⚠️⚠️⚠️⚠️ Critical Infrastructure Alert ⚠️⚠️⚠️⚠️ Twitter currently employs 0 furries

oh, fancy, the European Union has their own official Mastodon for official things at social.network.europa.eu/public since April

Mind the gap: googleprojectzero.blogspot.com/2022/11/mind-t… Part of project zero's remit is to drive structural improvements across the ecosystem.

This includes calling out failures and patch gapping is currently a major issue with Android. In this case, 5 Mali GPU vulnerabilities we reported this summer were fixed by ARM but those fixes still haven't made it to end user devices, many months later.

Excited to announce my first ever P0 blogpost is now public! It details a new exploit strategy on Linux kernel that Jann and I worked together to invent. Thanks to everyone on the P0 team for giving me the opportunity to achieve this dream! googleprojectzero.blogspot.com/2022/12/exploi…

soatok.blog/2022/12/16/sec…

Hahahahaha. Comedy.

Just retweeted by the French Minister for Digital:

well you know you can find me at thejh.net/r/infosec.exch…

In this post I'll use CVE-2022-38181, a use-after-free I reported last year in the Arm Mali GPU driver to gain arbitrary kernel code execution and root from untrusted Android app. Not sure if the bug or the disclosure is more interesting: github.blog/2023-01-23-pwn…

What happens when you get Natalie Silvanovich, Ivan Fratric 💙💛, Felix Wilhelm, Ian Beer and Jann Horn - [email protected] working collaboratively on a new attack surface for the team? This: googleprojectzero.blogspot.com/2023/03/multip… The blogpost also includes actions that users can take to protect themselves while waiting for patches.

First big result from our new CPU research project, a use-after-free in AMD Zen2 processors! 🔥 AMD have just released updated microcode for affected systems, please update! lock.cmpxchg8b.com/zenbleed.html

Cryptography / TLS folks might enjoy this: The True Keyless Content Distribution Network! true-keyless.thejh.net