🚀 BIG ANNOUNCEMENT! 🚀 The full rev.​ng decompiler pipeline is now fully open source! Also, we'll soon start to invite people to participate in the UI closed beta. Check out our latest blog post: https://t.co/9YchJS4RIG

We're now based on QEMU 8, we need some more work to further upgrade to QEMU 10.

⏫ After many many years, we upgrade our QEMU fork! Goodby libptc, welcome libtcg! Here you can find a summary of the improvements this brings: https://t.co/PlHdGrBzvG Moreover, we can now support Hexagon, RISC-V and Loongarch.

🎉 We’re excited to host the 9th Nix Milano Unconference at our HQ! Seats are limited, so hurry up and register! 📅 Saturday, December 13, 2025 at 9.30 AM 📍 Via Carlo Farini 57A, Milan 🔗

For your enjoyment, the video of the talk has been published: https://t.co/LtUNFX6QZa 🤦‍♂️ No warning, no nothing. Published as a regular talk 🤷‍♂️

You can find it on YouTube as well:

📢 2nd part of our Black Hat Arsenal talk is out! Python scripting! 🐍🐍🐍

You can find it on YouTube as well: https://t.co/dCCzhr7OFL Also, soon we'll publish part 2 about Python 🐍 scripting!

🔴 We just published our Black Hat Arsenal talk (part 1)! It's a brief tutorial on: 1. using https://t.co/BpzWlLVmIo from the CLI; 2. playing around with the decompiled code in VSCode; 3. finding bugs with clang static analyzer! 🦾

Invite 100 people, fix crashes, repeat.

Our results wouldn't have been possible without the support of our sponsors, who helped us get the whole team together to Vegas: 🥇 #7Layers - #DRIVESEC 🥈 @_revng - @KeylessTech - @WuerthPhoenix - @CNIT_TLC 🙌 #STACKBITS

📢 Aaand here is Anton's talk about QEMU+RISC-V at KVM Forum 2025! Automatic Frontend Generation for RISC-V Extensions Video: https://t.co/B2ulGhMhLd (21:37) Code: https://t.co/T5ESVmSFIi 🦾

🚀 Tomorrow and Friday we'll be at #KVMForum at Politecnico di Milano! 📢 Catch Anton's talk on Friday, 9:15 (Aula De Donato): Automatic Frontend Generation for RISC-V Extensions. 🔗

Needless to say, the people reviewing talk submissions at DEF CON bear some responsibility in all of this, but I don't think I'm in the position to judge without full context.

What puzzles me is: if this is all made up, why not go the extra mile and state you can emit deobfuscated code?

Conclusion? I don't know. Either he has something, ran out of time, panicked, created the whole project with an LLM or he had a bet with his friends like "wanna bet I can get *two* talks accepted with pure AI slop?". In the latter case, he won.

Presentation and demos are quite similar: https://t.co/tb6Xkec3Ia https://t.co/D5AWB3ZLfN The code is not released:

Now, the guy had *another* talk at DEF CON, which I didn't manage to attend. Captivating title: Jailbreaking the Hivemind Finding and Exploiting Kernel Vulnerabilities in the eBPF Subsystem

Actually understanding what the obfuscated code was doing was, in his terms, "analysts enrichment". I call that "actual reversing".

Overall, I was unhappy for the quality of the talk and due to the fact that he wasn't actually emitting deobfuscated code (as we do), but just identifying opcodes. At the offline Q&A he mentioned that he "had some ideas" on how to do that with Ghidra.

After a few questions, I left. The feeling was: the work was quite flaky but, removing the fog, he seemed to have some way to identify dispatchers and was using random forest to pattern match what an opcode was doing based on some ground truth he had from past analyses.