-elas...
#edr #hacking #evasion #cybersecurity #informationsecurity #windows #programming #elastic
offsec.almond.consulting/evading-elas...
#edr #hacking #evasion #cybersecurity #informationsecurity #windows #programming #elastic
Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer:
starlabs.sg/blog/2025/11...
#cybersecurity #exploitation #printer #exploit #vulnerability
starlabs.sg/blog/2025/11...
#cybersecurity #exploitation #printer #exploit #vulnerability
November 7, 2025 at 1:14 AM
Breaking Into a Brother (MFC-J1010DW): Three Security Flaws in a Seemingly Innocent Printer:
starlabs.sg/blog/2025/11...
#cybersecurity #exploitation #printer #exploit #vulnerability
starlabs.sg/blog/2025/11...
#cybersecurity #exploitation #printer #exploit #vulnerability
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia:
techcrunch.com/2025/11/03/h...
#exploit #exploitation #zeroday #infosec #informationsecurity #cybersecurity
techcrunch.com/2025/11/03/h...
#exploit #exploitation #zeroday #infosec #informationsecurity #cybersecurity
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia | TechCrunch
Peter Williams sold eight exploits to a Russian zero-day broker by smuggling them from his employer’s highly secured air-gapped network. A court document, plus exclusive reporting by TechCrunch and in...
techcrunch.com
November 4, 2025 at 9:16 PM
How an ex-L3Harris Trenchant boss stole and sold cyber exploits to Russia:
techcrunch.com/2025/11/03/h...
#exploit #exploitation #zeroday #infosec #informationsecurity #cybersecurity
techcrunch.com/2025/11/03/h...
#exploit #exploitation #zeroday #infosec #informationsecurity #cybersecurity
Operation South Star: 0-day Espionage Campaign Targeting Domestic Mobile Phones:
ti.qianxin.com/blog/article...
#exploitation #exploit #threathunting #infosec #vulnerability #mobile #0day #dfir
ti.qianxin.com/blog/article...
#exploitation #exploit #threathunting #infosec #vulnerability #mobile #0day #dfir
November 4, 2025 at 1:38 PM
Operation South Star: 0-day Espionage Campaign Targeting Domestic Mobile Phones:
ti.qianxin.com/blog/article...
#exploitation #exploit #threathunting #infosec #vulnerability #mobile #0day #dfir
ti.qianxin.com/blog/article...
#exploitation #exploit #threathunting #infosec #vulnerability #mobile #0day #dfir
The cryptography behind electronic passports:
blog.trailofbits.com/2025/10/31/t...
#crypto #informationsecurity #cybersecurity #cryptography
blog.trailofbits.com/2025/10/31/t...
#crypto #informationsecurity #cybersecurity #cryptography
October 31, 2025 at 1:58 PM
The cryptography behind electronic passports:
blog.trailofbits.com/2025/10/31/t...
#crypto #informationsecurity #cybersecurity #cryptography
blog.trailofbits.com/2025/10/31/t...
#crypto #informationsecurity #cybersecurity #cryptography
WSUS Deserialization Exploit in the Wild (CVE‑2025‑59287):
research.eye.security/wsus-deseria...
#windows #cve #exploit #cybersecurity #vulnerability #exploitation
research.eye.security/wsus-deseria...
#windows #cve #exploit #cybersecurity #vulnerability #exploitation
WSUS Deserialization Exploit in the Wild (CVE‑2025‑59287)
Today, our morning coffee was rudely interrupted by a critical alert from a customer’s Windows Server Update Services…
research.eye.security
October 25, 2025 at 12:47 AM
WSUS Deserialization Exploit in the Wild (CVE‑2025‑59287):
research.eye.security/wsus-deseria...
#windows #cve #exploit #cybersecurity #vulnerability #exploitation
research.eye.security/wsus-deseria...
#windows #cve #exploit #cybersecurity #vulnerability #exploitation
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236):
slcyber.io/assetnote-se...
#infosec #cybersecurity #deserialization #rce #exploit #exploitation #cve
slcyber.io/assetnote-se...
