Estaremos ministrando treinamentos de exploração de vulnerabilidades de binário e kernel em ambientes Linux em 2026. Este treinamento de binário está sendo ofertado ao público geral pela primeira vez. Para ambos treinamentos, aumentamos a carga horária (de 40 para 48 horas) e na

MigGPT: Harnessing Large Language Models for Automated Migration of Out-of-Tree Linux Kernel Patches Across Versions https://t.co/IOK8IHPniX

PlayStation 3 Architecture - A practical analysis by Rodrigo Copetti https://t.co/yYYZ8ZBX4O

This is an opportunity to join a great team with far-reaching impact across Apple! If you’ve been interested in or are currently writing detection as code at scale, please take a look.

Solving the NYTimes Pips puzzle with a constraint solver https://t.co/aQ3MOKKhOC

🦎 Gecko Academy is launching in Argentina! This free one-year program in offensive cybersecurity invites you to learn from field experts💡, gain practical skills and start your path as a vulnerability researcher🔎. Limited spots available. Submit your challenge by November

Another fun Java sandbox escape I did:

Slides https://t.co/vw5Y1idqnz

Here are the slides for my talk yesterday at Objective By the Sea! Tons of incredible research and researchers here in Ibiza :) https://t.co/nZ8GLZ5ZHS

We (@alleleintel) will offer a training in English next year for the first time. The training will be an online introduction to Linux Kernel Exploitation. If you would like to know more, my DMs are open.

I do that in my trainings. I even include the mistakes my team made while creating the trainings in the program.

During his talk, @i41nbeer said something that got me thinking: “When you see research like this, you think it was a linear process—from A to B to C… but that’s not how it really is.” I thought it would be great if there was a vulnerability research course based on a real case

You should be so lucky to have people throughout your research career that you can openly bounce ideas to and from - especially if they complement your strengths in your areas of weakness - it is a rare and precious gift.

https://t.co/pKKdMktNfy

“We can say with confidence that it either improved it…or didn’t improve it.” - Journal of Ambiguous Findings, Vol. 1

We've just released the challenges used during Hexacon 2025 Speedrun! Check them out and train for next year 🏆 https://t.co/IV8qP6syFr

🚨 Save the Date for #offensivecon26 Mark your calendars, spread the word, and stay tuned for when registrations open! 📍 Hilton Berlin 🧠 Trainings: 11–14 May 2026 🎤 Conference: 15–16 May 2026 Visit 🔗 https://t.co/83MHwjF4lo for more details.

The slidedeck to our talk, Crash One: A Starbucks Story - CVE-2025-24277, with @gergely_kalman from @hexacon_fr and @objective_see #OBTS is available from the link below. It was a macOS vulnerability impacting the crash reporting process where we could achieve LPE and sandbox

Our newest @dfsec_com blog post is live, thanks to @tomitokics from @df_forensics for putting this together :-) https://t.co/JoJfTOOXzV

From kernel oops to kernel exploit: How two little bugs (CVE-2025-23330, CVE-2025-23280) in #NVIDIA open GPU #Linux driver can lead to full system compromise. Full technical breakdown inside, #vmalloc exploitation technique included! https://t.co/lVx97yzxyU

Awesome paper about latest iOS security mitigations : SPTM, TXM, and Exclaves https://t.co/EXcHTigw3M