[ Android ]  [Slides] Perf: From Profiling to Kernel Exploiting http://goo.gl/OnRmQE #HITB2016AMS by @ wish_wu

[ Android ]  Android AdWare Trying to Deceive the Analyst | Fortinet Blog http://ow.ly/DuLP300tC6V

[ Android ]  Android Anti-Hooking Techniques in Java http://d3adend.org/blog/?p=589 ( by @ neilbergman )

[ Browser ]  .@ google updates #Chrome to 51.0.2704.63, pays one researcher $30,000 in bounties. https://threatpost.com/researcher-pockets-30000-in-chrome-bounties/118337/

[ Defend ]  Enforcing Kernel Security Invariants with Data Flow Integrity http://www.cc.gatech.edu/~blee303/paper/kenali.pdf

[ Detect ]  Detecting hidden backdoors analyze malware hidden inside an OPcache file ~ http://blog.gosecure.ca/2016/05/26/detecting-hidden-backdoors-in-php-opcache/

[ Exploit ]  How CVE-2015-7547 (GLIBC getaddrinfo) can bypass ASLR http://bit.ly/1NRrvbg

[ Fuzzing ]  Torturing the PHP interpreter - Slides from my @ CONFidence_news talk - http://www.slideshare.net/logicaltrust/torturing-the-php-interpreter CC: @ owasppoland #php #fuzzing

[ Fuzzing ]  Slides: @ richinseattle on 'Go Speed Tracer: Guided Fuzzing' http://conference.hitb.org/hitbsecconf2016ams/materials/D2T2%20-%20Richard%20Johnson%20-%20Go%20Speed%20Tracer%20-%20Guided%20Fuzzing.pdf #HITB2016AMS https://t.co/0G0taEK0Kx

[ iOS ]  Evading "Find My iPhone' http://blog.kcnabin.com.np/find_my_iphone_can-be-failed/

[ iOS ]  SandJacking allows hackers to install malicious iOS apps on non-jailbroken devices. No patch from Apple http://www.securityweek.com/sandjacking-attack-allows-hackers-install-evil-ios-apps #hitb2016ams

[ Linux ]  wildpwn – UNIX Wildcard Attack Tool http://www.darknet.org.uk/2016/05/wildpwn-unix-wildcard-attack-tool/

[ Mac OS X ]  Untrusting an intermediate CA on OS X https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/

[ Mac OS X ]  Clipboard poisoning attacks on the Mac https://blog.malwarebytes.org/threat-analysis/2016/05/clipboard-poisoning-attacks-on-the-mac/

[ Mac OS X ]  ZDI-16-360: (Pwn2Own) Apple OS X fontd Sandbox Escape Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-360/

[ Mac OS X ]  ZDI-16-361: (Pwn2Own) Apple OS X libATSServer Heap-based Buffer Overflow Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-361/

[ Malware ]  Bayrob - An Ancient Evil Awakens http://blog.fortinet.com/2016/05/26/bayrob-an-ancient-evil-awakens @ Fortinet #security #infosec https://t.co/TpsAB5mQ8L

[ Malware ]  Angler, GZIP, and a Landing Page http://neonprimetime.blogspot.com/2016/05/angler-gzip-landing-page.html

[ Obfuscation ]  Seeing Through Darkleech Obfuscation: a Quick Hack to Iframes https://blogs.mcafee.com/mcafee-labs/seeing-darkleech-obfuscation-quick-hack-iframes/

[ OpenSourceProject ]  Graphite2 heap-based buffer overflow in GlyphCache::GlyphCache https://bugs.chromium.org/p/project-zero/issues/detail?id=749#c_ts1464261060

[ Popular Software ]  ZDI-16-359: Adobe Reader DC FlateDecode Use-After-Free Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-16-359/

[ Tools ]  PHP Sandbox for different versions http://sandbox.onlinephpfunctions.com/

[ Tools ]  Phosphor: Dynamic Taint Tracking for the JVM https://github.com/Programming-Systems-Lab/phosphor

[ Windows ]  Msbuild.exe Code Injection Sample Example: https://gist.github.com/subTee/bc651742fc726863f4799648f5a264ab This will allows msbuild.exe to execute an arbitrary assembly

[ Windows ]  Here are Windows instructions by @ ftp_alun on how to explicitly untrust an intermediate CA like BlueCoat's http://blogs.msmvps.com/alunj/2016/05/26/untrusting-the-blue-coat-intermediate-ca-from-windows/

[ Windows ]  Windows (Hyper-V) Containers on Windows 10 : https://msdn.microsoft.com/en-us/virtualization/windowscontainers/quick_start/quick_start_windows_10