It looks like I'm the first person in Taiwan to earn the OSEE certificate! Huge thanks to my company and sponsor, DEVCORE, for the support!

CVE-2025-2233!

A real case of out-of-bounds access when the compare function of sort function is nontransitive ! openwall.com/lists/oss-secu…

Hackyboiz team has brought some hot news! 🛠️ pwnable.kr is back with a fresh upgrade! One of Korea’s most iconic CTF wargame sites, pwnable.kr, is currently undergoing a major renewal. The server environment has been refreshed and upgraded from Ubuntu

How could the WebKit exploit in the wild run JavaScript in updateStyleIfNeeded when ScriptDisallowedScope::InMainThread was supposed to prevent it? microtask ????

"For anyone who dares to call themselves a researcher, this exam should be easy enough to make you laugh." blog.terrynini.tw/en/2025-OSEE-E… My new blog post shares my thoughts on OSEE. Where is the learning path? Where is the value of the course? Is the course still relevant today? Will

its funny to me that to get good VR results from LLMs, part of the prompt has to be you pumping the LLM up, like "You're an elite vulnerability researcher. You love this shit."

My rubbish IDA plugin works on IDA9.1 without modification Unbelievable plugins.hex-rays.com/terrynini/feel…

This weekend, I gave a talk on web browser security research at a student-organized conference. I tried to make the talk reasonably beginner-friendly, so the slides (linked here) could hopefully be useful to someone as a learning resource. docs.google.com/presentation/d…

(CVE-2025-6424)[1966423]UAF in FontFaceSet::Load(exploitable crash) mozilla.org/en-US/security… hg-edge.mozilla.org/mozilla-centra… Reported by LJP & HexRabbit Great job!

A bit late, but I just published my blog post on bypassing Ubuntu’s sandbox! Hope you enjoy it! u1f383.github.io/linux/2025/06/…

So like. Time to be vulnerable for a minute and talk about mental health as it relates to research. Because it’s tough, you know, open-ended research (as are many careers). That constant fear of failure in the face of tasks that are sometimes literally impossible.

If you have a machine with PKEY support and recent Linux kernel you can now play around with hardware support for the V8 sandbox. When active, JS + Wasm code has no write permissions outside the sandbox address space. To enable, set `v8_enable_sandbox_hardware_support = true`.

Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12 years to get this published. This vulnerability is still not patched. Here's the story:

If you’re planning to promote your research with a website, better prepare for some quite hostile takes! (Yes, I am practicing responsible disclosure as always)

Peak BH slide