
Lays
@_l4ys
Co-Founder @TrapaSecurity & @pwnabletw/ MSRC Top 100 2019&2020 /
Mobile & Windows Security
ID: 2991327068
http://blog.l4ys.tw 20-01-2015 15:12:28
2,2K Tweet
3,3K Followers
1,1K Following





"Microsoft's David Weston describes the new feature as the most significant architectural Windows security change in a generation." Great article from Dark Reading darkreading.com/endpoint-secur…


Thrilled to announce my new Project Zero blog post is LIVE! 🎉 I detail my knowledge-driven fuzzing process to find sandbox escape vulnerabilities in CoreAudio on MacOS. I'll talk about this and the exploitation process next week offensivecon! googleprojectzero.blogspot.com/2025/05/breaki…



New blog post: An Intro to Differential Fuzzing in Rust, by .nl_gripto & Anthony Tsuei. It walks through building a pure-Rust JSON fuzzer from scratch, then extending it into a differential fuzzing harness capable of surfacing consensus bugs. blog.asymmetric.re/finding-fractu…

konata.github.io/posts/samsung-… Samsung’s ISVP: Betraying the Trust of Security Researchers Samsung Mobile

Thrilled to share our latest deep dive into Windows Kernel Streaming! Just presented this research at offensivecon. Check it out: devco.re/blog/2025/05/1…








"For anyone who dares to call themselves a researcher, this exam should be easy enough to make you laugh." blog.terrynini.tw/en/2025-OSEE-E… My new blog post shares my thoughts on OSEE. Where is the learning path? Where is the value of the course? Is the course still relevant today? Will