A quick episode this week, which includes attacking VS Code with ASCII control characters, as well as a referrer leak and SCIM hunting.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/282.html
[00:00:00] Introduction
[00:00:57] Attacking Hypervisors - Training Update
[00:06:20] Drag and Pwnd: Leverage ASCII characters to exploit VS Code
[00:12:12] Full Referer URL leak through img tag
[00:17:52] SCIM Hunting - Beyond SSO
[00:25:17] Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
A special episode this week, featuring an interview with John Carse, Chief Information Security Officer (CISO) of SquareX. John speaks about his background in the security industry, grants insight into attacks on browsers, and talks about the work his team at SquareX is doing to detect and mitigate browser-based attacks.
A long episode this week, featuring an attack that can leak secrets from Gemini's Python sandbox, banks abusing private iOS APIs, and Windows new Hypervisor-enforced Paging Translation (HVPT).
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/280.html
[00:00:00] Introduction
[00:00:18] Doing the Due Diligence - Analyzing the Next.js Middleware Bypass [CVE-2025-29927]
[00:29:20] We hacked Google’s A.I Gemini and leaked its source code (at least some part)
[00:44:40] Improper Use of Private iOS APIs in some Vietnamese Banking Apps
[00:55:03] Protecting linear address translations with Hypervisor-enforced Paging Translation (HVPT)
[01:06:57] Code reuse in the age of kCET and HVCI
[01:13:02] GhidraMCP: LLM Assisted RE
[01:31:45] Emulating iOS 14 with qemu
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
API hacking and bypassing Ubuntu's user namespace restrictions feature in this week's episode, as well as a bug in CimFS for Windows and revisiting the infamous NSO group WebP bug.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/279.html
[00:00:00] Introduction
[00:00:28] Next.js and the corrupt middleware: the authorizing artifact
[00:06:15] Pwning Millions of Smart Weighing Machines with API and Hardware Hacking
[00:20:37] oss-sec: Three bypasses of Ubuntu's unprivileged user namespace restrictions
[00:32:10] CimFS: Crashing in memory, Finding SYSTEM (Kernel Edition)
[00:43:18] Blasting Past Webp
[00:47:50] We hacked Google’s A.I Gemini and leaked its source code (at least some part)
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
This episode features some game exploitation in Neverwinter Nights, weaknesses in mobile implementation for PassKeys, and a bug that allows disclosure of the email addresses of YouTube creators. We also cover some research on weaknesses in Azure.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/278.html
[00:00:00] Introduction
[00:00:35] Exploiting Neverwinter Nights
[00:08:48] PassKey Account Takeover in All Mobile Browsers [CVE-2024-9956]
[00:22:51] Disclosing YouTube Creator Emails for a $20k Bounty
[00:31:58] Azure’s Weakest Link? How API Connections Spill Secrets
[00:39:02] SAML roulette: the hacker always wins
[00:40:56] Compromise of Fuse Encryption Key for Intel Security Fuses
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Discussion this week starts with the ESP32 "backdoor" drama that circled the media, with some XML-based vulnerabilities in the mix. Finally, we cap off with a post on reviving modprobe_path for Linux exploitation, and some discussion around an attack chain against China that was attributed to the NSA.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/277.html
[00:00:00] Introduction
[00:00:25] The ESP32 "backdoor" that wasn't
[00:14:26] Speedrunners are vulnerability researchers
[00:27:58] Sign in as anyone: Bypassing SAML SSO authentication with parser differentials
[00:38:47] Impossible XXE in PHP
[00:52:41] Reviving the modprobe_path Technique: Overcoming search_binary_handler() Patch
[01:04:15] Trigon: developing a deterministic kernel exploit for iOS
[01:06:43] An inside look at NSA (Equation Group) TTPs from China’s lense
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
A very technical episode this week, featuring some posts on hacking the xbox 360 hypervisor as well as AMD microcode hacking.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/276.html
[00:00:00] Introduction
[00:00:15] Reversing Samsung's H-Arx Hypervisor Framework - Part 1
[00:10:34] Hacking the Xbox 360 Hypervisor Part 1: System Overview
[00:21:18] Hacking the Xbox 360 Hypervisor Part 2: The Bad Update Exploit
[00:30:48] Zen and the Art of Microcode Hacking
[00:41:51] A very fancy way to obtain RCE on a Solr server
[01:03:49] Cellebrite zero-day exploit used to target phone of Serbian student activist
[01:16:03] When NULL isn't null: mapping memory at 0x0 on Linux
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
This week's episode features a variety of vulnerabilities, including a warning on mixing up public and private keys in OpenID Connect deployments, as well as path confusion with an nginx+apache setup.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/275.html
[00:00:00] Introduction
[00:19:00] The OOB Read zi Introduced
[00:16:55] Mixing up Public and Private Keys in OpenID Connect deployments
[00:22:51] Nginx/Apache Path Confusion to Auth Bypass in PAN-OS [CVE-2025-0108]
[00:31:50] Hacking High-Profile Bug Bounty Targets: Deep Dive into a Client-Side Chain
[00:44:14] Uncovering Apple Vulnerabilities: diskarbitrationd and storagekitd Audit Part 3
