⚡️ 0-Day Alert - Google Chrome exploit in the wild. CVE-2025-6554: TheHole leak. Patched in Chrome Stable channel 138.0.7204.96/.97 for Windows, 138.0.7204.92/.93 for Mac and 138.0.7204.92 for Linux

RT @kn9vn: I've been taking the Browser Exploitation Training from @alisaesage and @zerodaytraining, and I can honestly say this is one of….

RT @alisaesage: This patch relaxes alias analysis in v8's turboshaft compiler to avoid live store elimination on unobserved nodes, the effe….

⚡️ 0-Day Alert - Google Chrome exploit in the wild. CVE-2025-5419: Memory corruption in v8. Patched in Chrome Stable Channel 137.0.7151.68/.69

RT @alisaesage: 2/ @zerodaytraining isn’t content. It’s zero to hardcore cognition architecture, expressed under the domain of technology e….

0-day discovery and exploit engineering are cognitively orthogonal in how they challenge inherent limits of the human brain. In this video our exploit architect @alisaesage talks through the root level of what makes either hard, & how to deal with it:

RT @alisaesage: New video: On Zero Days & Exploit Engineering 🎥 I started as a kid cracking video games for God Mo….

RT @zerodaytraining: "I'm excited to start off 2024 by completing Zero Day Engineering's Zero Day Vulnerability Research course. Alisa Es….

Alum @_jaelkoh reflects on two years in offensive security:.This year, he returns post-OSEE to our advanced binary exploitation track — an alignment pattern we see often. When you realise how ZDE system works, exit isn't an option.

Next cohort of Browser Exploit Design training program is open for booking: June-August 2025, with technical consultation by @alisaesage.

Field echo detected!. @alisaesage's "Fuzzing from First Principles" lecture dropped the seed – now it shapes reasoning and operations. That’s how structural insight moves. Full blog:

JIT vulnerabilities happen when compilers trust identity more than context

“Zero Day Engineering isn’t about hunting bugs or ‘exploit dev’. It’s the art of seeing structure beneath patterns, architecting potential through computational constraints, and designing systems that express it as sovereignty.” — @alisaesage.

RT @alisaesage: iOS PAC mitigation exploits share operational pattern with hypervisor VMX escapes. Hardware exposes the framework, software….

Systems modeling perspective on software as exploit engineering insight

RT @alisaesage: Playing with Safari exploits on my Linux-based Browser Exploitation training VM

⚡️ 0-Day Alert - Apple bugs actively exploited in targeted attacks:. CVE-2025-31200: Memory corruption in CoreAudio framework, reachable via a media file.CVE-2025-31201: Exploit Mitigation bypass - Pointer Authentication. Patched in Apple iOS < 18.4.1 and iPadOS < 18.4.1

RT @alisaesage: Black Hat Asia was the first conference that I attended as a rookie security researcher, years ago when it was still held i….

RT @alisaesage: Slides: "Unveiling the Mysteries of Hexagon QDSP6 JTAG"

From the archives: "Advanced Hexagon Diag" (2020) (technical talk by @alisaesage).