starlabs
@starlabs_sg
Followers
9K
Following
216
Media
47
Statuses
265
A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
Singapore
Joined September 2018
Reverse engineering Google's undocumented DSP pays off! Our co-workers @st424204 & @Peterpan980927 found the first public vuln in Pixel 8's DSP → kernel takeover.MTE? What MTE? 😎.Their talk got accepted at @HacksInTaiwan.
hitcon.org
Last year, we uncovered the first publicly known security vulnerability in Google's proprietary Digital Signal Processors (DSP) embedded in the Pixel 8. This processor was previously undocumented and...
1
43
170
Proud of our team’s Top 100 achievement! Kudos to @cplearns2h4ck & @KaligulaSec for their contributions and dedication to responsible disclosure. 88 is a pretty auspicious number too. 🥳
Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard. The Microsoft Researcher
1
1
29
CASE CLOSED: CVE-2025-29824.0 public samples, 0 information.Suspect: Windows CLFS driver.Crime: UAF leading to Privilege Escalation.Status: ACTIVELY EXPLOITED ITW.Investigation: Debugged and documented.Case files: Done by our intern, Ong How Chong.
starlabs.sg
In April 2025, Microsoft patched a vulnerability that had become a key component in sophisticated ransomware attack chains. CVE-2025-29824, an use-after-free bug in the Windows Common Log File System...
0
43
163
One of our current intern, @goatmilkkk shared his Chrome-atic escape adventure using CVE-2024-30088.Epic obstacles documented in it too!.
starlabs.sg
For my internship, I was tasked by my mentor Le Qi to analyze CVE-2024-30088, a double-fetch race condition bug in the Windows Kernel Image ntoskrnl.exe. A public POC demonstrating EoP from Medium...
2
57
194
Our researchers, @KaligulaSec & @cplearns2h4ck were credited for 4 vulnerabilities in Microsoft this month. Huge congratulations to both of them for their exceptional work. 👏.
0
10
63
RT @offbyoneconf: @offbyoneconf 2025 Day 2 presentation videos are now available on our official YouTube channel! Subscribe, like 👍 and com….
0
11
0
The Day 2 videos are finally out 🥳🥳.
@offbyoneconf 2025 Day 2 presentation videos are now available on our official YouTube channel! Subscribe, like 👍 and comment!.
0
2
15
RT @offbyoneconf: @offbyoneconf 2025 Day 1 presentation videos are now available on our official YouTube channel! Subscribe, like 👍 and co….
0
14
0
The Day 1 videos are finally out 🥳🥳.
@offbyoneconf 2025 Day 1 presentation videos are now available on our official YouTube channel! Subscribe, like 👍 and comment!.
0
1
17
When life gives you tangerines🍊.Intern Lin Ze Wei's task: Port a 2-bug exploit to Pixel 6 Pro.Problem: One bug "doesn't work".Solution: Make it work with 1 bug. Sometimes the best research comes from working with what you think you have.
starlabs.sg
During my internship I was tasked to analyze a Mali GPU exploit on Pixel 7/8 devices and adapt it to make it work on another device: the Pixel 6 Pro. While the exploit process itself is relatively...
0
38
144
After almost 8 months of coordinated disclosure, vulnerabilities in Trend Micro Apex Central discovered by our former colleague @Chocologicall have been resolved!. ZDI advisories: ZDI-25-295, ZDI-25-296, ZDI-25-297, ZDI-25-236, ZDI-25-237.
0
1
26
After 6 months of responsible disclosure, proud to announce our team discovered 13 (mostly exploitable) vulnerabilities in Samsung Exynos processors! Kudos to @st424204, @n0psledbyte, @Peterpan980927 & @rainbowpigeon_.CVE-2025-23095 to CVE-2025-23107 .📍
semiconductor.samsung.com
Samsung semiconductor values product security. Check out the latest product security update at Samsung Semiconductor Global.
2
22
157
"Why is my exploit taking 10 minutes?" .*checks logs* .*sees 10,000 kernel warnings* .". oh" 💡. Fresh Friday night read: our intern, Tan Ze Jian, on Mali exploitation - sometimes the fix is simpler than you think!.
starlabs.sg
As part of my internship at STAR Labs, I was tasked to conduct N-day analysis of CVE-2023-6241. The original PoC can be found here, along with the accompanying write-up. In this blog post, I will...
0
27
114
RT @thezdi: Pwn2Own Berlin 2025 comes to a close. We awarded $1,078,750 for 28 unique 0-days. Congrats to @starlabs_sg for winning Master o….
0
37
0
RT @_jsoo_: Big shoutout to @hi_im_d4rkn3ss & @gerrard_tai for flying over & represent us.To our 1st-timers Gerrard @cplearns2h4ck @MochiNi….
0
9
0
RT @thezdi: Confirmed!! Dung and Nguyen (@MochiNishimiya) of STARLabs used a TOCTOU race condition to escape the VM and an Improper Validat….
0
16
0
RT @thezdi: Confirmed! Gerrard Tai of STAR Labs SG Pte. Ltd used a Use-After-Free bug to escalate privileges on Red Hat Enterprise Linux. T….
0
10
0
RT @thezdi: Outstanding! Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG used a single integer overflow to exploit #VMware ESXi - a fir….
0
48
0
RT @thezdi: Nicely done! Billy (@st424204) and Ramdhan (@n0psledbyte) of STAR Labs used a UAF in the Linux kernel to perform their Docker….
0
3
0
RT @thezdi: Confirmed! Chen Le Qi (@cplearns2h4ck) of STARLabs SG combined a UAF and an integer overflow to escalate to SYSTEM on #Windows….
0
13
0