🚨 Obscure crypto alert 🚨 Check out our implementation of EC-SRP5 inspired by an archived 2001 IEEE draft. github.com/MarginResearch…

Wrote an article about a simple trick you can use to jailbreak RouterOS v7 virtual machine. ufo.stealien.com/2022-06-01/how…

This is probably the most complex exploit I've done so far. A UAF in Android kernel freed by kfree_rcu (introduces a delay) in a tight race + kCFI + Samsung RKP. Yet its still possible to gain arbitrary kernel RW, disable SE and root from untrusted app. github.blog/2022-06-16-the…

We have released the conference slides on the schedule website cfp.recon.cx/2022/schedule/#. We have not yet received all the slides, so if you have't sent us your slides please do so.

[POC2022] Last talk of the day(Track B)😎 Qian Chen(cq), "MikroTik RouterOS Security: The Forgotten IPC Message #POC2022

The security research team at Assetnote discovered a pre-authentication RCE vulnerability through a cryptographic flaw in Citrix ShareFile. It's been assigned CVE-2023-24489. You can read the technical blog post here: blog.assetnote.io/2023/07/04/cit…

The schedule for #Pwn2Own Toronto is now live! We've got an exciting four days of exploits ahead of us. Check it out at zerodayinitiative.com/blog/2023/10/2…

Success! STEALIEN executed a stack-based buffer overflow attack against the Wyze Cam v3 resulting in a root shell. They earn $15,000 and 3 Master of Pwn Points. #Pwn2Own

Attacking the Samsung Galaxy A* Boot Chain by Maxime Rossi Bellom and Damiano Melotti is now live!

BEHOLD! MY BINARY DATA ENCODINATOR 3000 You see, Perry the Platypus, it does nothing more than a regular binary data encoder, EXCEPT mine is for EVIL. which specifically violates the JSON license. *perry rolls eyes* It's a real clause! look it up! You CANNOT use JSON for evil.

People using AI/Grok to explain to them where the bug is in this code… just know that all of its answers have been complete garbage 🤷🏻‍♀️

CIA secret backdoors confirmed

my DNA is so powerful it buffer overflows the decoder program

big things are happening in the C community

New fastest shortest-path algorithm in 41 years! Tsinghua researchers broke Dijkstra’s 1984 “sorting barrier,” achieving O(m log^(2/3) n) time. This means faster route planning, less traffic, cheaper deliveries, and more efficient networks - and a CS curriculum revamp =)

Dijkstra 3 when