How the Internet Broke Everyone’s Bullshit Detectors

From AI-generated images to restricted satellite data, the systems used to verify what’s real online are struggling to keep up...

CVE-2025-47392

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

EUVD-2025-209230

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

CVE-2025-47392

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

CVE-2025-47392 Integer Overflow or Wraparound in GPS

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

CVE-2025-47392 Integer Overflow or Wraparound in GPS

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

CVE-2025-47392

CVE-2025-47392 describes a memory corruption issue that occurs when decoding corrupted satellite data files with invalid signature offsets. The NVD records a CVSS v3.1 base score of 8.8 (HIGH) with adjacent attack vector, no privileges or user interaction required, and high impact on confidential...

PT-2026-30638

Memory corruption when decoding corrupted satellite data files with invalid signature offsets...

Qualcomm Chipsets 输入验证错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporation. Qualcomm Chipsets have a vulnerability related to input validation errors. This vulnerability arises due to memory corruption that occurs when decoding corrupted satellite data files with invalid signature offsets...

When Satellite Data Becomes a Weapon

As war reshapes the Gulf, the satellite infrastructure the world relies on to see conflict clearly is being delayed, spoofed, and privately controlled—and nobody is sure who is responsible...

gpsd: gpsd: Arbitrary code execution via heap-based out-of-bounds write in NMEA2000 packet handling

A flaw was found in gpsd. The hnd129540 function, responsible for handling NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to properly validate the user-supplied satellite count. A remote attacker can exploit this by sending a specially crafted packet with an excessive satellite count,...

CVE-2025-67268

gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/drivernmea2000.c file. The hnd129540 function, which handles NMEA2000 PGN 129540 GNSS Satellites in View packets, fails to validate the user-supplied satellite count against the size of the skyview...

Satellites Are Leaking the World’s Secrets: Calls, Texts, Military and Corporate Data

With just $800 in basic equipment, researchers found a stunning variety of data—including thousands of T-Mobile users’ calls and texts and even US military communications—sent by satellites unencrypted...

EUVD-2023-0202

Malicious code in bioql PyPI...

Adversarial Observations in Weather Forecasting

AI-based systems, such as Google's GenCast, have recently redefined the state of the art in weather forecasting, offering more accurate and timely predictions of both everyday weather and extreme events. While these systems are on the verge of replacing traditional meteorological methods, they al...

CVE-2023-32303

Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in...

PYSEC-2023-71

Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in...

CVE-2023-32303 Planet's secret file is created with excessive permissions

Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in...

CVE-2023-32303 Planet's secret file is created with excessive permissions

Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in...

Ships engines, a guide for pen testers

I spent several years as a ships engineer before straying in to pen testing. Ships used to be fairly secure; they were physically isolated at sea. Satcoms were scarily expensive, usually available only to the captain for business-critical communication. Even satphone use was heavily rationed. All...