My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp - googleprojectzero.blogspot.com/2025/03/blasti…

Wrote a MCP server for #CodeQL, tried it out with Cursor and it's quite fun so far! I think the next step would be adding support for query-models. Allowing an LLM to easily add sources/sinks to existing queries could be very promising😁 github.com/JordyZomer/cod…

Woop woop bought tickets for WHY2025Camp 😎😎

I would like to praise Gabriel Negreira Barbosa outstanding contributions to the security community and hacking, not only as editor of the magazine for the past 6+ years, but also for his sharing of perspectives, guidance and technical contributions. In this edition we wrote another small

That moment when you found a bug but it's a PITA to reach so you just point afl++ at it :')

Going to hacker bridge at 1337 😎🤙

Implementing a custom #CodeQL extractor + libs for an unsupported language is pure torture but hey I found some bugs already so I guess it’s worth it

Branch Race Conditions Predictor causes recent predictions to be added after more recent privilege switches (→ wrong privilege, eIBRS💥) prediction flushes (→ retained valid, IBPB💥) finish. Sandro eventually figured it out 🙌

My team (AI Systems Security) at Google Zürich🇨🇭is hiring a Security Engineer for AI Vulnerability Research! We're looking for experts to tackle asset exfiltration, tampering and computational resources abuse. Apply: google.com/about/careers/…

ok ok fine, for old time's sake haxx.in/files/limit-yo…

Awesome work by Adam! 😁

Arrived in Berlin today for offensivecon 😁

Slides from my talk are here: dillonfrankesecurity.com/OffensiveCon-2… And the recording is here! youtu.be/USQtPedx9Xg?fe…

I’m writing a CodeQL like language for fun that works on Binary Ninja IR, by lowering OOP primitives to datalog for “fun” can’t wait to finds some bugs with it! 😁😁

I really like that hacking zines are now in this trend of having printed copies! It is about time. I got a few to give to folks that can't buy. Lets spread it.

Why is it so fucking hot in NYC rn, I am literally dying

The eiffel tower is looking pretty today 🦅

At long last - Phrack 72 has been released online for your reading pleasure! Check it out: phrack.org

I've been asked countless times how to learn VR & xdev. The answer is always: "do something you think is cool". It's hard to figure out what to do. Try the PhrackCTF which I've now open-sourced. It's not a contrived CTF - modeled after real vulnerabilities github.com/xforcered/Phra…