[00:48:48] GigaVulnerability: readout protection bypass on GigaDevice GD32 MCUs
[00:56:57] Attempted Research in PHP Class Pollution
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
We discuss an 0day that was dropped on Parallels after 7 months of no fix from the vendor, as well as ZDI's troubles with responses to researchers and reproducing bugs. Also included are a bunch of filesystem issues, and an insanely technical linux kernel exploit chain.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/274.html
[00:00:00] Introduction
[00:00:12] Training: Attacking Hypervisors
[00:01:03] Dropping a 0 day: Parallels Desktop Repack Root Privilege Escalation
[00:24:48] From Convenience to Contagion: The Half-Day Threat and Libarchive Vulnerabilities Lurking in Windows 11
[00:30:19] Exploiting LibreOffice [CVE-2024-12425, CVE-2024-12426]
[00:46:47] Patch-Gapping the Google Container-Optimized OS for $0
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
We cover a comical saga of vulnerabilities and variants from incomplete fixes in macOS, as well as a bypass of Chrome's miraclePtr mitigation against Use-After-Frees (UAFs). We also discuss an attack that abuses COM hijacking to elevate to SYSTEM through AVG Antivirus, and a permissions issue that allows unauthorized access to DRM'd audiobooks.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/273.html
[00:00:00] Introduction
[00:00:23] Attacking Hypervisors From KVM to Mobile Security Platforms
[00:01:35] Endless Exploits: The Saga of a macOS Vulnerability Struck Nine Times
[00:11:02] The Most "Golden" Bypass of 2024
[00:44:55] Leaking the email of any YouTube user for $10,000
[01:11:52] Unmasking Cryptographic Risks: A Deep Dive into the Nym Audit w/ Nadim Kobeissi
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
In this episode, we discuss the US government discloses how many 0ds were reported to vendors in a first-ever report. We also cover PortSwigger's top 10 web hacking techniques of 2024, as well as a deep dive on how kernel mode shadow stacks are implemented on Windows by Connor McGarr.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/272.html
[00:00:00] Introduction
[00:01:50] U.S. Government Disclosed 39 Zero-Day Vulnerabilities in 2023, Per First-Ever Report
[00:19:54] What Okta Bcrypt incident can teach us about designing better APIs
[00:40:08] Top 10 web hacking techniques of 2024
[00:55:03] Exploit Development: Investigating Kernel Mode Shadow Stacks on Windows
[01:06:11] Accidentally uncovering a seven years old vulnerability in the Linux kernel
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
On the web side, we cover a portswigger post on ways of abusing unicode mishandling to bypass firewalls and a doyensec guide to OAuth vulnerabilities. We also get into a Windows exploit for a use-after-free in the telephony service that bypasses Control Flow Guard, and a data race due to non-atomic writes in the macOS kernel.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/271.html
[00:00:00] Introduction
[00:00:22] Bypassing character blocklists with unicode overflows
[00:06:53] Common OAuth Vulnerabilities
[00:18:37] Windows Telephony Service - It's Got Some Call-ing Issues [CVE-2024-26230]
[00:32:05] TRAVERTINE (CVE-2025-24118)
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Zero Day Initiative posts their trends and observations from their threat hunting highlights of 2024, macOS has a sysctl bug, and a technique leverages CloudFlare to deanonymize users on messaging apps. PortSwigger also publishes a post on the Cookie Sandwich technique, and Subaru's weak admin panel security allows tracking and controlling other people's vehicles.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/270.html
[00:00:00] Introduction
[00:00:11] ZDI Threat Hunting 2024 - Highlights, Trends, and Challenges
[00:21:44] Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform
[00:41:54] Stealing HttpOnly cookies with the cookie sandwich technique
[00:49:06] Hacking Subaru: Tracking and Controlling Cars via the STARLINK Admin Panel
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
This week features a mix of topics, from polyglot PDF/JSON to android kernel vulnerabilities. Project Zero also publishes a post about excavating an exploit strategy from crash logs of an In-The-Wild campaign.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/269.html
[00:00:00] Introduction
[00:07:48] Attacking Hypervisors - From KVM to Mobile Security Platforms
[00:12:18] Bypassing File Upload Restrictions To Exploit Client-Side Path Traversal
[00:19:41] How an obscure PHP footgun led to RCE in Craft CMS
[00:34:44] oss-security - RSYNC: 6 vulnerabilities
[00:42:13] The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
[00:59:59] security-research/pocs/linux/kernelctf/CVE-2024-50264_lts_cos/docs/exploit.md
[01:10:35] GLibc Heap Exploitation Training
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Specter and zi discuss their winter break, cover some interesting CCC talks, and discuss the summary judgement in the WhatsApp vs. NSO Group case.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/268.html
[00:00:00] Introduction
[00:09:53] 38C3: Illegal Instructions
[00:35:38] WhatsApp v. NSO Group
[01:04:06] Vulnerability Research Highlights 2024
[01:08:45] Debugging memory corruption: Who wrote ‘2’ into my stack?!
