Learn

The accidental leakage of sensitive information like API keys and passwords, commonly from container images, poses significant risks, requiring thorough scanning to prevent exposure. Challenges in secret detection include managing diverse secret formats, minimizing false positives, and ensuring high performance to avoid CI/CD delays.

Binarly uncovers CVE-2025-3052: a Secure Boot bypass affecting most UEFI devices, enabling attackers to run unsigned code before OS load.

Binarly’s reachability analysis cuts through alert fatigue by identifying which vulnerabilities are actually exploitable. By focusing on real execution paths and environment context, it helps teams prioritize what truly matters and ignore the noise.

This REsearch report follows our recent talk at RSAC 2025, where we presented new research and revisited past research sitting at the intersection of UEFI firmware and cryptography. In this research we highlight multiple failures in key management, for instance, we cover the data breaches that affected UEFI-related vendors that led to the exposure of private keys, discussing their past and ongoing consequences on the ecosystem. Using the latest available data on the UEFI ecosystem we’ll also be able to provide new up-to-date insights on these old but current issues affecting the ecosystem.

Introducing Exploitation Maturity Score (EMS), designed to measure the present by using real-world signals like public PoCs, exploit reliability, ransomware activity, public and private threat intelligence telemetry.

The latest release of the Binarly Transparency Platform introduces powerful new capabilities that bring clarity to the chaos of vulnerability management and software supply chain security. This update is purpose-built to help enterprise defenders to prioritize what truly matters and to surface the vulnerabilities that pose real, immediate security risk. 

Over the past few years, the Binarly Research team has led the way in documenting security problems haunting the entire UEFI ecosystem. We presented our discoveries at major security conferences like OffensiveCon, Black Hat, LABScon and RE//verse to share data and collaborate with the industry to secure the UEFI ecosystem.

In this blog post, the Binarly REsearch team introduces a novel methodology for detecting UEFI bootkits by analyzing their unique code behaviors. By starting from an in-depth analysis of known bootkits, we identify features that can be used for generically detecting bootkits and build rules that we used for hunting new unknown bootkits. Then, we show how these rules can be even further improved, by leveraging advanced static analysis techniques, semantic detection and ML-based clustering.

The all-new Binarly Transparency Platform v2.8 represents a pivotal leap forward in our engineering and product development processes as we shift to a more agile, monthly release cadence. This latest release introduces advanced image diffing, refined role-based access control (RBAC), and enhanced vulnerability detection capabilities, marking a significant step forward in the cybersecurity landscape.

Microcode has always been a crucial component in platform security for the x86 ecosystem. Any vulnerability in microcode leads to significant issues and long-standing side effects across the entire industry. Last week, we witnessed a rare instance of such a vulnerability highlighting potential gaps in AMD’s product security practices, prompting industry-wide discussion on the security implications for confidential computing.

Binarly releases Binary Risk Hunt, a free vulnerability scanner with software bill of material generator.

This vulnerability got our attention for many reasons: firstly, the vendor agreed on the critical impact; and secondly, the nature of the vulnerability where an unauthenticated user can remotely trigger the code flow with a simple post request and cause the arbitrary code execution over classical stack overflow (CWE-121).