#infosec #cybersecurity #deserialization #rce #exploit #exploitation #cve
October 24, 2025 at 4:00 PM
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236):
slcyber.io/assetnote-se...
#infosec #cybersecurity #deserialization #rce #exploit #exploitation #cve
slcyber.io/assetnote-se...
#infosec #cybersecurity #deserialization #rce #exploit #exploitation #cve
Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update:
iverify.io/blog/key-ioc...
#cybersecurity #infosec #pegasus #ios #spyware #dfir #digitalforensics #threathunting
iverify.io/blog/key-ioc...
#cybersecurity #infosec #pegasus #ios #spyware #dfir #digitalforensics #threathunting
Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update
iOS 26 changes how shutdown logs are handled, erasing key evidence of Pegasus and Predator spyware, creating new challenges for forensic investigators
iverify.io
October 24, 2025 at 2:03 PM
Key IOCs for Pegasus and Predator Spyware Cleaned With iOS 26 Update:
iverify.io/blog/key-ioc...
#cybersecurity #infosec #pegasus #ios #spyware #dfir #digitalforensics #threathunting
iverify.io/blog/key-ioc...
#cybersecurity #infosec #pegasus #ios #spyware #dfir #digitalforensics #threathunting
Implementing a Persistent Key-Value Store in a Tamper-Resistant Device for SGX Enclave Applications:
dl.acm.org/doi/abs/10.1...
#sgx #cybersecurity #dataprotection #enclave #informationsecurity
dl.acm.org/doi/abs/10.1...
#sgx #cybersecurity #dataprotection #enclave #informationsecurity
October 23, 2025 at 1:48 AM
Implementing a Persistent Key-Value Store in a Tamper-Resistant Device for SGX Enclave Applications:
dl.acm.org/doi/abs/10.1...
#sgx #cybersecurity #dataprotection #enclave #informationsecurity
dl.acm.org/doi/abs/10.1...
#sgx #cybersecurity #dataprotection #enclave #informationsecurity
Complete WebSocket Traffic Control with advanced proxy, simulation, and blocking capabilities:
github.com/law-chain-ho...
#websocket #proxy #cyberattack #webapp #infosec #cybersecurity
github.com/law-chain-ho...
#websocket #proxy #cyberattack #webapp #infosec #cybersecurity
GitHub - law-chain-hot/websocket-devtools: Complete WebSocket Traffic Control with advanced proxy, simulation, and blocking capabilities|专业的WebSocket调试工具,提供监控、消息模拟和流量拦截等功能
Complete WebSocket Traffic Control with advanced proxy, simulation, and blocking capabilities|专业的WebSocket调试工具,提供监控、消息模拟和流量拦截等功能 - law-chain-hot/websocket-devtools
github.com
October 10, 2025 at 1:10 PM
Complete WebSocket Traffic Control with advanced proxy, simulation, and blocking capabilities:
github.com/law-chain-ho...
#websocket #proxy #cyberattack #webapp #infosec #cybersecurity
github.com/law-chain-ho...
#websocket #proxy #cyberattack #webapp #infosec #cybersecurity
Memory Allocation in Go:
nghiant3223.github.io/2025/06/03/m...
#cybersecurity #informationsecurity #internals #golang #memory
nghiant3223.github.io/2025/06/03/m...
#cybersecurity #informationsecurity #internals #golang #memory
September 23, 2025 at 9:02 PM
Memory Allocation in Go:
nghiant3223.github.io/2025/06/03/m...
#cybersecurity #informationsecurity #internals #golang #memory
nghiant3223.github.io/2025/06/03/m...
#cybersecurity #informationsecurity #internals #golang #memory
Fantastic Rootkits: And Where to Find Them:
+ part_1: www.cyberark.com/resources/al...
+ part_2: www.cyberark.com/resources/al...
+ part_3: www.cyberark.com/resources/th...
#rootkit #windows #cybersecurity #malware #arm #informationsecurity
+ part_1: www.cyberark.com/resources/al...
+ part_2: www.cyberark.com/resources/al...
+ part_3: www.cyberark.com/resources/th...
