Here's the write-up for the OpenPGP.js signature spoofing bug which @b0n0b0__ and I found. The PoC is included at the end, where we demonstrate by spoofing a message by the Dutch government's Cyber Security Center ;).

RT @yeswehack: InfoSec media has jumped on the story of a vulnerability found via the OpenPGP.js Bug Bounty program on @yeswehack that allo….

RT @thomasrinsma: @b0n0b0__ and I found a bug in OpenPGP.js that allowed an attacker to modify a valid signature's text, without access to….

RT @CodeanIO: Codean Labs' @b0n0b0__ and @Doyensec's @drw0if discovered CVE-2025-32464, a heap-buffer overflow in HAProxy. Read our write-u….

Just published the write-up of two bugs I found in LibreOffice, allowing remote exfiltration of file/env data and a semi-arbitrary file write. Also relevant for document conversion/preview usecases :).

Finally cleaned up and published my hacky "toolchain" for running custom code on vulnerable Verifone POS devices, enjoy:

Hey cool, my PDF.js exploit made it to this list, thanks!.

RT @netspooky: Ange just casually playing Tetris in a PDF

RT @angealbertini: We played with JavaScript in PDFs:.API difference, text or hex literals or indirect objects. Triggers on document openin….

RT @linguinelabs: You know I had to do it. Bad Apple but it's a PDF

I couldn't resist.

I got nerdsniped ;) In the end it was not too difficult, Emscripten really is magical. Source here:

Yes, PDF runs DOOM! (PDFium only for now)

I wrote down some of the why/how of PDF Tetris as people were asking: Maybe I should actually try to port DOOM, hmm. .

The PDF is in plaintext but for a more readable version see here: Some more disclaimers: this only works (AFAIK) in desktop browsers, and even then it is a bit glitchy. The Tetris implementation could also use some work but it shows the concept :).

Here's a working game of Tetris inside a PDF. Even has keyboard controls (by typing WASD in an input box). Plus, upon game-over you can "save" your score by printing the page ;). Should work in most browsers (built for pdfium/PDF.js).

RT @alexjplaskett:

Credits to @b0n0b0__ and @g_dellimmagine for helping find and PoC these buffer overflows :).

We've published the final part of our research into Ghostscript, leading to CVE-2024-29506, CVE-2024-29507, CVE-2024-29508, and CVE-2024-29509. Not as practically exploitable as the previous ones, but just as fun to find, hope you enjoy.

RT @evilsocket: Attacking UNIX Systems via CUPS, Part I .