I’m so proposing a public policy for critical internet-facing device vendors. This is Friday night, right?😅 All vendors must reward each pre-auth bug 100k USD. Bugs can be reported to gov agency or third party for independent verification. Such policy could encourage the

We should propose a new CVE standard: Calculator-Verified-Exploit Only vulnerabilities that pop calc are eligible for a CVE number

Just announced new versions of Gemma 3 – the most capable model to run just one H100 GPU – can now run on just one *desktop* GPU! Our Quantization-Aware Training (QAT) method drastically brings down memory use while maintaining high quality. Excited to make Gemma 3 even more

About to celebrate Easter with your family but don't know what to talk about at the table? Then don't lose time and read our new article about RPAC! blog.epsilon-sec.com/cve-2025-31201…

"Microsoft's David Weston describes the new feature as the most significant architectural Windows security change in a generation." Great article from Dark Reading darkreading.com/endpoint-secur…

New blog: Be careful of Your UDP Service: Preauth DoS on Windows Deployment Service (remote, 0-click) sites.google.com/site/zhiniangp…

Thrilled to announce my new Project Zero blog post is LIVE! 🎉 I detail my knowledge-driven fuzzing process to find sandbox escape vulnerabilities in CoreAudio on MacOS. I'll talk about this and the exploitation process next week offensivecon! googleprojectzero.blogspot.com/2025/05/breaki…

Angelboy (Angelboy) will give a talk at #OffensiveCon this week! Following his deep dive into Kernel Streaming vulnerabilities, this week, Angelboy will unveil a new set of bug classes discovered through his research on one of the most common input sources – webcam frames.

v-v.space/2025/05/15/CVE… RDG RCE sharing

New blog post: An Intro to Differential Fuzzing in Rust, by .nl_gripto & Anthony Tsuei. It walks through building a pure-Rust JSON fuzzer from scratch, then extending it into a differential fuzzing harness capable of surfacing consensus bugs. blog.asymmetric.re/finding-fractu…

konata.github.io/posts/samsung-… Samsung’s ISVP: Betraying the Trust of Security Researchers Samsung Mobile

Thrilled to share our latest deep dive into Windows Kernel Streaming! Just presented this research at offensivecon. Check it out: devco.re/blog/2025/05/1…

Just got my OSEE certification, was easier than expected but still enjoyable. Also thanks to DEVCORE for bringing this course to Taiwan!

The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" docs.google.com/presentation/d…

Given the recent events with VMPSoft DMCA'ing educational YouTube videos demonstrating how to unpack malware protected with VMProtect, we have decided to release a free to use unpacker which works for all versions of VMP 3.x including the most recent version. Simply sign

We posted our slides! entrysign.top

🥇 first place at the @Ethereum Attackathon! huge shoutout to Immunefi and everyone who made this comp legendary. we’ll be breaking down some of our most interesting findings next. Stay tuned👀

New blog post: Fuzzing Microsoft Defender's mpengine.dll using snapshot fuzzing (WTF, kAFL/NYX). We uncovered several out-of-bounds read & null dereference bugs that can crash the main Defender process on a file scan. Details -> labs.infoguard.ch/posts/attackin…

Meet our new buddy, Argusee — an AI-powered, automated vulnerability hunter that has already discovered 15+ vulnerabilities across projects, including a previously unknown Linux kernel flaw (CVE-2025-37891) enabling LPE. Demo and details: darknavy.org/blog/argusee_a…

"For anyone who dares to call themselves a researcher, this exam should be easy enough to make you laugh." blog.terrynini.tw/en/2025-OSEE-E… My new blog post shares my thoughts on OSEE. Where is the learning path? Where is the value of the course? Is the course still relevant today? Will