Kunlun Lab from my latest startup CyberKunlun has helped Microsoft to fixed 3 different vulnerabilities this month msrc.microsoft.com/update-guide/a… while it also helped Google Chrome to fixed a Blink bug yesterday chromereleases.googleblog.com/2021/09/stable…

iOS 15 released. Kunlun Lab helped Apple to fix iOS kernel bug CVE-2021-30857 support.apple.com/en-ca/HT212814

Great work of #1 researcher from Cyber-Kunlun, our lab is ready to burn more 0days TianfuCup tomorrow.

First confirmed entry for day1 of TianfuCup, Kunlun Lab SorryMybad pwned Google Chrome to get Windows system kernel level privilege with only two bugs. First time since 2015 as I remembered

First entry for day2 of TianfuCup, Kunlun Lab pwned iPhone 13 Pro remote code execution (mobile safari) on stage with only 15 seconds

New company but still ranked as #1 this year TianfuCup. Almost all targets are fully pwned this time(except Synology). last photo : the empty review room after 0day party

Pwned targets of Kunlun lab for TianfuCup2021: (7 in total) Google Chrome full chain /w kernel Adobe PDF Reader full chain /w kernel VMWare ESXi VME + SBX VMWare Workstation VME iPhone13 Pro RCE MacOS Safari RCE MS Windows 10 Kernel LPE

Google just released Chrome 95.0.4638.69 & fixed two TianfuCup bugs which become the first patch for TianfuCup 2021 chromereleases.googleblog.com/2021/10/stable… CVE-2021-38001 is the RCE from Kunlun lab & CVE-2021-38002 is the SBX from 360(RCE one silence killed)

We’re happy to announce Haifei Li joining our team as senior researcher in advanced threat defense products. 🎉🎉

We’re excited to announce that Yuki Chen is joining our team as CTO and leader of the Kunlun lab.

First patch Tuesday of 2022! Adobe and Microsoft fixed 6 vulnerabilities reported by Kunlun lab. Two of them were demoed TianfuCup. The CVE-2021-44706 was the RCE of PDF reader full chain and the CVE-2021-21881 was the Ntoskrnl bug for Chrome sandbox escape.

This patch Tuesday fixed 5 vulnerabilities discovered by KunlunLab. 2 of them were for TianfuCup pdf reader sandbox escape & Win10 LPE, 1 CLFS bug was caught as in the wild exploit.

A lot of (36 in total) CVEs(5 critical) from Kunlun Lab fixed this month, mostly in DNS Server, SMB, LDAP, RPC runtime, Hyper-v...

Excited to see KunlunLab researchers got 2 Pwnie nominations this year, nice work :-)

Excited to be #1 this quarter, got some pre-auth rce bugs, thanks for all the help from Microsoft Security Response Center and bounty team!

The first nomination for best RCE: None other than KunlunLab for CVE-2022-26809, their 20 year old (!) Windows RPC Bug. You can read more about it here: msrc.microsoft.com/update-guide/v…

🏆