It finally happened… I’ve been published on #Phrack! After more than five years since the last issue, #Phrack70 is out, featuring my article “Exploiting a Format String Bug in Solaris CDE”! I guess I can retire now 🐛.

RT @joernchen: Today I have a more serious topic than usual, please consider reposting for reach:. My wife and I are urgently looking for a….

What do you want to know?.

RT @orange_8361: Turns out my #PHRACK article is live! 🔥. > The Art of PHP — My CTF Journey and Untold Stories!. Kinda a love letter to tho….

RT @orange_8361: Thanks @PortSwigger and @BugBountyDEFCON for this awesome event — and also to my @d3vc0r3 buddies for standing on stage to….

Always happy news to see my work spark new joy. In this case, my @semgrep ruleset at Congrats to @trailofbits and best wishes for a wonderful career to Will 👍.

RT @hnsec: In our last post, @apps3c shares some PoCs of GenAI/LLM security issues found in real-world assessments conducted for corporate….

RT @PwnieAwards: We are very happy to announce the nominees for the 2025 Pwnie Awards! . As a reminder, we will be presenting the winners a….

Today I’m celebrating one year of #Rust! 🦀 . I started learning it last summer, and since then, I’ve pretty much stopped programming in any other language. I’ve documented my journey in this series of articles: . Here’s to many more years with Rust! 🥂

RT @xorpse: I'm pleased to announce a new version of the Rust bindings for @HexRaysSA IDA Pro! With:. - Improved strings, metadata, and cor….

As an old fart in #xdev, I often get asked how to get into binary exploitation in 2025. I looked around, and here’s my recommendation:. . #pwncollege is a huge collection of free #lectures and practical #challenges maintained by a team of #hackers at @ASU.

RT @hnsec: In our last blog post, our colleague Gianluca shares the story of a lucky discovery: a bug initially spotted during a routine as….

RT @exploitsclub:

RT @HexRaysSA: Power users are taking IDA headless with idalib. Think large-scale diffing, custom UIs, and CI pipelines. all without laun….

My #idalib based tools are featured in the latest @HexRaysSA blog!.

RT @exploitsclub: Another Week, Another EXPLOITS CLUB 📰. ---.🎉 Binja giveaway: sign up to support the newsletter 🎉.---. Tesla wall charger….

RT @2ourc3: Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep . Golem automates C/C++ vulnerability discovery by combi….

RT @pulsoid: Happy to see our research replicated and dug even further!. We did it with EMFI, @hnsec did it with Voltage glitching. But the….

RT @hnsec: Exploring fault injection on ESP32 V3! . Inspired by Delvaux work, we tested voltage #glitching as an attack vector. With advanc….

RT @Openwall: End of an era: our CVSweb service turned 21 today, and was promptly retired. Our anoncvs was similarly shut down at the age o….

RT @2ourc3: Just launched Code Auditor CTF — A web platform to practice finding real-world C/C++ vulnerabilities.•….

RT @disconnect3d_pl: We released new Pwndbg: !. It brings new kernel commands for dumping heap allocator info, disp….