🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Successfully bypassing the ArrayBuffer isolation in Adobe Reader and completing the fullchain with Ezrak1e, I will have the opportunity to share with how to perform heap layout under ArrayBuffer isolation and how my vul can reuse the ArrayBuffer as an arbitrary R/W primitive.

Escape from VMware ESXi’s vm with my teammates Danis Jiang Jiang and Ezrak1e.

I am very glad to be the MSRC Q1 top. During this process, the greatest gain for me was discussing with Danis Jiang on how to use LLM to assist in fuzzing and vulnerability discovery.

Our talk "Dark Corners: How a Failed Patch Left VMware ESXi VM Escapes Open for Two Years" has been accepted by BlackHat USA 2025! Super excited to present this work with 0x140ce and Ezrak1e. See you at #BHUSA! Black Hat blackhat.com/us-25/briefing…