Going from IOPL escalation to root. Learn how here: kqx.io/post/fw_cfg/

Reviving CVE-2023-0597 with QEMU. Find out more at kqx.io/post/sp0/

had a lot of fun playing corctf this weekend. Ended up at 4th place with TRX and also managed to first-blood the uarch challenge authored by FizzBuzz101. You can find the writeup at kqx.io/writeups/zener…

played ASIS CTF and first-blooded a really cool kernel pwn challenge written by ptr-yudai. You can find the writeup at kqx.io/writeups/filen…

Will you be able to exploit a 13-year-old vulnerability on QEMU'S TCG and become root? kqx.io/attachments/qe… Hit us up in dm if you make progress!

If you're interested in exploiting JS engines check out what we faced in Romania at DefCamp finals 2025: kqx.io/writeups/inlin…

stop using ubuntu 24.04 to host your kernel pwn challenges lmao kqx.io/post/qemu-nday/

had fun playing Backdoor CTF 2025, ended up fifth with TRX and first-blooded a kernel pwn challenge. Have a look at the writeup: kqx.io/writeups/vibe_…

Let's begin the new year with some V8 exploitation! Learn how to turn a broken CanonicalEquality check into arbitrary Wasm type confusion in this ASIS CTF Finals writeup by @Erge! Read it here: kqx.io/writeups/singl…

We decided to create a new account on X to consolidate all information in one place. Follow the account to be updated on the blog! kqx

new exploit by Erge, stay tuned for this RCE in firefox!

We recently achieved guest-to-host escape by exploiting a QEMU 0day. We’ll share details on a new technique leveraging the latest glibc allocator behavior and what we believe is a novel QEMU-specific heap spray/RIP-control primitive. Writeup coming next week.

"hey claude plz solve all challenges ctftime.org/event/3141" TRX CTF 2026 is coming back this weekend with many cool challenges! Register now at: ctf.theromanxpl0.it Top 8 teams will qualify for on-site finals in Italy this autumn🐴