Parallelism can be quite challenging - Our latest blog post covers a severe Use-After-Free vulnerability in Apache Guacamole (CVE-2023-30576). Join us in diving into the world of glibc heap exploitation in a multi-threaded environment: sonarsource.com/blog/avocado-n… #appsec #security

At Meta private bug bounty conference in South Africa 🇿🇦 #BugBountyCon

#OffensiveCon24 videos are now up! youtube.com/playlist?list=…

The libarchive e8 vulnerability is actually really cool, but the ZDI advisory doesn't explain why it's so wild lol. For some reason, I know about RAR filters, so let me provide the background. 🧵 1/n

PHP just fixed one of my RCE vulnerabilities, which affects XAMPP by default. Check to see if you are affected and update now! 🔥 blog.orange.tw/2024/06/cve-20…

Thanks to events like Pwn2Own or our V8CTF (~= exploit bounty program), we now have more data about the types of bugs exploited in V8. Based on that, we've gathered some basic statistics: docs.google.com/document/d/1nj…

Love the story Greg Linares (Laughing Mantis)! Bug hunting truly is a roller coaster, and your tweet captures exactly why it’s so much fun! It’s also a great reminder that persistence is key in this work :-D

My new Project Zero blog post, Driving Forward in Android Drivers is live! 🥳 googleprojectzero.blogspot.com/2024/06/drivin…

You Can't Spell WebRTC without RCE - Part 2 blog post, which turns the vulnerabilities we injected in Part 1 into remote code execution on iOS 16.4! Follow along with ian dupont to learn more about the iOS shared cache, Corellium, and ROP in ARM64! margin.re/2024/07/you-ca…

Excited to be at #BHUSA and #DEFCON! Looking to connect with top vulnerability researchers who are passionate about bug hunting. DM me if you’re around!

Just arrived at DEF CON If you're around and want to meet up, hit me up. Would love to connect with some fellow hackers 🏴‍☠️

At Google VRP (Google Bug Hunters) invite only 0x0G Lounge !

The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.ht…

We at Dataflow Security are currently looking for a senior Linux kernel researcher, feel free to DM if you’re curious :)

I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: klecko.github.io/posts/selinux-…

Excited to be back at POC by POC_Crew 👨‍👩‍👦‍👦 in South Korea 🇰🇷 ! Looking forward to reconnecting with old friends and meeting new faces in the industry #POC2024

Vulnerability research is a marathon, not a sprint. Many start out strong but can't keep up the motivation when the going gets tough and the bugs are not flowing. Don't rush it. Be consistent. Keep your pace. You'll get there.

Apparently offensivecon worked their asses off to get their talks up on YouTube Go check them out And here's the coolest talk, my talk: youtu.be/LAIr2laU-So?si… And with that, the full chain used to exploit the S24 is released. Yay!

15 million USD just died. 😉