"How to Build a Fuzzing Corpus" introduces some of the basic theory behind using a seed corpus for fuzzing, and answers three key questions: what is a seed corpus, why are they useful, and how can we build one from scratch? blog.isosceles.com/how-to-build-a…

Ben Hawkes Good topic :) Reminds me of some of the (not super successful) experiments I tried on abstract modeling for exploitation and mitigation, with an eye toward helping bring consistency to exploitability assessment github.com/microsoft/exsim github.com/Microsoft/MSRC…

What is a "good" Linux Kernel bug? "In the world of vulnerability research, we like to call bugs 'good' if they're bad, and 'bad' if they're either boring or completely catastrophic." blog.isosceles.com/what-is-a-good…

Phineas Fisher, Hacktivism, and Magic Tricks -- a brief look back at the hacking techniques and lasting impact of Phineas Fisher. blog.isosceles.com/phineas-fisher…

Very interesting look at Phineas Fisher’s hacking techniques in their attacks against FinFisher, Hacking Team, Mossos, and Cayman National Bank.

Everyone please checkout Ben's new blog about CVE-2023-4863/CVE-2023-41064 which I collaborated with him on. It's a very difficult vuln to figure out how to trigger. Super interesting vuln.

bugs.chromium.org/p/project-zero… just derestricted. Potential untrusted_app -> kernel r/w 😬 Fix is not on any end-user devices AFAIK but fixes are in OEM's hands.

Exploiting the libwebp Vulnerability in Chrome by DARKNAVY. blog.darknavy.com/blog/exploitin… blog.darknavy.com/blog/exploitin…

Robots Dream of Root Shells -- can AI be used to automatically discover security vulnerabilities? blog.isosceles.com/robots-dream-o…

Ben just posted about how little AIxCC competitors seem willing to share, but I directed our team to buck that trend. x.com/benhawkes/stat…

🔥💃Calling all bounty hunters! @Immunefi is hosting a $1M prize pool to help secure Firedancer v0.1, a new Solana client written in C and Rust! immunefi.com/boost/firedanc…

Let's explore China’s 0-day vulnerability research capabilities. I’ve long been intrigued by the prolific nature of Chinese teams in discovering vulnerabilities. Over the past months, I’ve gathered some data and analyzed reported vulnerabilities to gain a deeper understanding.🧵

"OpenSSH Backdoors" -- a few thoughts on supply-chain attacks against OpenSSH, and what we can learn from both historical and modern events. blog.isosceles.com/openssh-backdo…

The team at asymmetric research is world class, and the work I've been involved in so far has been quite fascinating. I'm excited to be able to help out as an advisor.

My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp - googleprojectzero.blogspot.com/2025/03/blasti…