🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Happy to be in DC today to help launch the Security Research Legal Defense Fund srldf.org Let's do what we can to better protect security researchers, and not shoot the messenger. Instead, let's embrace the messenger, which will make us all safer in the end✌️

Does it feel like vulnerability management is just a game of whack-a-mole? A vulnerability is found, patched and then another pops up — rinse and repeat. Check out Google’s new Initiatives to reduce the risk of vulnerabilities and protect researchers. blog.google/technology/saf…

not every day 4 world-class security teams (all from Google, though that's not all of them...TAG, Mandiant, CrOS Security, and more) co-author a doc... #powerofopen storage.googleapis.com/gweb-uniblog-p…

Bittersweet to see Maddie Stone and the ITW mission leave Project Zero: sad to see it go, but very pleased that it became a team within TAG, now with four people working on this mission and already finding some serious ITW 0-day! So long, and thanks for all the RCAs! 🥲

"This... modern in-the-wild Android exploitation... chain [relies] on n-days to bypass the hardest security boundaries - code execution from a remote context to system_server was achieved solely with n-day exploits." Great work by Seth Jenkins and team 👍

New Project Zero blogpost by Mark Brand - first mobile device ships with MTE (and how to enable it). "MTE on a production handset for the first time is a big step forward... there's real potential to use this technology to make 0-day harder". googleprojectzero.blogspot.com/2023/11/first-…

Great to see srldf.org working as intended! This fund would have never launched without the hard work of many, but a special shoutout to Harley Lorenz Geiger and Charley Snyder to making srldf.org a reality.

Join j00ru//vx as he shares his research/adventure through the Windows Registry: googleprojectzero.blogspot.com/2024/04/the-wi… 50 CVEs is just the beginning. Future posts will explore the attack surface, history, practical exploitation using hive memory corruption, cell indexes and other good times🎉

"While... public and in-the-wild research on Android GPU drivers [exists], other chipset components may not be as frequently audited so this research sought to explore those drivers in greater detail." Hot tip: There's a video version and a proof of concept exploit at the end👍

Project Zero Blogpost recap for the month: googleprojectzero.blogspot.com/2024/10/the-wi… — j00ru//vx doing another deep dive into the Windows Registry googleprojectzero.blogspot.com/2024/10/effect… — Nick Galloway's dav1d fuzzing case study (new) googleprojectzero.blogspot.com/2024/10/from-n… — an update on using LLMs to find vulns Enjoy! 🎉

Finding 0day is not the most impactful thing that Project Zero does 😲 — it's sharing knowledge 🧠. One part of that sharing is our tooling work to help other devs and reserachers. Today's installment, James Forshaw's updated OleView.NET👍 Blog: googleprojectzero.blogspot.com/2024/12/window…

My blog post is now live alongside Amnesty International 's joint release, providing remarkable insight into an ITW exploitation campaign! googleprojectzero.blogspot.com/2024/12/qualco… Turns out that you can find out quite a bit with just some kernel stacktraces ;) From Amnesty: securitylab.amnesty.org/latest/2024/12…

If you've ever wondered if one can determine a vuln from just the kernel panic logs, Seth Jenkins (feat. Jann Horn - [email protected] & Benoît) have something to share: googleprojectzero.blogspot.com/2024/12/qualco… Great to collaborate with Amnesty International, find vulns and get them fixed: securitylab.amnesty.org/latest/2024/12…

Great to see Apple quickly patch the MacOS sandbox escape/privilege escalation vulnerability I reported to them. Big thanks to nedwill, Ian Beer, and Ian Beer for all the help :) I'm working on a blog post and hope to release it soon!!

Part 5 of j00ru//vx's Windows Registry Adventure is out! googleprojectzero.blogspot.com/2024/12/the-wi… Incredible depth of knowledge on display, and good to see it shared as a reference with the world ❤️

It doesn't happen very often, but Project Zero is hiring! goo.gle/41DBQBY Please share with anyone you think would be awesome for the role 🎉 Looking for at least one person. DMs open if you want to reach out about the role. The team: youtu.be/My_13FXODdU

Two new posts from James Forshaw today: googleprojectzero.blogspot.com/2025/01/window… on reviving a memory trapping primitive from his 2021 post. googleprojectzero.blogspot.com/2025/01/window… where he shares a bug class and demonstrates how you can get a COM object trapped in a more privileged process. Happy Reading! 📚

...and now, introducing Part 6 of j00ru//vx's work on the Windows Registry: googleprojectzero.blogspot.com/2025/04/the-wi… 📖👀

For those that won't be in Germany next weekend to see Dillon Franke live, this is the next best thing! (post also includes Dillon's fuzzing harness and tools Dillon built along the way) 🎉

Part 7 (!) of j00ru//vx's Windows Registry adventure is now live: googleprojectzero.blogspot.com/2025/05/the-wi… "I will describe the various areas that are important in the context of low-level security research... all possible entry points to attack the registry... and the primitives they generate"🙌