We continue to look for Vuln Researchers in the UK, US and Australia with potential options for remote folk... jobs.gohire.io/interrupt-labs…

[Zer0Con2024⬛️🟨Speaker#3] 👨‍👩‍👦‍👦 G. Geshev, patate, Mateusz Fruba & maxpl0it - Beyond Android MTE: Navigating OEM's Logic Labyrinths #Zer0Con2024

You don’t FIND exploits. You build them. You FIND vulnerabilities and exploit them. As an exploit developer that has failed to exploit lots of bugs that look good, the distinction is important 😭

Waiter, can I get Semgrep with my Binja? Checkout this plugin that our intern developed to bring native Semgrep support to Binary Ninja! interruptlabs.co.uk/articles/integ…

#xzutils What an legendary change. "suddenly disappeared"

I recently found an exploitable timing leak in the reference implementation of Kyber (ML-KEM), the soon-to-be NIST standard for post-quantum key encapsulation. Let’s see if you can spot it in the source code - msg is secret:

Exploit Mitigations, aka diversifying your attack surfaces

Imagine having a tool as good as Frida and literally having to ask ChatGPT how to use it 🤡 Docs be difficult

Exploits are software, but Exploit Devs aren’t *just* Software Devs chompie explains the daily struggle 🙃

RCU stands for read, copy, use-after-free right? 🧐

code auditing for exploitable bugs is a lot of labor. building fuzzers to find exploitable bugs is a lot of labor. stop trying to find shortcuts. expect to put in a lot of time and sustained effort. can’t be frustrated when you haven’t put in the effort

A fantastic opportunity for an experienced vulnerability researcher to join our word-class Browsers team. Remote work, hybrid or in office opportunities available. Check out our careers page for the full range of roles available globally. buff.ly/4apXYC1

📣 Exciting news for aspiring vulnerability researchers - a selection of our internal VR Development Program training resources are now available on GitHub! Check them out at github.com/interruptlabs/… These ones are on software development: programming in C and Python.

Bang! Interrupt Labs successfully took over the #Samsung Galaxy 25 with 1 click. They remotely enabled the camera and location services, which has some frightening privacy implications. They head off to the disclosure room to explain how it works. #Pwn2Own

I posted a short blog about how a Samsung GPU vulnerability (CVE-2025-21479) can be leveraged for an LPE on affected devices xploitbengineer.github.io/CVE-2025-21479

I’ll be at Warwick Cyber Society misc0nfig with Interrupt Labs in February, come and discuss internships and associate roles!