Minghao Lin
@Y1nKoc
Followers
594
Following
1K
Media
9
Statuses
409
Security Researcher🤡 | iOS/macOS/Android Security
Joined September 2021
🧵Apple just devalued full TCC bypasses from 30,5k to 5k. Hard to interpret this in a good way. It feels like - we admit we can’t fix this shit and we don’t care or at least not willing to pay for it - we don’t care about privacy https://t.co/jGd553oHw0
security.apple.com
Browse the full list of eligible payouts through the Apple Security Bounty program before you submit a report.
10
34
214
#deepsec 12/16/ 2025 "Do not omit function return values: Bug hunting and exploitation in the Kirin GPU kernel module" by @hzshang15 shows how missed return checks in Huawei Kirin GPU cause page UAF escalations, HKIP bypass, and EL1 code execution.
1
4
14
#deepsec 12/16/2025 "Privilege Is the Prelude: Chaining an LPE to Two Root-Required Bugs for Full TCC on macOS" by @Y1nKoc @binary_fmyy @Mas0nShi will present a practical vulnerability chain that crosses the TCC boundary using 3 vulnerabilities.👉
1
10
33
Exploiting NVIDIA's GPU Linux drivers https://t.co/IARbGJf0rQ Excellent blog post by Robin Bastide (@quarkslab) #infosec
5
43
229
The slidedeck to our talk, Crash One: A Starbucks Story - CVE-2025-24277, with @gergely_kalman from @hexacon_fr and @objective_see #OBTS is available from the link below. It was a macOS vulnerability impacting the crash reporting process where we could achieve LPE and sandbox
1
26
86
New teardown: took apart an ‘iris-secured’ hardware wallet and found a bootloader issue plus a zero-biometric unlock path. https://t.co/4xLzduQ5OE
5
36
323
so excited to finally share something I’ve been working on alongside many brilliant colleagues. MTE will truly raise the bar for memory safety. https://t.co/KPyyJUbKPM
8
44
347
New blog post: A journey in Android physical memory - writeup on exploiting recent GPU bug CVE-2025-21479
dawnslab.jd.com
背景 在大多数用户的印象里,GPU(图形处理器)是游戏流畅、视频绚丽的保障,是沉浸在虚拟世界背后的无名英雄。然而,在现代移动计算架构,尤其是在安卓生态中,GPU的角色早已超越了“图形画师”的范畴。它通过诸如OpenCL、Vulkan等通用计算框架,深度参与到机器学习、图像处理、甚至安全计算等关键任务中,成为了SoC(系统级芯片)中与CPU平起平坐的“第二颗大脑”。 正是这种权限与复杂性的与日俱增
0
86
275
A bit late, but I just published my blog post on bypassing Ubuntu’s sandbox! Hope you enjoy it! https://t.co/Q9Nra9n6N0
u1f383.github.io
5
114
392
4
72
417
I'm looking for PhD students starting Fall 2026! If you're interested in automated testing and trustworthy program verification, feel free to reach out via email or come chat with me at ISSTA/FSE next week!
Excited to share that two of our papers will be presented next week: one at SIGMOD (Tuesday), and another at the FUZZING Workshop @ ISSTA (Saturday)! The student collaborators from @ECNUER will present the papers. I’ll be at ISSTA/FSE next week—come say hi! Looking forward to
3
11
42
I've released a blog series about modern Linux kernel exploitation, where you can learn some advanced techniques used in real-world kernel exploits. Enjoy! https://t.co/26QCrgUxdb
4
268
992
Meet our new buddy, Argusee — an AI-powered, automated vulnerability hunter that has already discovered 15+ vulnerabilities across projects, including a previously unknown Linux kernel flaw (CVE-2025-37891) enabling LPE. Demo and details: https://t.co/lkqcOYQhSy
1
32
121
I got six CVEs and one acknowledgement. More on the way. I am planning to share these vulnerabilities. Stay tunned. 1. CVE-2025-24249; 2. CVE-2025-31182; 3. CVE-2025-24248; 4. CVE-2025-24205; 5. CVE-2025-24207; 6. CVE-2025-24170 Thanks @Mas0nShi @Lyutoon_ @binary_fmyy @PPPF00L
🍎 Apple security releases today https://t.co/YWAUsDeu9H 📲 About the security content of iOS 18.4 and iPadOS 18.4 https://t.co/9Py4pNQge7 🖥️ About the security content of macOS Sequoia 15.4
5
9
142
This jailbreak detection approach closely resembles the earlier method of identifying Cydia via deep links. Good job😂
Since the app exploiting it was leaked, I’m leaking the function they used. Don’t know if it’s exploitable on latest or not.
0
0
5
Since the app exploiting it was leaked, I’m leaking the function they used. Don’t know if it’s exploitable on latest or not.
14
76
625
nice Linux kernel pwn challenge write up by @terawhiz for LACTF 2025. exploiting a 3 byte OOB write primitive https://t.co/keuUUdwOCl
1
49
243
I've published a write-up on reversing and analyzing Samsung's H-Arx hypervisor architecture for Exynos devices, which has had a lot of changes in recent years and pretty interesting design. Hope you all enjoy :) https://t.co/KTJ5IKfSfP
dayzerosec.com
In many ways, mobile devices lead the security industry when it comes to defense-in-depth and mitigation. Over the years, it has been proven time and again that the kernel cannot be trusted to be...
3
113
504