TIL: Asking chat gpt to code for you is called Vibe coding !

[Fuzzing with AFLPlusPlus] How to Fuzz Arm and MIPS Binaries with Qemu a... youtu.be/0iyviukkANY?si… via YouTube

A bit late, but I just published my blog post on bypassing Ubuntu’s sandbox! Hope you enjoy it! u1f383.github.io/linux/2025/06/…

chatgpt knows how to get work done :-p

Bypass Kernel Barriers: Fuzzing Linux Kernel in Userspace With LKL Xuan Xing & Eugene Rodionov Eugene Rodionov gave a talk about fuzzing the Linux kernel interfaces completely in user space using LKL (Linux Kernel Library) static.sched.com/hosted_files/l…

A far-reaching campaign used JSF*ck as obfuscation to inject malicious JavaScript into more than 270k webpages. The code redirected users to malicious content. We examine how this little-used style relies on type coercion and the campaign's overall aims. bit.ly/4mZ2LjE

We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by Khoa Dinh to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to Markus Wulftange

CASE CLOSED: CVE-2025-29824 0 public samples, 0 information Suspect: Windows CLFS driver Crime: UAF leading to Privilege Escalation Status: ACTIVELY EXPLOITED ITW Investigation: Debugged and documented Case files: starlabs.sg/blog/2025/07-m… Done by our intern, Ong How Chong

PlayStation 4 emulator for Windows, Linux and macOS written in C++

#NewProfilePic

Took me some time to figure out why CD-Drive was automagically opening 🤣🤣

Spot the bug #1

Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787…

Didn’t get a Phrack zine at DEF CON? Come to HITCON next week! We’re dropping 100 HITCON limited edition copies, with a chance to get Orange Tsai 🍊 ’s autograph. 🍊Walk-in tickets available!

Chinese scientists have developed the best shortest-path algorithm in 41 years! A team from Tsinghua University has broken Dijkstra’s “sorting barrier” — the first improvement since 1984. The new algorithm runs in O(m \log^{2/3} n) time. Potential applications? Faster shorter

Me attending meetings and trying to understand what’s going on 😂😂

As promised Blogpost is here! I find that a lot of the times people ask “how can researchers find complex bugs” This is my small contribution to show how the journey looked for me. I presented this content at hitcon last week! bughunters.google.com/blog/580034147…

As it turns out, Orange Tsai 🍊 and I have more in common than I had thought! If you love old school PHP quirks and CTF tricks I recommend you read our articles: phrack.org/issues/72/5_md… phrack.org/issues/72/6_md…