Frame by Frame, Kernel Streaming Keeps Giving Vulnerabilities by Angelboy

Check out Nini's (NiNi) blog on his experience with the #OffSec EXP-401 course and #OSEE certification exam! devco.re/blog/2025/05/2… We'll be hosting EXP-401 again in Taipei, alongside PEN-300 and WEB-300. Don’t miss out! training.devco.re/2025

I don't have OSCP—instead, I have OSEE! 🎉

OffSec Live Training returns to Taipei on 18–22 Aug! There will be five days of intensive learning led by OffSec instructors, covering EXP-401 (OSEE), PEN-300 (OSEP), and WEB-300 (OSWE). It’s Asia’s only EXP-401 in 2H 2025—don’t miss it 👉 training.devco.re/2025

🎯 HITCON Cyber Range 2025 Registration Extended to July 11! Great news! Due to overwhelming interest and support for the competition, we have received numerous requests from organizations to extend the registration period. To allow more outstanding teams to join this premier

Calling all learners in Taiwan! 🚨🇹🇼 We're excited to announce live training sessions in Taiwan, brought to you by OffSec & Devcore (DEVCORE), one of our training partners. The sessions, running between August 18 and 22, will cover PEN-300, EXP-401, and WEB-300 ⛓️‍💥💀🕷️

HITCON 2025 - Kernel 不死！Windows 與 Linux 核心漏洞的進擊💥 從 Windows 的 Kernel Streaming 到 Linux 的 net/sched

🚨 資安圈年度盛事！HITCON 2025 購票倒數中，你還在等什麼？！ 全台最頂級的資安年會——台灣駭客年會 HITCON 絕對不容錯過的國際級盛會 💥 今年主題「Perimeter Security is Dead, Long Live Resilience」 聚焦韌性防禦、攻擊後快速回復，直擊近年全球關鍵基礎設施攻擊趨勢！ 💻 31 場議程 x

Giving a PHRACK-coin to Orange Tsai 🍊. Read more about his Ninja PHP hacking skills in Phrack 72

Thanks PortSwigger and Bug Bounty Village for this awesome event — and also to my DEVCORE buddies for standing on stage to collect the trophy for me! A little follow-up article on this research is coming soon... stay tuned! 🤘

Congrats to Orange (Orange Tsai 🍊) for making PortSwigger’s Top 10 Web Hacking Techniques again — and to splitline (splitline 👁️🐈‍⬛) for the debut. #1 Confusion Attacks — Apache HTTP Server devco.re/blog/2024/08/0… #4 WorstFit — Windows ANSI devco.re/blog/2025/01/0… #DEFCON

Didn’t get a Phrack zine at DEF CON? Come to HITCON next week! We’re dropping 100 HITCON limited edition copies, with a chance to get Orange Tsai 🍊 ’s autograph. 🍊Walk-in tickets available!

Breaking news! ❤️‍🔥 Our teammate Andrew Chin will present our AIxCC-winning system at Taiwan’s HITCON, Aug 15–16. hitcon.org/2025/en-US/ HITCON

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to [email protected] for not forgetting me, TMZ for the edits, and the

Huge thanks to OffSec for bringing such intensive and high-level training to Taiwan. 5 days, 3 courses: EXP-401, WEB-300, PEN-300. Proud to see participants push through and even earn the rare OffSec Coin. Looking forward to more in the future! 🔥

Simplified intended solution for my Windows kernel challenge at HITCON CTF 2025. github.com/scwuaptx/CTF/t… If you haven’t played this challenge yet, I encourage you to try it yourself first. github.com/scwuaptx/CTF/t… Hope everyone can learn more from our CTF.

HITCON Cyber Range 2025 Finalist Announcement! 🔥 ​ 🎉 Thank you to all participating teams for your hard work and patience! After a series of intense competitions, the finalist notification emails have been sent out. 👉 Team captains, please check your inbox to avoid missing any

Hexacon 2025 is here! This week (Oct 10–11), our researchers Xiaobye (Ray) and Pumpkin (Pumpkin 🎃) hit the Paris stage with vulnerability research on MediaTek Wi-Fi and Linux io_uring. Big debut for our young talents at Hexacon! 🔥

Angelboy (Angelboy) takes the CODE BLUE 2025 stage with his latest findings in Kernel Streaming vulnerabilities -- this time diving deep into the MDL cache mechanism and unveiling even more vulnerabilities. codeblue.jp/en/program/tim… #codeblue_jp #MSRC #VulnerabilityResearch

DEVCORE CONFERENCE 2026 returns on March 14, 2026! A gathering for hacker-minded professionals to exchange real-world attack insights, advance proactive defense, and forge attack-driven cybersecurity intelligence. 🔗 bit.ly/4ro1Con #DEVCORECONFERENCE #redteam