#rootkit #windows #cybersecurity #malware #arm #informationsecurity
September 22, 2025 at 5:38 PM
Fantastic Rootkits: And Where to Find Them:
+ part_1: www.cyberark.com/resources/al...
+ part_2: www.cyberark.com/resources/al...
+ part_3: www.cyberark.com/resources/th...
#rootkit #windows #cybersecurity #malware #arm #informationsecurity
+ part_1: www.cyberark.com/resources/al...
+ part_2: www.cyberark.com/resources/al...
+ part_3: www.cyberark.com/resources/th...
#rootkit #windows #cybersecurity #malware #arm #informationsecurity
Race Against Time in the Kernel’s Clockwork:
streypaws.github.io/posts/Race-A...
#kernel #vulnerability #linux #cybersecurity #exploitation #informationsecurity #android
streypaws.github.io/posts/Race-A...
#kernel #vulnerability #linux #cybersecurity #exploitation #informationsecurity #android
September 13, 2025 at 2:36 PM
Race Against Time in the Kernel’s Clockwork:
streypaws.github.io/posts/Race-A...
#kernel #vulnerability #linux #cybersecurity #exploitation #informationsecurity #android
streypaws.github.io/posts/Race-A...
#kernel #vulnerability #linux #cybersecurity #exploitation #informationsecurity #android
Anatomy of a Billion-Download NPM Supply-Chain Attack:
jdstaerk.substack.com/p/we-just-fo...
github.com/Qix-/node-er...
#supplychainattack #npm #cybersecurity #malware #informationsecurity
jdstaerk.substack.com/p/we-just-fo...
github.com/Qix-/node-er...
#supplychainattack #npm #cybersecurity #malware #informationsecurity
September 8, 2025 at 11:08 PM
Anatomy of a Billion-Download NPM Supply-Chain Attack:
jdstaerk.substack.com/p/we-just-fo...
github.com/Qix-/node-er...
#supplychainattack #npm #cybersecurity #malware #informationsecurity
jdstaerk.substack.com/p/we-just-fo...
github.com/Qix-/node-er...
#supplychainattack #npm #cybersecurity #malware #informationsecurity
Secondary Context Path Traversal in Omnissa Workspace ONE UEM:
slcyber.io/assetnote-se...
#cybersecurity #vulnerability #hacking #securecode #exploitation
slcyber.io/assetnote-se...
#cybersecurity #vulnerability #hacking #securecode #exploitation
September 8, 2025 at 2:02 PM
Secondary Context Path Traversal in Omnissa Workspace ONE UEM:
slcyber.io/assetnote-se...
#cybersecurity #vulnerability #hacking #securecode #exploitation
slcyber.io/assetnote-se...
#cybersecurity #vulnerability #hacking #securecode #exploitation
A Novel Technique for SQL Injection in PDO’s Prepared Statements:
slcyber.io/assetnote-se...
#cybersecurity #hacking #websecurity #webapp #pentest #sql
slcyber.io/assetnote-se...
#cybersecurity #hacking #websecurity #webapp #pentest #sql
September 7, 2025 at 4:27 PM
A Novel Technique for SQL Injection in PDO’s Prepared Statements:
slcyber.io/assetnote-se...
#cybersecurity #hacking #websecurity #webapp #pentest #sql
slcyber.io/assetnote-se...
#cybersecurity #hacking #websecurity #webapp #pentest #sql
What is a CUDA Device Architecture?
modal.com/gpu-glossary...
#gpu #hardware #documentation #informationsecurity #cuda
modal.com/gpu-glossary...
#gpu #hardware #documentation #informationsecurity #cuda
August 14, 2025 at 12:03 AM
What is a CUDA Device Architecture?
modal.com/gpu-glossary...
#gpu #hardware #documentation #informationsecurity #cuda
modal.com/gpu-glossary...
#gpu #hardware #documentation #informationsecurity #cuda
So far, I have already written 15 articles (1045 pages), which have been published on my blog:
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
August 11, 2025 at 2:12 PM
So far, I have already written 15 articles (1045 pages), which have been published on my blog:
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
blog: exploitreversing.com
Series:
[+] ERS: Exploiting Reversing Series
[+] MAS: Malware Analysis Series
Enjoy reading and have a great day.
