🎉 GEEKCON 2023, the upgraded version of GeekPwn, is calling for submission. Join the 15+5 In-depth Sharing at geekcon.top/en/doc/GEEKCON… to showcase your unique research, practical experience, and new technologies... Demos speak louder than words! #GEEKCON2023 #CyberSecurity

Our exploit code is public now. github.com/DarkNavySecuri…

We've successfully exploited three RCE chains in Steam, one of which chains 4~6 pure logical bugs (features). Memory corruption vulnerabilities were also exploited. Stay tuned for the technical details on our blog after Valve fixes them.

Happy Year of the Loong! 🎉🐉 GEEKCON 2024 International Conference & Contest will be holding on May 25 - 26. Mark your calendars and stay tuned for updates. Calling all geeks and security enthusiasts! Join us and take the challenge now! geekcon.top/doc/GEEKCON%20…

Our team will deliver a talk on mobile ad fraud campaigns

At OCBC arena, GeekCon Singapore starts tomorrow!

Our new blog post -- AVSS Report: System Security Adversarial Capability Preliminary Evaluation of iOS, Android, and HarmonyOS - Kernel darknavy.org/blog/avss_repo…

We will be at Las Vegas this year to deliver our talks by Zhongquan Li flanker017 TheDog at Black Hat, see ya

Finished our talk at Black Hat with Zhongquan Li. Will be hanging around today and tmw at DEF CON and 0x0G. Chats and meetup are always welcomed.

Congrats to all the pwnie award winners this year, especially to my friend [email protected] and Tao Yan! Met many new friends in the Pwnie Awards afterparty, a great experience. Also made up for not being able to receive my award in person in 2022.

The Pwnie brothers (or sisters?) in a row - left: most underhyped research, 2024, [email protected] right: best privilege escalation, 2022, mine. Pwnie Awards

"Apple CarPlay: What's Under the Hood" - the newest and most detailed public research on CarPlay I've seen so far. Security analysis and fun memes included! 🚘 📲 🔬 Presentation [PDF]: troopers.de/downloads/troo… Video: youtube.com/watch?v=cHhxJz…

Years later it's thrilled to back to Vancouver and speak again at CanSecWest. Brought to mind the good old days of playing Pwn2Own.

Punching 🥊 presentation from hzshang , 𝐒𝐢𝐦𝐩𝐥𝐞 𝐢𝐬 𝐁𝐞𝐬𝐭: 𝐓𝐡𝐞 𝐣𝐨𝐮𝐫𝐧𝐞𝐲 𝐨𝐟 𝐭𝐚𝐤𝐢𝐧𝐠 𝐨𝐯𝐞𝐫 𝐦𝐨𝐛𝐢𝐥𝐞 𝐬𝐲𝐬𝐭𝐞𝐦 𝐮𝐬𝐢𝐧𝐠 𝐚 𝐆𝐏𝐔 𝐥𝐨𝐠𝐢𝐜𝐚𝐥 𝐛𝐮𝐠. We 🩷 it at Off-By-One Conference 2025!

New post: dawnslab.jd.com/%E4%B9%8B%E6%A… writeup for CVE-2025-22056, which we also found but collide with other researchers. A nice bug that can be stably exploited to get kernel privilege on Ubuntu.

Our talk on #BadResolve series of CVEs in Android happening soon at 13:30 #defcon33 Main Stage: LVCC - L1 - Exhibit Hall West 3 - Track 4!

The open-sourced version is finally here! github.com/jd-opensource/… We're still adding support for some corner cases, so keep an eye for future updates.

New blog post: A journey in Android physical memory - writeup on exploiting recent GPU bug CVE-2025-21479 dawnslab.jd.com/android_gpu_at…

Years later it’s still thrilled to be on #DEFCON stage. The presentation has been released here: media.defcon.org/DEF%20CON%2033…