@francisco_oca and I have just released Ponce v0.3 version. Runs on any IDA version >=7.0 on Windows, Linux and OSx. Symbolic Execution within IDA just one click away. Ponce now supports ARM binaries and a large list of new features that you can find here:.

RT @degrigis: You are probably gonna hate me for the title of this blogpost, but, here is a quick peek into one of the most surprising comp….

RT @cl4sm: Checkout the Post-Mortem of our system ARTIPHISHELL (by @degrigis and I)! We look at a few issues that kept @shellphish from a t….

The second post in my AIxCC series is out. This one breaks down the rules and scoring—key to understanding why teams built their systems the way they did. It also analyzes teams results and why some of them found less vulns but were scored higher!

RT @wunderwuzzi23: 👉 Episode 21: Hijacking Windsurf. How Prompt Injection Leaks Developer Secrets. The agent cannot protect your private co….

Back at Defcon after years away. The highlight? DARPA’s AI Cyber Challenge (AIxCC). It blew me away—and inspired me to launch a new personal blog. I'm doing a series of posts about AIxCC. The first one is out:

RT @0xor0ne: Cisco RV130 VPN router firmware analysis and vulnerability research by Raffaele Ruggeri. #infosec #io….

RT @pr0cf51: Here’s the source code of our #AIxCC winning team @TeamAtlanta24, enjoy! . More things TBA.

RT @mbrg0: we hijacked microsoft's copilot studio agents and got them to spill out their private knowledge, reveal their tools and let us u….

Is there any playlist with the songs played between talks at @BlackHatEvents. They are soooo cool!.

Really cool talk at Blackhat to train models on a specific task, in this case malware development bypassing AVS. Single purpose model are way better than general ones. Model was released:.

RT @RincnCuriosoo: Convirtiendo un cuadrado en un triángulo equilátero .

RT @JeremiahDJohns: One of my all-time favorite type of videos is pre-fame bands playing their extremely famous songs to a tiny room of peo….

RT @retr0reg: exploiting a v8 engine pwn challenge

RT @HashemGhaili: Prompt Theory (Made with Veo 3). What if AI-generated characters refused to believe they were AI-generated? https://t.co/….

RT @robertswiecki: Fuzzing Windows Defender in the Honggfuzz+IntelPT (hardware) mode. by @buherator.

RT @dillon_franke: Thrilled to announce my new Project Zero blog post is LIVE! 🎉 I detail my knowledge-driven fuzzing process to find sandb….

RT @vitrupo: Jim Fan says NVIDIA trained humanoid robots to walk and move like humans -- zero-shot transfer from simulation to the real wor….

RT @dennis_kniep: Wrote about a novel technique that leverages the well-known Device Code #phishing approach. It dynamically initiates the….

RT @nicksdjohnson: Recently I was targeted by an extremely sophisticated phishing attack, and I want to highlight it here. It exploits a vu….

RT @luijait_: Cybersecurity AI (CAI) - HackableII - 9 minutos y 45 segundos . 🔍 1/7 Fase Inicial: Reconocimiento del objetivo 192.168.2.11E….