It finally happened… I’ve been published on #Phrack! After more than five years since the last issue, #Phrack70 is out, featuring my article “Exploiting a Format String Bug in Solaris CDE”! I guess I can retire now 🐛 https://t.co/6wN7pN0R6p

If you’re into #ReverseEngineering, #VulnerabilityResearch, or #Rust, don’t miss @0xdea’s latest: Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2 💻 🦀 Now live on our restyled blog! https://t.co/nHOxQoGnFs

Frida 17.4 introduces Simmy, a new backend for Apple’s Simulators on macOS. Spawn, attach, and instrument apps — just like on a real device.

Tea too good to spill.

👉 Check out this guest post from Marco Ivaldi (@0xdea), where he walks through using idalib’s Rust bindings with IDA 9.2 to streamline vulnerability research. Worth a read for anyone in security. https://t.co/nutSZ9RQ5j

It’s a real pleasure to be featured in the @HexRaysSA blog! Thanks for having me.

Heads up to #mobile pentesters: I've ported my @NowSecureMobile #Frida scripts (#iOS and #Android) to Frida 17, which introduced some breaking changes. The original scripts from 2017 are preserved as release 0.1 for compatibility and historical reference. https://t.co/EK7Bb2JUca

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog:

Who is coming to #RomHack2025 next week? See you there 🔥

I've updated my #VulnerabilityResearch and #ReverseEngineering tools to use the latest version of @binarly_io #idalib #Rust bindings, which support @HexRaysSA IDA Pro 9.2 and their freshly open-sourced SDK. https://t.co/MbMFvjHrtT https://t.co/c4hLimHqWu https://t.co/wPsWzyUax3

I'm pleased to announce a new release of the Rust bindings for @HexRaysSA IDA SDK! This release includes v9.2 compatibility, and a number of new features and fixes. Code: https://t.co/h1HJUxe45z Thank you to our contributors: @withzombies Cole Leavitt @IrateWalrus @yeggorv

Eight years later, I’ve updated my most-starred @github repository with some new @fridadotre scripts, inspired by @spaceraccoonsec new book “From Day Zero to Zero Day”. Check it out:

Today I have a more serious topic than usual, please consider reposting for reach: My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]

We have gone a step further with Noa: memories are machine encoded and stored privately on encrypted servers with **no rich media retained** So you can feel secure using Noa for recall years in the future.❤️ In true Brilliant Labs fashion, we built this because we believed it

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to @0xdea for not forgetting me, @guitmz for the edits, and the

Thanks @PortSwigger and @BugBountyDEFCON for this awesome event — and also to my @d3vc0r3 buddies for standing on stage to collect the trophy for me! A little follow-up article on this research is coming soon... stay tuned! 🤘

Always happy news to see my work spark new joy. In this case, my @semgrep ruleset at https://t.co/UQpsnQ8Grv. Congrats to @trailofbits and best wishes for a wonderful career to Will 👍

In our last post, @apps3c shares some PoCs of GenAI/LLM security issues found in real-world assessments conducted for corporate clients, with a focus on vulnerabilities that can be exploited to gain unauthorized access to data, resources, and services. https://t.co/aDxF6OqQpR

We are very happy to announce the nominees for the 2025 Pwnie Awards! As a reminder, we will be presenting the winners at DEF CON this year. Saturday the 9th, 10:00AM Main Stage. Hope to see you there! https://t.co/hWUu2PcM8B

Today I’m celebrating one year of #Rust! 🦀 I started learning it last summer, and since then, I’ve pretty much stopped programming in any other language. I’ve documented my journey in this series of articles: https://t.co/eCbdxsT7uM Here’s to many more years with Rust! 🥂

I'm pleased to announce a new version of the Rust bindings for @HexRaysSA IDA Pro! With: - Improved strings, metadata, and core APIs - Support for the name API Thank you to @0xdea & @williballenthin for contributing! Docs: https://t.co/CcSXJK4rAV Code: https://t.co/4wnfZvRXIH

As an old fart in #xdev, I often get asked how to get into binary exploitation in 2025. I looked around, and here’s my recommendation: https://t.co/hc1SlbSHSj #pwncollege is a huge collection of free #lectures and practical #challenges maintained by a team of #hackers at @ASU.

In our last blog post, our colleague Gianluca shares the story of a lucky discovery: a bug initially spotted during a routine assessment turned out to be a high impact vulnerability in Microsoft Graph API — earning a $3,000 bounty. https://t.co/F38RmgTUAk