Modern iOS Security Features – A Deep Dive by Moritz Steffin and @naehrdine https://t.co/FRdenEEfqB

A little morning research. New React/Next.js CVE-2025-55183 Source code leakage PoC Bypasses Cloudflare! @FearsOff #react #bypass #cloudflare

stop using ubuntu 24.04 to host your kernel pwn challenges lmao https://t.co/uCCNthelDn

Made a pwn challenge for this year’s HITCON CTF, which required participants to bypass PAC, BTI, and deal with relative vtables. Here’s the write-up: https://t.co/5IrEynUF3T Check it out if you're interested🙂

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to @0xdea for not forgetting me, @guitmz for the edits, and the

LLM skeptics (or LLM curious folks) should read through @theori_io 's blog walking through what our LLM agents accomplished in #AIxCC (in testing before the contest) https://t.co/MfCwI0J42A you can just read the traces directly, but this points out some of the most fun :)

Another great badge this year by @ANDnXOR! #mattdamon #mainedoesnotexist

It's 8PM in Maine, it's officially the weekend, we've 85% of our philanthropist badges. These won't last long:

One of our current intern, @goatmilkkk shared his Chrome-atic escape adventure using CVE-2024-30088 Epic obstacles documented in it too! https://t.co/pZH3WgQG91

Apple’s Darwin OS and XNU Kernel Deep Dive

If you ever think there are no more bugs left to find… this Linux kernel bug was just patched yesterday and existed for 5 YEARS

A real-world example of an issue I posted in a challenge recently, where std::stable_sort is not memory safe when the comparator doesn't adhere to strict weak ordering.

Writeup on how the PoC was designed, some observations, comparisons with other decompiler MCPs and thoughts: https://t.co/Zx6muUIwBM

CimFS: Crashing in memory, Finding SYSTEM! @cplearns2h4ck dug into Microsoft CimFS, found a sneaky 0-day, and guess what? The fix by Microsoft was just locking the door 🔐on unprivileged users. 😂 Dive into the adventure with us:

Since a lot of you seem to have liked my previous challenge, here's a new one. The goal is, once again, to find a bug and leak the secret. BTW all AI-generated responses failed quite spectacularly last time, so perhaps it's better if you refrain from using it.

A friend of mine (@gynvael) is organizing a course about reversing binary files and protocols: https://t.co/KSf2LsmMGT recommendation++

Sure, renderer exploits are fun, but have you tried adding hash collision constraints to it? https://t.co/EKRPLLuitX https://t.co/2nfJxfsEBz

If you like CTF challenges, we've been steadily pushing some of my favorite tasks to my new edu site: https://t.co/AO3gLJSBep From top to bottom: Linux RE, 2x JS RE, USB PCAP, ZIP/crypto, DOS/VGA RE, 2x BMP image stegano, 5x BMP file format stegano, Python 2.7 RE, and ROP RE HFGL

My slides from today's talk about Static Program Analysis. I go into how data flow analysis (like taint propagation in CodeQL) works from first principles - should be digestible with some first-year university maths knowledge https://t.co/lgvdS7BySo

im a noob at hardware but i really enjoyed playing around with this hardware conference badge — cutting and poking random wires :) check out my writeup