🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Our talk "Dark Corners: How a Failed Patch Left VMware ESXi VM Escapes Open for Two Years" has been accepted by BlackHat USA 2025! Super excited to present this work with 0x140ce and Ezrak1e. See you at #BHUSA! Black Hat blackhat.com/us-25/briefing…

WOW，congratulations

Our latest deep dive explores research on Windows Kernel Streaming. Check out Angelboy’s (Angelboy) write-up for key insights and analysis. Read more here: devco.re/blog/2025/05/1… #VulnerabilityResearch #Cybersecurity #WindowsKernel #OffensiveCon

Exploiting an RCE vulnerability in uc-httpd modzero.com/en/blog/roping… Credits @[email protected] #cybersecurity

0-click RCE on Tesla Model 3 through TPMS Sensors : synacktiv.com/sites/default/… credits Mastho vdehors

Good morning! I just published a blog post about a KASLR bypass that works on modern Windows 11 versions. It leverages Intel CPU cache timings to exfiltrate the base address of ntoskrnl.exe. I hope you like it! r0keb.github.io/posts/Bypassin…

share slide for Off-by-One Conference 2025 #offbyone bestwing.me/offbyone-confe…

Apparently offensivecon worked their asses off to get their talks up on YouTube Go check them out And here's the coolest talk, my talk: youtu.be/LAIr2laU-So?si… And with that, the full chain used to exploit the S24 is released. Yay!

sean.heelan.io/2025/05/22/how…

This is a good resource on how to use github.com/0vercl0k/wtf to find bugs in Microsoft's Defender Malware Protection Engine 🔥: labs.infoguard.ch/posts/attackin… by Manuel Feifel

How did we (AmirMohammad Safari) earn $50k using the Punycode technique? I’ve published a detailed blog post about our recent talk, we included 3 attack scenarios, one of which poses a high risk of account takeover on any "Login with GitLab" implementation blog.voorivex.team/puny-code-0-cl…

Zero-Day used by Stealth Falcon APT group in a spear-phishing campaign: 💥 .URL file exploitation (assigned CVE-2025-33053) 🧰 Custom Mythic implants, LOLBins, and custom payloads 🌍 High-profile targets across the Middle East and Africa research.checkpoint.com/2025/stealth-f…

CVE-2025-33070 is an auth bypass in the function NetrServerAuthenticate3 - which is the same function of ZeroLogon. But you need to force the DC into an out-of-memory state first to trigger the bug.

Writeup for my first kCTF - CVE-2023-52927😋 seadragnol.github.io/posts/CVE-2023…

Thank MSRC for its support and recognition.I will continue to strive and do even better.

🔓Join me at #BHUSA in Las Vegas (Aug 6) to dissect critical Secure Boot flaws! Until then: Try my OPEN-SOURCE scanner to: ✓ Check if YOUR system is vulnerable ✓ AUTO-GENERATE advisories ✓ Win/Linux support 🛠️Web tool:sbootbreaches.github.io 🐙Talk link:blackhat.com/us-25/briefing…

🎉 Honored to be #10 on the 2025 MSRC Most Valuable Researchers (MVR) Leaderboard! 🎉 Big thanks to the MSRC and bounty team for their quick response, and dedication to making security research impactful. Congrats to all fellow researchers on this year’s list.

Honored to hit #1 😁 Huge thx to Security Response for the support & to my friends for the lifts 🚀 Thanks to Yuki Chen and wei for their guidance and sharing🤗 Congrats to everyone on the board! 🎉

CASE CLOSED: CVE-2025-29824 0 public samples, 0 information Suspect: Windows CLFS driver Crime: UAF leading to Privilege Escalation Status: ACTIVELY EXPLOITED ITW Investigation: Debugged and documented Case files: starlabs.sg/blog/2025/07-m… Done by our intern, Ong How Chong