🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

`People talk about exploits as if they are "weapons", but really, they are fragile and stunningly improvisational rube goldberg machines.` ~Halvar Flake youtube.com/watch?v=bl2U1p…

My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions. github.com/mistymntncop/C…

"WebAssembly Is All You Need:Exploiting Chrome and the V8 Sandbox 10+ times with WASM" by Xion Worth a watch :) youtube.com/watch?v=nb1so4…

Some of my analysis of several Map related bugs and vulnerabilities while learning v8. xia0.sh/blog/visit-the…

The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" docs.google.com/presentation/d…

Over 6 months and no ITW V8 exploits? Have I spoken too soon?..

I spoke too soon 😆

RE: CVE-2025-5419 - vuln allows you to read uninitialized memory by removing an initializing store.

This weekend, I gave a talk on web browser security research at a student-organized conference. I tried to make the talk reasonably beginner-friendly, so the slides (linked here) could hopefully be useful to someone as a learning resource. docs.google.com/presentation/d…

Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…

(CVE-2025-2783)[405143032][mojo] Google Chrome Sandbox Escape(exploited ITW) is now open(PoC & exploit are restricted🥲) issues.chromium.org/issues/4051430… Reported by Boris Larin Igor Kuznetsov

Leak hole PoC for Chrome in-the-wild vulnerability CVE-2025-6554 published yesterday: github.com/DarkNavySecuri…

Mini Writeup of CVE-2025-6554. POC by DARKNAVY. All errors in writeup my own. gist.github.com/mistymntncop/3…

What is the 3rd hole exploitation technique i wonder =/ ?

Again an interesting bug, an excellent and very detailed report with PoC & exploit from 303f06e3🔥🔥🔥 [$50000][403211343][turboshaft]Improper Error Handling in LateLoadElimination for String Map -> RCE issues.chromium.org/issues/4032113…

CVE-2025-4941 - Trend ZDI analyst Hossein Lotfi details the Firefox bug used at #Pwn2Own Berlin by Manfred Paul. Includes root cause analysis and video demo. zerodayinitiative.com/blog/2025/7/14…

Has there ever been anyone who has claimed to have performed the stack buffer overflow technique before the Morris Worm in 1988?

Escalation methodology for CVE-2024-4947, a in-the-wild V8 type confusion bug. Shoutout to vaber, Boris Larin, 1377 High-yield Nukes, j j, 303f06e3 and Dimitri Fourny for their great research for this bug! github.com/bjrjk/CVE-2024…

My brief Analysis of Chrome's 0day CVE-2025-6554 in the Wild,it's really insterating,thanks sharing of DARKNAVY,j j before.

.Ryan Fleury's talk is out! Come learn why and how RADDBG so smoothly goes far beyond text debugging. youtu.be/_9_bK_WjuYY