Our Firefox reports have been assigned CVE-2025-13024 and CVE-2025-14325. A few V8 issues are still under analysis. To summarize: -QuickJS: Our agent can easily find and trigger crashes autonomously using predefined pattern guides. -Firefox: AI assistance enabled building a

Everyone today is a hacker in a sense but there are very few OG hackers on which shoulders we stand Oh dude, Felix “FX” Lindner you were so much a hackers hacker and you will be missed RIP my friend and thank you

From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow - osec.io/blog/2026-03-1…

Language-level bug classes, stdlib pitfalls, Linux and Windows issues from usermode to kernel, seccomp sandbox escapes. One checklist, hundreds of checks. appsec.guide/docs/languages…

I still remember when I had to put out a press release saying that afl-fuzz was too dangerous to make available to the general public

Given all the news about Mythos,  I ran a small experiment testing Opus 4.6 to understand a bit better how it finds bugs. The setup was: Sendmail crackaddr() bug (CVE-2002-1337) — the original source, a rewritten equivalent, a compiled binary with symbols, and an obfuscated

The Exploiting Reversing Series (ERS) currently features 945 pages of exploit development based on real-world targets: [+] ERS 08: exploitreversing.com/2026/03/31/exp… [+] ERS 07: exploitreversing.com/2026/03/04/exp… [+] ERS 06: exploitreversing.com/2026/02/11/exp… [+] ERS 05: exploitreversing.com/2025/03/12/exp… [+] ERS 04:

👀👀👀 (CVE-2026-6296)[$90000][490170083][ANGLE][GL]Heap-BoF chromium-review.googlesource.com/c/angle/angle/… Reported by cinzinga

MAD Bugs: Even "cat readme.txt" is not safe, by Calif cat readme.txt and you're pwned baby We'd like to acknowledge OpenAI for partnering with us on this project. open.substack.com/pub/calif/p/ma…

Despite 271 bugs massacred by Anthropic, our renderer rce and sbx escape alive and well ready unless there is sudden patch before p2o ( mean we dont have enough time for prepare new one ) - wish us luck! blog.mozilla.org/en/privacy-sec…

I checked and it's been 2 years since my last blog post??? So anyway, here's a quick blog post about KDP pool - the latest KDP feature that will replace the secure pool in future Windows versions: windows-internals.com/goodbye-secure…

Find zero-days while you sleep. DeepZero is an automated vulnerability research framework that parses, decompiles, and analyzes thousands of Windows kernel drivers for exploitable IOCTLs natively using AI agents. github.com/416rehman/Deep…

Exploiting llama.cpp’s RPC Server - From Null Buffer to RCE Against PIE + Full RELRO + NX | CVE-2026-34159: The vulnerability is a one-line logic bug in the RPC server’s tensor deserialization pipeline. Youtube: youtube.com/@NullSecurityX Blog: pwntricks.com/ZeroClick-RCE-…

[1/2] CVE-2026-32223: heap overflow in usbprint.sys (IOCTL 0x220064). Malformed USB descriptor, Named Pipe spray + Ghost Chunk for kernel leak, forged IRP, SYSTEM. Writeup: enki.co.kr/en/media-cente… #CVE_2026_32223 #WindowsKernel #LPE #vulnresearch

This is an absolutely *beautiful* bug

Analysis of CVE-2025-4802: glibc 2.27-2.38 fails to sanitize LD_LIBRARY_PATH before dlopen() in statically linked SUID binaries, allowing arbitrary library loading and LPE. allelesecurity.com/libc-vuln-anal… Infosec

He began by replicating Mythos findings with his specialized harness. Then went on to find more critical novel zero days in open source code that he can't share yet because they're not fixed. TL;DR - harnesses are where the magic is. provos.org/p/finding-zero…

0Day OpenAI Codex Sandbox Escape Vulnerability 👀 Peter Girnus 🦅 zerodayinitiative.com/advisories/ZDI…

I'm using AI to find vulnerabilities (for 2 days), and its crazy how easy it is... currently fuzzing libpng which is being used by practically anything, already 3 different CVEs, memory corruption, memory leak and DoS. $20 is cheaper than a full time vuln researcher