🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

be quick if you want one of the remaining cellebrite totally legit usb cable at #hexacon2024 !

Our global research team is on its way home from Paris, marking the official close of Hexacon! If you missed how our work saves lives or want to explore the challenges we tackle, check this page and feel free to reach out: cellebrite.com/en/cellebrite-… Until next time, Cellebrite Labs

Mechazilla has caught the Super Heavy booster!

More details about CVE-2024-44068 - it’s part of an EoP chain in the wild: googleprojectzero.github.io/0days-in-the-w…

I've written a post on SELinux and some public bypasses for Android kernel exploitation. It's especially relevant for Samsung and Huawei devices due to their use of hypervisors. Check it out here: klecko.github.io/posts/selinux-…

new 2 part blogpost on the Lexmark WTM stuff is now live! haxx.in/posts/wtm-wtf/

It's possible to run custom code on the Nintendo Alarmo via USB - without opening it up! More details in the blog post here: garyodernichts.blogspot.com/2024/10/lookin…

RCE via the Fax Machine by Rick de Jager and Carlo Meijer media.ccc.de/v/38c3-dialing… fahrplan.events.ccc.de/congress/2024/…

You have to understand that back in my day, it was possible to make a career out of sending a lot of AAAAAAs to computer programs

Our 2025 RE//verse talk schedule is now live! Talks start Friday, but don't forget to check the Thursday schedule and arrive early enough for the kick-off event! re-verse.io/schedule.html?…

Remember my IDA Pro theme called "long_night"? Since releasing it 5 years ago it hasn't seen any updates - making it barely usable on IDA Pro 8.x - 9.x. Up until now! I've just updated it and it now works with every IDA Pro version :) Enjoy! github.com/ioncodes/long_…

I tried my hand at exploiting an nday on the Google Container Optimized OS instance in kCTF but sadly was very late to the party. Here is my exploit write-up for it. I learned a lot during the process, let me know what you think. I'll post TL;DR in thread h0mbre.github.io/Patch_Gapping_…

I've published a write-up on reversing and analyzing Samsung's H-Arx hypervisor architecture for Exynos devices, which has had a lot of changes in recent years and pretty interesting design. Hope you all enjoy :) dayzerosec.com/blog/2025/03/0…

CVE-2025-0927 details here! ssd-disclosure.com/ssd-advisory-l…

Slides: "Unveiling the Mysteries of Hexagon QDSP6 JTAG" zerodayengineering.com/research/slide…

CVE-2024-49848 is now fixed...255 days after I reported it! project-zero.g-issues.chromium.org/issues/42451725 Sure it took well over 90 days, but on the OTHER hand it's an aesthetically pleasing number of days.