EPISODE · Aug 4, 2025 · 34 MIN
ThinkstScapes Research Roundup - Q2 - 2025
from ThinkstScapes · host Marco Slaviero, haroon meer, Jacob Torrey
ThinkstScapes Q2’25Networking is always trickyBeyond the Horizon: Uncovering Hosts and Services Behind Misconfigured FirewallsQing Deng, Juefei Pu, Zhaowei Tan, Zhiyun Qian, and Srikanth V. Krishnamurthy[Paper]0.0.0.0 Day: Exploiting Localhost APIs From The BrowserAvi Lumelsky and Gal Elbaz[Blog post] [Video]Local Mess: Covert Web-to-App Tracking via Localhost on AndroidAniketh Girish, Gunes Acar, Narseo Vallina-Rodriguez, Nipuna Weerasekara, and Tim Vlummens[Website]Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-LayerNiklas Niere, Felix Lange, Juraj Somorovsky, and Robert Merget[Code] [Paper]Language models large and smallThe road to Top 1: How XBOW did itNico Waisman[Blog post]AI and Secure Code GenerationDave Aitel and Dan Geer[Blog post]A look at CloudFlare’s AI-coded OAuth libraryNeil Madden[Blog post]How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementationSean Heelan[Blog post] [Code]Enhancing Secret Detection in Cybersecurity with Small LMsDanny Lazarev and Erez Harush[Blog post] [Video]BAIT: Large Language Model Backdoor Scanning by Inverting Attack TargetGuangyu Shen, Siyuan Cheng, Zhuo Zhang, Guanhong Tao, Kaiyuan Zhang, Hanxi Guo, Lu Yan, Xiaolong Jin, Shengwei An, Shiqing Ma, and Xiangyu Zhang[Code] [Paper]When parsing goes right, and when it goes wrong3DGen: AI-Assisted Generation of Provably Correct Binary Format ParsersSarah Fakhoury, Markus Kuppe, Shuvendu K. Lahiri, Tahina Ramananandro, and Nikhil Swamy[Slides] [Paper]GDBMiner: Mining Precise Input Grammars on (Almost) Any SystemMax Eisele, Johannes Hägele, Christopher Huth, and Andreas Zeller[Paper] [Code]Parser Differentials: When Interpretation Becomes a VulnerabilityJoernchen / Joern Schneeweisz[Slides] [Video]Inbox Invasion: Exploiting MIME Ambiguities to Evade Email Attachment DetectorsJiahe Zhang, Jianjun Chen, Qi Wang, Hangyu Zhang, Shengqiang Li, Chuhan Wang, Jianwei Zhuge, and Haixin Duan[Slides] [Paper] [Code]Nifty sundriesImpostor Syndrome: Hacking Apple MDMs Using Rogue Device EnrolmentsMarcell Molnár and Magdalena Oczadły[Slides] Your Cable, My Antenna: Eavesdropping Serial Communication via Backscatter SignalsLina Pu, Yu Luo, Song Han, and Junming Diao[Paper]GoSonar: Detecting Logical Vulnerabilities in Memory Safe Language Using Inductive Constraint ReasoningMd Sakib Anwar, Carter Yagemann, and Zhiqiang Lin[Paper] [Code]Show Me Your ID(E)!: How APTs Abuse IDEsTom Fakterman and Daniel Frank[Slides] [Video]Inviter Threat: Managing Security in a new Cloud Deployment ModelMeg Ashby[Video]Carrier Tokens—A Game-Changer Towards SMS OTP Free World!Kazi Wali Ullah[Slides] [Code] [Video]
What this episode covers
This is episode 16 of Thinkst's Trends & Takeaways (for Q2 of 2025). A quarterly summary of information security research, talks and presentations. Join our host Jacob Torrey as he highlights the research and papers that caught our eye during the preceding quarter. https://thinkst.com/ts
NOW PLAYING
ThinkstScapes Research Roundup - Q2 - 2025
No transcript for this episode yet
Similar Episodes
No similar episodes found.
Similar Podcasts
No similar podcasts found.