We published a blogpost about SafeContentFrame - a library for rendering untrusted content inside an iframe. The library is a big party of what I've been up to in the few last years! Check out the blog and take a slice of my birthday cake 🎂! https://t.co/9gGEqUuwIX

Shops were open this weekend, and we spent $4298 finishing 🥈! Congrats to @fluxfingers for an amazing event.

The philosophy textbook "The Secret Codes of the Mind: Introduction to Philosophy" is the culmination of 40 years of academic and teaching excellence by Dr. Andrew V. Kudin. Spanning over 540,000 words, this monumental work has been thoughtfully divided into six volumes to ensure

Finished 🥈 in https://t.co/AyuGCwzKsY CTF w/ @justCatTheFish Some cool challenges as always and with my teammates we managed to clear all web challenges yet again!

talk recording is out now!! (yt in replies)

We have a really cool announcement: We’re opening the Critical Research Lab to submissions! Our goal is to give hackers some incentive to write about the things they’re studying, provide an extra reach for your work and give the community some incentive to share knowledge.

Governance is NEAR 🗳️ Voting on the first House of Stake sensing proposals is now live. You have 7 days to stake & delegate your veNEAR to make your voice heard. To participate in future binding votes, veNEAR will need to be staked & delegated PRIOR to a proposal going live.

XSS-Leak: Leaking Cross-Origin Redirects, Subdomains and More! You can read the article here: https://t.co/Zc6NWO4716

For the @ASIS_CTF, I created a challenge based on an interesting (novel?) DOM Clobbering technique! 🚩 In short, in non-strict mode, HTMLCollection items are not writable. This blocks property assignment, allowing unexpected values to be created 😄 👉 https://t.co/XiZX43MKY3

For the first time in my CTF career I saw such a shameless and broad flag sharing 😦 Almost all challenges dropped to minimal points with over 300 teams participating in the scheme! Only a few CTFs even get that number of all teams. That's just mind blowing 🤯

Forcing Quirks Mode with PHP Warnings + CSS Exfiltration without Network Requests https://t.co/E2GkB7I5Mj Published author writeup for pure-leak in ASIS CTF Quals 2025!

Turns out my #PHRACK article is live! 🔥 > The Art of PHP — My CTF Journey and Untold Stories! Kinda a love letter to those CTF players & PHP nerds! Hope all the credit goes to the right ppl. Also huge thanks to @0xdea for not forgetting me, @guitmz for the edits, and the

Meanwhile, me who got hired in security with basically just a CTF background and who haven't learned about any of the mentioned things 😂

Another challenge that I prepared for justCTF2025 was about a neat Prototype Pollution variation that bypasses commong mitigation strategies and which isn't commonly known, even in the infosec community! Checkout the writeup! https://t.co/plDN8KdlmE

For this year's justCTF2025 I created three web challenges. Here goes the writeup to Busy Traffic - the only unsolved challenge. It combined a neat technique of cache poisoning and response splitting to construct an arbitrary XSS. Check it out! https://t.co/TpqRVrFoGo

The 2025 edition of the CTF is over! Thanks everyone for playing. Congrats to the first three places: #1 @r3kapig + @ProjectSEKAIctf #2 @Infobahn_ctf #3 @kalmarunionenDM And also big thanks to our sponsors @trailofbits @osec_io @HexRaysSA @zellic_io

https://t.co/Y0baddUzgJ yikes, Brave's HTML serialization seems really broken <div id=x><span x="aaa&gt;&bbb"></div> <script> x.innerHTML=x.innerHTML; alert(x.innerHTML)// <span x="" aaa="">&amp;bbb"&gt;</span> </script>

Less than 23 hours to go, and 3 challenges still unsolved! Check https://t.co/YfVp7gbiZ8 Shout-out to our sponsors! @trailofbits @osec_io @HexRaysSA @zellic_io

https://t.co/XwDG4XMgiC

So many unsolved web challenges this year 🫣 The competition runs for another 28 hours!

Two of my web challenges are up. Check them out!

🎯 JustCTF 2025 - 37h of top-tier online jeopardy CTF action! 🗓️ Starts Aug 2, 0600 UTC 💰 $8,628 prize pool + IDA Pro licenses + swag Big thanks to our sponsors! @trailofbits @osec_io @HexRaysSA @zellic_io https://t.co/YfVp7gaL9A | https://t.co/7N7YdKK9HP #CTF #CyberSecurity