Watch XOR’s talk CUDA de Grâce: Owning AI Cloud Infrastructure with GPU exploits Kernel + driver bugs aren’t just a LPE problem, they’re a cloud problem. With the explosion of AI in the cloud, NVIDIA’s GPU drivers have become a valuable attack surface https://t.co/cIYKcYMb6L

My HEXACON talk video is out! It covers a small race condition in the Linux kernel’s io_uring. I recommend watching it at 1.25× speed since I’m still not great at speaking 😅 https://t.co/lMuweA7PyU Here is the slide! https://t.co/9jPoKMzxwL

Our @hexacon_fr talk is out on Youtube now😎 https://t.co/eN4vG4658d Follow the slides at:

If you missed HEXACON 2025 or want to rewatch some of the talks, they’re now available on our YouTube channel 📽️ Enjoy the content, and see you in 2026! https://t.co/KHHVAGY48M

Congrats @ryaagard 👀 We will not be connecting to any Minecraft servers you host.

We at CoR (+ @u1f383) had a great experience at @hexacon_fr this weekend Met many skilled VR people, the venue was amazing, and the speaker gifts were simply🔥 Best offensive security conference we have seen so far - thanks again to the organizers for the opportunity!

An RbTree Family Drama: Exploiting a Linux Kernel 0-day Through Red-Black Tree Transformations by William Liu and Savino Dicanosa

Wanna learn how to perform OOP in functional programming all in Google Sheets? Come check out our team member @MaxCai33447144 research, which he made into a corCTF 2025 challenge! https://t.co/Nj709JiLyp

We have a🔥presentation ready for Hexacon. Come grab a beer with us afterwards! See everyone in Paris🇫🇷🫡

Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 & CVE-2023-4130) https://t.co/Cbk9MBo91v Cheers to @u1f383 for finding these CVEs + the OffensiveCon talk from gteissier & @laomaiweng for inspiration!

Check out our teammate's retrospective on his kernel fuzzing summer: https://t.co/Gnl51l4j6F It covers a net/sched fuzzing quirk (inspiring HangBuzz101 in corCTF), and summarizes the kernelCTF adventures of our team. Another really cool exploit write-up will drop this Sunday 👀

For corCTF2025 our teammate D3vil ( https://t.co/cGEhvUku0w) wrote an Android kernel pwn. Congrats to @u1f383 for the only solve! Make sure to read his writeup!

We recently claimed the cos-113 slot with an exploit for CVE-2024-58240😎 A backport for an exploitable UAF was missed for 6.1.x for the past 1.5 years🧐 Maybe when we have healed from our recent 100k bug bounty typo will we tell the full story🤪

Per tradition, corCTF rev is just VM rev. Check out these 2 author writeups about VM rev from @MaxCai33447144, our new reverse engineer lead! https://t.co/r4vSv32ROw https://t.co/Djh3mazJlh

Come check out our author writeup for corctf-challenge-dev-2 from Drakon: https://t.co/OB9Pw6PIU4 Timing side-channel attack against Chromium extensions😎

corCTF 2025 has ended! Congrats to the top 5: 1. @FlatNetworkOrg 2. @r3kapig @ProjectSEKAIctf 3. The Amazing Digital Orange 4. @TheRomanXpl0it 5. STM Thank you to all of our players and sponsors! @osec_io, Research Innovations, @ret2systems, @trailofbits, @vector35, @googlecloud

24 hours left in corCTF! Come play if you haven't already, and let's see if there are any big moves in the final day 👀 Our final challenge wave will be dropping shortly.

Online Safety Act getting in your way? Win £50 or a year of NordVPN in misc/england. Come play corCTF 2025, only 42 more hours to go!

corCTF 2025 begins in an hour! Come register at https://t.co/vR7bvxHy6x 😎 We have everything from easy challenges to an AMD uarch attack, a web service 0-day, and an Android LPE exploit👀

On your marks, set, pwn in 24 hours!🚩 Come register for corCTF 2025 at https://t.co/vR7bvxHy6x 😎, our prize pool is over 10k USD🤑