ThinkstScapes Q2’25

Networking is always tricky

Beyond the Horizon: Uncovering Hosts and Services Behind Misconfigured Firewalls

Qing Deng, Juefei Pu, Zhaowei Tan, Zhiyun Qian, and Srikanth V. Krishnamurthy

[Paper]

0.0.0.0 Day: Exploiting Localhost APIs From The Browser

Avi Lumelsky and Gal Elbaz

[Blog post] [Video]

Local Mess: Covert Web-to-App Tracking via Localhost on Android

Aniketh Girish, Gunes Acar, Narseo Vallina-Rodriguez, Nipuna Weerasekara, and Tim Vlummens

[Website]

Transport Layer Obscurity: Circumventing SNI Censorship on the TLS-Layer

Niklas Niere, Felix Lange, Juraj Somorovsky, and Robert Merget

[Code] [Paper]

Language models large and small

The road to Top 1: How XBOW did it

Nico Waisman

[Blog post]

AI and Secure Code Generation

Dave Aitel and Dan Geer

[Blog post]

A look at CloudFlare’s AI-coded OAuth library

Neil Madden

[Blog post]

How I used o3 to find CVE-2025-37899, a remote zeroday vulnerability in the Linux kernel’s SMB implementation

Sean Heelan

[Blog post] [Code]

Enhancing Secret Detection in Cybersecurity with Small LMs

Danny Lazarev and Erez Harush

[Blog post] [Video]

BAIT: Large Language Model Backdoor Scanning by Inverting Attack Target

Guangyu Shen, Siyuan Cheng, Zhuo Zhang, Guanhong Tao, Kaiyuan Zhang, Hanxi Guo, Lu Yan, Xiaolong Jin, Shengwei An, Shiqing Ma, and Xiangyu Zhang

[Code] [Paper]

When parsing goes right, and when it goes wrong

3DGen: AI-Assisted Generation of Provably Correct Binary Format Parsers

Sarah Fakhoury, Markus Kuppe, Shuvendu K. Lahiri, Tahina Ramananandro, and Nikhil Swamy

[Slides] [Paper]

GDBMiner: Mining Precise Input Grammars on (Almost) Any System

Max Eisele, Johannes Hägele, Christopher Huth, and Andreas Zeller

[Paper] [Code]

Parser Differentials: When Interpretation Becomes a Vulnerability

Joernchen / Joern Schneeweisz

[Slides] [Video]

Inbox Invasion: Exploiting MIME Ambiguities to Evade Email Attachment Detectors

Jiahe Zhang, Jianjun Chen, Qi Wang, Hangyu Zhang, Shengqiang Li, Chuhan Wang, Jianwei Zhuge, and Haixin Duan

[Slides] [Paper] [Code]

Nifty sundries

Impostor Syndrome: Hacking Apple MDMs Using Rogue Device Enrolments

Marcell Molnár and Magdalena Oczadły

[Slides] 

Your Cable, My Antenna: Eavesdropping Serial Communication via Backscatter Signals

Lina Pu, Yu Luo, Song Han, and Junming Diao

[Paper]

GoSonar: Detecting Logical Vulnerabilities in Memory Safe Language Using Inductive Constraint Reasoning

Md Sakib Anwar, Carter Yagemann, and Zhiqiang Lin

[Paper] [Code]

Show Me Your ID(E)!: How APTs Abuse IDEs

Tom Fakterman and Daniel Frank

[Slides] [Video]

Inviter Threat: Managing Security in a new Cloud Deployment Model

Meg Ashby

[Video]

Carrier Tokens—A Game-Changer Towards SMS OTP Free World!

Kazi Wali Ullah

[Slides] [Code] [Video]