Google’s Mandiant has launched GoStringUngarbler, an open-source framework for deobfuscating Go-based malware using advanced string encryption techniques. Targeting binaries obfuscated by the garble compiler, it combines static analysis with dynamic emulation to extract plaintext strings. Early tests are promising, with future enhancements planned to support additional transformations and better integration with reverse engineering tools.
Critical Kibana Vulnerability Let Attackers Execute Arbitrary Code
Elastic has issued a critical security advisory for Kibana vulnerability CVE-2025-25012, allowing authenticated attackers to execute arbitrary code, scoring 9.9 on the CVSS scale. The
