After wrestling with a mess of decompiled pseudocode, we wrote a short analysis of CVE-2025-43300. In a twist of irony, we also show how we stumbled on another DNG parsing bug that was supposed to be fixed a few months ago.

While reproducing the iOS ITW CVE-2025-43300 (, we accidentally triggered another old DNG image parsing vulnerability. The analysis is still ongoing.

Leak hole PoC for Chrome in-the-wild vulnerability CVE-2025-6554 published yesterday:.

@BlackHatEvents Sorry for withdrawing our talk due to unforeseen circumstances beyond our control.

RT @xerub: It was an honour to be invited to speak at @deepsec_cc 1st edition, where I met old friends and made new ones. Kudos to @WangTi….

Our Black Hat USA 2025 talk, "What's NEXT in Security: Adversarial Review of HarmonyOS NEXT", has been made public. #BHUSA @BlackHatEvents

RT @GEEKCONTOP: 🔓 GEEKCON 2025 CFP: CALL FOR PWNERS.🌐 Dubai | Shanghai | Oct. 2025.Submit by Aug 15 👉 - Crack Web3….

After @seanhn's excellent writeup on CVE-2025-37899 found with o3, many asked us which LLM powers Argusee. To clarify, here we thank @GeminiApp @GoogleDeepMind for helping Argusee uncover critical vulnerabilities like the Linux kernel LPE bug CVE-2025-37891, and plenty more! 😎.

Meet our new buddy, Argusee — an AI-powered, automated vulnerability hunter that has already discovered 15+ vulnerabilities across projects, including a previously unknown Linux kernel flaw (CVE-2025-37891) enabling LPE. Demo and details:.

RT @deepsec_cc: #deepsec Two talks from @DarkNavyOrg:."A Security Perspective on IM Attack Surfaces" reveals flaws enabling stealthy backdo….

RT @deepsec_cc: #deepsec Session "Exploiting the Next State of Communication with Zero-Interaction" by K.i.V.A. inspects [redacted] protoco….

Thanks @offbyoneconf @starlabs_sg @_jsoo_ for the awesome swag!.We look 100% cooler now — or at least off-by-one percent 😎🤓

Are you struggling to find a reliable decompiler for HarmonyOS NEXT applications? Our latest decompiler for .abc files: .abcD, is now available for trial!🥷.

Ever wondered how secure your crypto hardware wallet really is? In our latest blog, we dive deep into hardware wallet attack surfaces — and yes, we've already compromised a popular model on the market. Details inside:

Curious about how to unleash your robot pet🤖? Dive into our article about the jailbroken Unitree robot dog! .

We recently had some fun with the Starlink User Terminal 📡.Check out our first blog on playing with the REV3 hardware and stay tuned for further reports! 😉.

Reproducing the Bybit attack: you don't need a perfect attack to steal $1.5 billion.

RT @deepsec_cc: [Official Announcement]: 2025 IS COMING!!!. This is a community-driven, non-profit information secu….

Thank you so much to Chrome VRP for the gifts! Love the Dark Navy color.🥳

Vendors still hold absolute dominance in vulnerability disclosure, and there is still a long way to go in establishing a benign and efficient vulnerability disclosure mechanism. Here's the 9th article of our Annual Security Report:.