#windows #iOS #macOS #chrome #kernel #vulnerability
Malwoverview version 6.2 has been released:
github.com/alexandrebor...
Read the project page to learn how to adapt the configuration file to the changes.
Note: Updating Malwoverview using pip is not enough.
#threathunting #dfir #malware #incidentresponse
github.com/alexandrebor...
Read the project page to learn how to adapt the configuration file to the changes.
Note: Updating Malwoverview using pip is not enough.
#threathunting #dfir #malware #incidentresponse
July 27, 2025 at 5:22 PM
Malwoverview version 6.2 has been released:
github.com/alexandrebor...
Read the project page to learn how to adapt the configuration file to the changes.
Note: Updating Malwoverview using pip is not enough.
#threathunting #dfir #malware #incidentresponse
github.com/alexandrebor...
Read the project page to learn how to adapt the configuration file to the changes.
Note: Updating Malwoverview using pip is not enough.
#threathunting #dfir #malware #incidentresponse
[CVE-2025-38001] Exploiting All Google kernelCTF Instances And Debian 12 With A 0-Day For $82k: A RBTree Family Drama (Part One: LTS & COS):
syst3mfailure.io/rbtree-famil...
#cybersecurity #informationsecurity #exploitation #google #kernel #linux #cybersecurity #zeroday
syst3mfailure.io/rbtree-famil...
#cybersecurity #informationsecurity #exploitation #google #kernel #linux #cybersecurity #zeroday
July 12, 2025 at 2:06 PM
[CVE-2025-38001] Exploiting All Google kernelCTF Instances And Debian 12 With A 0-Day For $82k: A RBTree Family Drama (Part One: LTS & COS):
syst3mfailure.io/rbtree-famil...
#cybersecurity #informationsecurity #exploitation #google #kernel #linux #cybersecurity #zeroday
syst3mfailure.io/rbtree-famil...
#cybersecurity #informationsecurity #exploitation #google #kernel #linux #cybersecurity #zeroday
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke):
slcyber.io/assetnote-se...
#dotnet #infosec #informationsecurity #cybersecurity #exploitation #exploit
slcyber.io/assetnote-se...
#dotnet #infosec #informationsecurity #cybersecurity #exploitation #exploit
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke) › Searchlight Cyber
A pre-authentication vulnerability exists within DotNetNuke versions 6.0 to 10.0.1, assigned CVE-2025-52488, that allows attackers to steal NTLM hashes.
slcyber.io
July 11, 2025 at 4:08 PM
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke):
slcyber.io/assetnote-se...
#dotnet #infosec #informationsecurity #cybersecurity #exploitation #exploit
slcyber.io/assetnote-se...
#dotnet #infosec #informationsecurity #cybersecurity #exploitation #exploit
Pwning Solana for Fun and Profit - Exploiting a Subtle Rust Bug for Validator RCE and Money-Printing:
anatomi.st/blog/2025_06...
#cybersecurity #exploiting #exploitation #infosec #informationsecurity #rce #web3 #rust
anatomi.st/blog/2025_06...
#cybersecurity #exploiting #exploitation #infosec #informationsecurity #rce #web3 #rust
June 30, 2025 at 11:31 PM
Pwning Solana for Fun and Profit - Exploiting a Subtle Rust Bug for Validator RCE and Money-Printing:
anatomi.st/blog/2025_06...
#cybersecurity #exploiting #exploitation #infosec #informationsecurity #rce #web3 #rust
anatomi.st/blog/2025_06...
#cybersecurity #exploiting #exploitation #infosec #informationsecurity #rce #web3 #rust
Phantom Persistence:
blog.phantomsec.tools/phantom-pers...
#cybersecurity #hacking #malware #informationsecurity #redteam #blueteam #programming
blog.phantomsec.tools/phantom-pers...
#cybersecurity #hacking #malware #informationsecurity #redteam #blueteam #programming
June 23, 2025 at 4:27 PM