Operation Zero is sponsoring Code IB conference that's held on April 27, 2023 in Saint Petersburg, Russia. Link: codeib.ru

We’ve created two channels on Telegram. Follow us for press releases, zero-day price updates, vacancies, and more: English version: t.me/opzero_en Russian version: t.me/opzero_ru

We would also like to see your submissions on these targets: — SonicWall NGFW RCE — Up to $200,000 — FortiGate NGFW RCE — Up to $200,000 — MS Word RCE — Up to $150,000 The prices depend on limitations of exploits. Submit details via the form: opzero.ru/en/submit

In search of: — Chrome RCE w/o SBX — Up to $500,000 The zero-day exploit should work on latest Android and tailored at least to Samsung S23/24. Submit details via the form: opzero.ru/en/submit/

Also, we look for: — macOS kernel LPE — Up to $300,000 — macOS non-kernel LPE — Up to $100,000 Zero-day exploits should work on macOS 13/14 running on Apple silicon M1 and M2 chips. Submit details via the form: opzero.ru/en/submit/

In search of: — Mikrotik router RCE — Up to $150,000 Zero-day exploits should be applicable to Ethernet or Wireless routers. More broad range of devices such as switches would be a plus which may increase the total payout. Submit details via the form: opzero.ru/en/submit/

Vacancy: External Android Security Researcher OPERATION ZERO is currently looking for a professional exploit developer to join the Android research team as an external employee. Responsibilities: • Carry out tasks assigned to the team, including the research of the Android

Vacancy: External Browser Security Researcher OPERATION ZERO is currently looking for a professional exploit developer to join the Browser research team as an external employee. Responsibilities: • Carry out tasks assigned to the team, including the research of one of modern

Looking for: — Safari SBX for iOS — Up to $350,000 — Chrome RCE for Android — Up to $350,000 — Chrome RCE+SBX for Windows — Up to $700,000 Submit your zero-days: opzero.ru/en/submit/

We are looking for: — Telegram 1-click RCE — Up to $500,000 — Telegram 0-click RCE — Up to $1,500,000 — Telegram full chain — Up to $4,000,000 In the scope are exploits for Android, iOS, Windows. The prices are depending on limitations of zero-days and obtained privileges.

Apparently it's illegal to talk about Russian exploit brokers in Europe. This censorship seems counterproductive to online safety.

101 Chrome Exploitation — Part 0: Preface We are starting a new series on modern browsers' architecture and their exploitation using Chrome as an example. Readers will learn how browser subsystems are implemented, how their security is ensured and how it is violated with