Andy Nguyen
@theflow0
Followers
61K
Following
4K
Media
55
Statuses
3K
The opinions stated here are my own, not those of my company.
Zürich, Schweiz
Joined January 2016
RT @_MatteoRizzo: Our new blog post is out! Check it out, I think we got some really cool results in this one.
0
2
0
Speculative rop chain execution in guest-to-host attack 👀.
Our latest post details how we exploited Retbleed (a CPU vulnerability) to compromise a machine from a sandboxed process and VM! . Curious? 👇.
5
13
122
RT @bellis1000: When facing a technical challenge, draft a message to a colleague/developer friend. I find that ~50% of the time I figure o….
0
9
0
RT @chompie1337: You can now watch my keynote on the Exploit Development Lifecycle ⬇️ Think the work is done after finding 0-day? Think a….
0
59
0
RT @typhooncon: 🌪️ It is a privilege to welcome @theflow0 as our first keynote speaker at #TyphoonCon2025 🎤🔥. Join us in Seoul on May 29-30….
0
23
0
😂.
25
10
303
What did I do to deserve this 😅.
62
18
558
RT @_MatteoRizzo: Our newest research project is finally public! We can load malicious microcode on Zen1-Zen4 CPUs!.
github.com
### Summary Google Security Team has identified a security vulnerability in some AMD Zen-based CPUs. This vulnerability allows an adversary with local administrator privileges (ring 0 from outside...
0
284
0
Vuln research requires patience, persistence and passion.
code auditing for exploitable bugs is a lot of labor. building fuzzers to find exploitable bugs is a lot of labor. stop trying to find shortcuts. expect to put in a lot of time and sustained effort. can’t be frustrated when you haven’t put in the effort.
18
36
367
RT @GoogleVRP: 🛡️Want to help make the open source world safer and earn up to $45k 💰? . We've revamped our Patch Rewards Program, extending….
bughunters.google.com
This blog post takes you through everything you need to know about the Patch Rewards Program, including our newly introduced focus on memory safety (including reward multipliers!), recently increased...
0
30
0
RT @ayper: Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc+….
security.googleblog.com
Posted by Alex Rebert and Max Shavrick, Security Foundations, and Kinuko Yasuda, Core Developer Attackers regularly exploit spatial mem...
0
51
0
