← Find more feeds

blog.quarkslab.com

Quarkslab's blog

Get the latest updates from Quarkslab's blog directly as they happen.

Follow now 98 followers

Latest posts

Last updated 18 days ago

ControlPlane Local Privilege Escalation Vulnerability on macOS

18 days ago

Introduction ControlPlane, originally a fork of MarcoPolo, is a powerful open-source context-aware...

Read full

When too much access is not enough: a story about Confluence and tokens

about 1 month ago

Introduction During engagements, we frequently come across Confluence instances. Confluence is a...

Read full

Getting started with Wirego

about 2 months ago

Context When reversing a protocol, we usually start with a capture of...

Read full

ProxyBlobing into your network

3 months ago

Introduction At Quarkslab, we focus on the impact an attacker can have...

Read full

Auditing Moodle's core hunting for logical bugs

3 months ago

Foreword Before anything else, I would like to remind you how important...

Read full

Security audit of PHP-SRC

4 months ago

Introduction The Open Source Technology Improvement Fund, Inc, thanks to funding provided...

Read full

A small bug in the signature verification of AOSP OTA packages

4 months ago

Introduction In this post, we will explore how OTA package authentication works...

Read full

CCleaner Local Privilege Escalation Vulnerability on macOS

4 months ago

Introduction CCleaner is a widely recognized system optimization tool designed to assist...

Read full

Finding bugs in implementations of HQC, the fifth post-quantum standard

4 months ago

Introduction In March 2025, NIST decided to standardize HQC as the last...

Read full

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

5 months ago

Introduction In 2025, phishing is still the most prevalent kind of cyber...

Read full

Audit of Allbridge Estrela — Round 2

5 months ago

Introduction Last year, Allbridge entrusted us to audit two of their products...

Read full

Pwn everything Bounce everywhere all at once (part 2)

5 months ago

Context In our first blog post of this series we showed how,...

Read full

Or log in

Everything you care about in one place

Quarkslab's blog

Latest posts

ControlPlane Local Privilege Escalation Vulnerability on macOS

When too much access is not enough: a story about Confluence and tokens

Getting started with Wirego

ProxyBlobing into your network

Auditing Moodle's core hunting for logical bugs

Security audit of PHP-SRC

A small bug in the signature verification of AOSP OTA packages

CCleaner Local Privilege Escalation Vulnerability on macOS

Finding bugs in implementations of HQC, the fifth post-quantum standard

Beyond the Hook: A Technical Deep Dive into Modern Phishing Methodologies

Audit of Allbridge Estrela — Round 2

Pwn everything Bounce everywhere all at once (part 2)

Try Feeder for free