🙈 See no evil 🙉 Hear no evil 🙊Speak no evil 🐒 Accept moral ambiguity

Ending an insane 6 weeks with a celebration. I’m deeply honored to receive the Trailblazer Award from the Society of Women Engineers. Thank you @SWEtalk! Grateful to my mgmt, team, husband, family, and friends. Their support has made every one of my accomplishments possible.

This will happen far sooner than most people think! This coin, this community, is a cut about the rest. Lets go $UFD

A fun fact about this bug is that we only had an (entirely internally imposed) ~ 8 hour deadline to find it. Looking forward to sharing more info about it.

Integrators should update today!

Serious bugs often occur in third-party components integrated by other software. @ifsecure and I found this vulnerability in the Dolby Unified Decoder. It affects Android, iOS and Windows among other platforms, sometimes 0-click. https://t.co/LchMIdKP0P

GraniteShares announced distribution rates for the YieldBOOST™ COIN ETF (COYY) as of October 30, 2025 $COYY COYY: Standardized performance: Since Inception (7/29/2025): -15.20%

Super cool potential ASLR leak via dictionary hashing by @tehjh!

How to win at egg hunt: choose the character you're currently raising for your party, and make sure it has full happiness. Under this condition there's a 10% chance to get 9 eggs. Conversely, at empty happiness there's a 10% chance of injury.

A call for help again, the NEXCO items still have not been collected, and they're going away next week. So if you happen to be near one in east Japan, please download it, and let me know.

fseek and you shall lfind

＼🎊祝！たまごっち全世界シリーズ累計出荷数1億個突破🎉／ 1億突破記念として、まめっちが1億個目のたまごっちを作るお手伝いをした特別映像が届きました！！ 皆様今後ともたまごっちを宜しくお願いします❤ #Tamagotchi #たまごっち #オリたま

Quick call for help, if anyone happens to be in Japan and near a Raku Spa, today is the last day for their Paradise promo, and the exclusive item they have on their Lab Tama still needs to be archived. So if you are able to, please try to download it.

Some personal news: I'm thrilled to be moving back to Project Zero! Specifically I'll be joining the Big Sleep project to find vulnerabilities in JavaScript engines. We've already found and reported our first vulnerability in V8 last week:

Left blue, right red #defcon

That time when @tehjh was just reviewing a new Linux kernel feature, found a security vuln, then went on a journey to see if he could exploit it from inside the Chrome Linux Desktop renderer sandbox (spoiler: very yes) https://t.co/Atc6toEdAj

Sample image

How to use your Defcon Badge

“You wouldn’t happen to have anything that could help me understand today’s ever-changing threat landscape? Perhaps involving a bit of AI?”

Peak BH slide

Quick PSA: if you feel like DEF CON is boring or “not cool anymore” then DO SOMETHING COOL! Community starts with each and every one of us. I give you permission to stop worrying about being cringe and GO BE WEIRD!!!!

Today as part of our commitment to transparency in this space, we are proud to announce that we have reported the first 20 vulnerabilities discovered using our AI-based "Big Sleep" system powered by Gemini —

Computers are taking our jobs! (1952)