Exactly

iOS 26.1 Safari StoreBarrierInsertionPhase missing Upsilon escape to uaf proof-of-concept github.com/jir4vv1t/CVE-2…

j j

[453094710][reward: $250000] Out-of-bound read in the jmp table of ActiveMediaSessionController leads to sandbox escape. crbug.com/453094710

Analysis Slides and Stablized Exploit for CVE-2025-5419, a V8 Uninitialized Read Vulnerability! Shoutout to clem1, Benoît for finding the bug and j j for providing a wonderfully crafted exploit. github.com/bjrjk/CVE-2025…

A carefully structured, tiered root cause analysis for CVE-2025-43529 (JSC UAF). Spent quite some time refining the structure to make the reasoning explicit and readable. Shoutout to jir4vv1t for his detailed analysis and exploit. github.com/bjrjk/CVE-2025…

JUST IN: 75% chance Bitcoin drops below $60,000

A collection of my JavaScript engine vulnerability analyses. github.com/bjrjk/js-vuln-…

Works out of the box with no registration or API keys required. github.com/evilsocket/fre…

SCAM WARNING: Caller ID is meaningless. "Fraud warning" transfers you to a fake cop flashing a badge on video. Real banks don't do this. Get a call claiming to be about fraud? ❌HANG UP 📞CALL THE # ON THE BACK OF YOUR CARD. Please share the warning with your parents.

Want to learn more about Chrome exploitation? In our latest article, we break down two critical Android GPU driver vulnerabilities that enabled Chrome sandbox escape from a compromised renderer and were used in full device exploit chains. Read the full technical analysis here:

New research added to my WebKit–UAF–ANGLE–OOB analysis (iOS 26.1): full userland chain now documented, still short of full escalation. Repo updated with revised writeup + PoC. github.com/zeroxjf/WebKit…

Coruna exploit kit is targeting iOS. Coruna leverages 23 exploits against Apple devices running iOS 13-17.2.1. It is being used for espionage, and by financially motivated actors to steal crypto. Update your iOS devices, and learn more about this threat: bit.ly/4rbeltc

I wrote a short blogpost on the quirks of grammar fuzzing (and, more generally, structure-aware fuzzing) and a simple trick I used to get more bugs out of it more quickly. projectzero.google/2026/03/mutati…

🚨 BREAKING: Someone just open-sourced software that sees you through walls using only WIFI signals. it’s called WiFi-DensePose. It maps your exact body pose in real-time. no cameras. no sensors. just your living room router. 100% Open Source.

New BSides Canberra 2025 talk by Angus is now live: “Walkthrough of an N-day Android GPU driver vulnerability.” Watch here: youtu.be/G71dB0C4-dY

🚨: Japanese scientist Patrick Soon-Shiong has designed a treatment that activates body's natural killer cells that fight against cancer cells. Its approved in the U.S. and now Saudi Arabia has also approved it for its public.

Well, I recommend that folks who claim they used AI to find bugs describe their steps in detail - such as which AI models they used, what prompts they employed, which source files they asked the AI to analyze and how, etc. This is like the vulnerability PoC in the AI era. Only

👀👀👀 (CVE-2026-6296)[$90000][490170083][ANGLE][GL]Heap-BoF chromium-review.googlesource.com/c/angle/angle/… Reported by cinzinga