🔥Telegram İfşa

V8 is leaving the Sea-of-Nodes Turbofan compiler for the shores of CFG, read all about it in my colleague's blog post: v8.dev/blog/leaving-t…

Another year and we're still looking for exceptional talent that are looking to join an amazing research team and contribute to the story we're writing Dataflow Security, if you're interested or just curious about it, I'll be offensivecon and available to chat :)

👋zer0con

My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions. github.com/mistymntncop/C…

#hiring

🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: anemato.de/blog/kctf-vdf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!

Our new blog post is live: blog.dfsec.com/ios/2025/05/30…

Finding exploitable browser bugs during exam season sucks. Makes it very difficult to focus on studying when constantly thinking of the bug 🫠

Mini Writeup of CVE-2025-6554. POC by DARKNAVY. All errors in writeup my own. gist.github.com/mistymntncop/3…

Getting 2nd place in Defcon finals for the third year in a row has triggered the great depression for the team xd

🥈 Thrilled to nab 2nd as Blue Water, teamed up with Luís Henrique Muniz at DEFCON CTF Final 33! 🙌 Congrats to Maple Mallard Magistrates for their 4th straight 1st 💪 We’re gunning for the crown next year! Join our crew to make it happen! DM us or drop us an email! 🚀 #DEFCON #CTF

so excited to finally share something I’ve been working on alongside many brilliant colleagues. MTE will truly raise the bar for memory safety. security.apple.com/blog/memory-in…

Check out our newest blog about how we took advantage of a WebGPU feature to turn an integer underflow bug into an arbitrary read in Chrome’s WebGPU. This bug was fixed by Google long ago, but our ticket is still restricted. qriousec.github.io/post/oob-angle/ by Lan Vu + Toan Pham

At Hexacon, come say hi!

It's so over

Planning a CTF? We're here to support organizers with proven expertise and a commitment to quality challenges. Apply here: dfsec.com/ctf-support

Guess you could say they were Unsat :^)

I'm pretty excited about this (POE2 in particular)! It's basically what we've been preparing for with the PKEY-based hardware sandboxing prototype for V8 (docs.google.com/document/d/1l3…)

We really should be talking about this more....KASLR is just not working properly on Android right now, and it hasn't for a long time. googleprojectzero.blogspot.com/2025/11/defeat…