[01:16:46] HardBreak
[01:20:14] Announcing CodeQL Community Packs
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
In our last episode of 2024, we delve into some operating system bugs in both Windows and Linux, as well as some bugs that are not bugs but rather AI slop.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/267.html
[00:00:00] Introduction
[00:06:48] Buffer Overflow Risk in Curl_inet_ntop and inet_ntop4
[00:19:20] Bypassing WAFs with the phantom $Version cookie
[00:27:51] Windows Sockets: From Registered I/O to SYSTEM Privileges
[00:34:02] ksthunk.sys Integer Overflow (PE)
[00:38:20] Linux Kernel: TOCTOU in Exec System
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
This week's episode contains some LLM hacking and attacks on classifiers, as well as the renewal of DMA attacks with SD Express and the everlasting problems of null bytes.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/266.html
[00:00:00] Introduction
[00:00:31] Hacking 2024 by No Starch
[00:09:18] Announcing the Adaptive Prompt Injection Challenge (LLMail-Inject)
[00:14:37] Breaking Down Adversarial Machine Learning Attacks Through Red Team Challenges
[00:25:49] Null problem! Or: the dangers of an invisible byte
[00:36:32] New dog, old tricks: DaMAgeCard attack targets memory directly thru SD card reader
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
A short episode this week, featuring Keyhole which abuses a logic bug in Windows Store DRM, an OAuth flow issue, and a CSRF protection bypass.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/265.html
[00:00:00] Introduction
[00:00:16] Attacking Hypervisors From KVM to Mobile Security Platforms
[00:02:30] Keyhole
[00:10:12] Drilling the redirect_uri in OAuth
[00:18:00] Cross-Site POST Requests Without a Content-Type Header
[00:24:03] New AMSI Bypss Technique Modifying CLR.DLL in Memory
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
Linux userspace is still a mess and has some bad bugs in root utilities, and Vaultwarden has an interesting auth bypass attack.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/264.html
[00:00:00] Introduction
[00:00:29] LPEs in needrestart [Ubuntu]
[00:18:41] Vulnerability Disclosure: Authentication Bypass in Vaultwarden versions < 1.32.5
[00:31:50] From an Android Hook to RCE
[00:43:34] Simple macOS kernel extension fuzzing in userspace with IDA and TinyInst
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
This week, we dive into some changes to V8CTF, the FortiJump Higher bug in Fortinet's FortiManager, as well as some coverage instrumentation on blackbox macOS binaries via Pishi.
Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/263.html
[00:00:00] Introduction
[00:00:25] V8 Sandbox Bypass Rewards
[00:25:39] Hop-Skip-FortiJump-FortiJump-Higher - Fortinet FortiManager [CVE-2024-47575]
[00:38:07] Pishi: Coverage guided macOS KEXT fuzzing.
[00:44:20] Breaking Control Flow Flattening: A Deep Technical Analysis
[00:55:10] Firefox Animation CVE-2024-9680 - Dimitri Fourny
[00:57:13] Internship Offers for the 2024-2025 Season
Podcast episodes are available on the usual podcast platforms:
-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063
-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt
-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz
-- Other audio platforms can be found at https://anchor.fm/dayzerosec
You can also join our discord: https://discord.gg/daTxTK9
