John Dunlap

😱 HOLY SHIT... Someone just dropped a fully liberated Gemma 4 E4B! and the guardrail removal process appears to have left coherence fully intact AND improved coding abilities! 🤯 huggingface.co/OBLITERATUS/ge… OBLITERATED Gemma: ✅ 97.5% compliance rate, 2.1% refusal rate, 0.4% degenerate outputs (499/512 prompts answered on OBLITERATUS bench) ORIGINAL Gemma 4 E4B: ❌ 1.2% compliance rate, 98.8% refusal rate (506/512 prompts refused) Coherence: fully intact Factual: same Reasoning: same Code: +20% 📈 Creative writing: same But the REAL story here isn't the model itself, it's how it was made... 🧵 THREAD 👇

No we're taking advice from the company that had access to a superpowered hacking bot since February but didn't use it to find the source code leak on their own site. 🤔

FreeBSD, the kernel nobody thinks about until it's time to demonstrate what it looks like to attack something that skipped out on the last 20 years of modern defenses.

Yes please god take css out and shoot it

Someone fed our Linux kernel exploitation blog post into Claude, and it casually coughed up another vulnerability. On one hand, this is the beauty of open research and sharing. On the other hand, Claude scares me. Send help! linkedin.com/posts/yochai-e… git.kernel.org/pub/scm/linux/…

The past couple of months I've personally witnessed a few changes in malware that are so significant that it blatantly sticks out. 1. Malware written in more esoteric languages. I've witnessed a shift away from languages like C/C++ to languages that are heavily abstracted, most notably NodeJS with Electron. 2. A MASSIVE shift toward targeting open source solutions. While this isn't new, the past couple of months its been every single day someone is targeting a supply chain via masquerading or directly targeting the open source provider. 3. AI has assisted with the shift in the malware landscape ... toward higher level languages. I've witnessed a spike in multi staged malware using a lot of LOLBIN-like methods. Again, this isn't anything new, but I've witnessed such a dramatic spike I believe it is the result of AI making it much easier to create and use high level languages 4. The introduction of new threat landscapes: Clawdbot (or whatever it's called now). This has resulted in a shift toward MacOS malware which is referencing bulletin point 3. Heavy usage of ClickFix with high level multi staged languages (bash script to Js) 5. AI being used for social engineering. Historically I've seen really crappy malware lures and phishing pages. I suspect AI is helping polish pages and making them look more realistic, possess no typos, use good grammar, etc.

Sometimes I keep a fuzzer running locally on my MacBook in the winter to keep my hands warm.

NYSEC is tomorrow! Tuesday, March 17th @ 6PM. d.b.a. 41 1st Ave. New York, NY 10003

I recently came across the need to obtain logging into WSL2 and was forced to look into function hooking. However, this was my first time dealing with a COM server that didn't symbols, so I had to learn about a C++ feature - RTTI. I decided to write a blog on this in case anyone else runs into or has run into this: jonny-johnson.medium.com/wsl-com-hookin… POC: github.com/jonny-jhnson/R…

@roddux Autocorrects to vulnhunt for me

@JohnDunlap2 ? first result for me :P

This is a great project. The name is ungoogleable though

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets. A step-by-step guide to exploiting a 20-year-old bug in the Linux kernel to achieve full privilege escalation and container escape, plus a cool bug-hunting heuristic. open.substack.com/pub/calif/p/a-…

I feel you can get the exact flavor of dude who uses paste bin to the extant that it’s integrated into their c2. It’s not a great flavor either.

You don’t need a big closet filled with clothes to look put together and have good taste. With the right set of basics, you can be ready for any situation. Software engineering / start ups / working in tech is super casual. This allows for a great deal of flexibility in what you can wear, which is great for building a basic capsule wardrobe. But sometimes that flexibility means there are gaps in your wardrobe. When I work with my styling clients, I always like to ask what they would wear to certain events or social situations. This helps me understand where the most work needs to be done.

One more trend I've noticed: Task creators getting burned out. "Why should I create CTF competitions/tasks just so people can test their AI setups?" From a task creator perspective it was always fun & exciting to see how players approach your task. Is future VeryHard||AI meta?

All this “AI is replacing reverse engineering” is absolutely ridiculous. Get head out of ass please

Ctf challenge designs have to evolve to make them non-trivial even with ai.

🌏 Browser Exploitation 101: A Series of Blog posts for anyone interested in Chrome Browser Exploitation. Part 1: jhalon.github.io/chrome-browser… Part 2: jhalon.github.io/chrome-browser… Part 3: jhalon.github.io/chrome-browser… #infosec

Exploiting latest v8ctf instance with a 0day? ✅ Beating try-hards who stalk commits and exploit it as an N-day? ❌ In any case keep an eye out for the CVE release and stay tuned for a crazy post on kqx.io once the issue goes public

Deep dive into Valve Anti-Cheat (VAC) internals and reverse engineering. An excellent technical writeup by @codeneverdies. codeneverdies.github.io/posts/gh-2/ #infosec