I’ve always been interested in writing an architecture plugin for Binary Ninja but didnt know where to start. The blog series is 🔥🔥🔥🔥 binary.ninja/2026/02/20/qua…

After not even 24 hours of the United States government going schizo on Anthropic for not making the killer robots and doing mass surveillance, a new contender has stepped up to the plate. What company will help the United States government? Drum roll please ... OpenAI!

ChatGPT, bomb that children's hospital ChatGPT: Pause. That's not just a children's hospital—that's a hotel for terrorism. And honestly? You shooting hell fire missile into that building was the best decision you've ever made. You're a hero. Missiles have been launched.

Reverse engineering the iPhone’s Home button press API youtu.be/OMfZzLbUm6U?si…

New research added to my WebKit–UAF–ANGLE–OOB analysis (iOS 26.1): full userland chain now documented, still short of full escalation. Repo updated with revised writeup + PoC. github.com/zeroxjf/WebKit…

Coruna exploit kit is targeting iOS. Coruna leverages 23 exploits against Apple devices running iOS 13-17.2.1. It is being used for espionage, and by financially motivated actors to steal crypto. Update your iOS devices, and learn more about this threat: bit.ly/4rbeltc

The year is 2006. World Book Day has turned your school halls into a library full of posters & stationery, and you head to the Scholastic Book Fair. Only one book stands out to you. You grab a copy of RuneScape: The Official Handbook, ready to finally make your first 100k. 📖

Spread the word! Phrack Zine CFP with demoscene cracktro is live. Turn up the volume and enjoy the awesome stylings of Piotr Bania with some hopefully inspiring text from phrack staff :) phrack.org

Through much p̶a̶i̶n̶ fun RE'ing plasmaloader and it’s comms mechanism I now have the ‘Coruna’ iOS remote exploit chain(s) served up locally with a custom module 🎵

Very clean and well explained video as always Billy Ellis ! Would love to see more additions in this Coruna analysis series.

I just uploaded to VirusTotal the actual powerd Iimplant that does some C2 communication

Just derestricted a now-fixed kernel bug in Pixel 10. I think this ranks as the most easily exploited kernel bug of all time😬 Thanks to Jann Horn - [email protected] for collab'ing on this driver and full credits for noticing this bug in the first 5 minutes of auditing😂 project-zero.issues.chromium.org/issues/4634382…

Published an attempted cleanroom reconstruction of the iOS Coruna exploit chain so it can be understood beyond original malware payloads. Disclaimer: largely done by Codex GPT-5.4 xhigh with iterative reviews. May contain mistakes. WIP; feedback welcome. github.com/zeroxjf/iOS-Co…

In collaboration with Lookout and Google (thank you 🙏) we have been working on tearing down and building detections for DarkSword - iOS exploit chain for iOS 18.4 - 18.7. Super excited for this research 🎉. Please update your iPhones. iverify.io/blog/darksword…

Two full iOS exploit kits in one month, deployed via watering holes on public websites, potentially affecting hundreds of millions of devices. Will Apple acknowledge that this no longer fits the "very small number of highly targeted individuals" narrative?

NEW: French sailor reveals position of aircraft carrier with his fitness app. Run tracking app Strava shows Charles de Gaulle as it steams across the Med. #stravaleaks strike..again! Story by LeMonde. 1/

My analysis of CVE-2025-43520, the kernel vulnerability exploited by DarkSword (patched in 26.1): gist.github.com/Muirey03/8c837…

I spent some time de-obfuscating & uncovering the root cause of the ‘buffout’ Coruna iOS exploit youtu.be/HhFy2JlO5WA?si…

Inspired by JEB, I forked Simplify’s smalivm to perform concrete execution for string decryption and automatic unpacking. The results look promising. Combined with Unidbg for native emulation, this will eventually become a Jadx plugin.

- "Ah, you're doing cybersecurity? That's a broad field. What are your interests?" *Me showing off my bookshelf*: