Asjid Kalam

welp #chromium #bugbounty

As far as we can tell, no. There is only anecdotal evidence, along with claims from AI pentesting vendors. If a strong model can do everything by itself, then what exactly have these vendors been building? It is understandable that people would prefer a story in which the harness, workflow, and surrounding infra matter a great deal. It's also why people keep flexing "0-days" in OpenSSL, FFmpeg, or nginx, despite limited real-world impact. That said, Niels Provos was not trying to sell anything, and he and several people have reported good results with IronCurtain despite using relatively weak models. Most importantly, what Google achieved with Chrome suggests that a good harness may be quite valuable. Google does not appear to have access to anything more capable than Mythos, which means they likely scanned Chrome using Mythos itself or something less powerful. Yet they still uncovered hundreds of bugs. There is, however, another explanation. Google may simply have better Chrome/V8 experts who can extract more value from Mythos. This remains our preferred hypothesis. What provides a real advantage: domain knowledge accumulated over many years, or a harness vibe-coded in an afternoon? We think the answer is fairly obvious.

Pwning V8CTF with a 0day in Chrome thanks to Phi untagging. Read here: kqx.io/post/cve-2026-…

@0xdef1ant same, its been stuck in the same status for over a month now

i think this is promising? but Apple's Security Research UI is so barren that i can't rly tell. any Apple bug hunters care to comment?

incredible amount of bugs reported from google, i wonder what the security team is cooking

FSA FTW!

@dyn___ @orange_8361 @thezdi I like to think v8.dev/blog/sandbox and other efforts have something to do with it, but hard to tell :) docs.google.com/document/d/1nj… has also been trending downwards lately but it’s a very sparse signal

Second SBX bug just got fixed, more CVEs coming! #chromium #googleVRP

first linux kernel exploit. this one is fully found, chained and exploited by ai agents. not KerneICTF LTS/COS-worthy (yet), since the relevant attack surface is disabled there now.

@A3_N_ yeah the fork with the ko-fi link 😂😂

@odinshell Is this from the broken fork?

got controlled fake object -> constrained kernel write. insane chain from agents

netlink OOB 👀👀 on linux 7.0.0-g27d128c1cff6

3 reliable non-sandboxed browser process heap UAFs, all with codex modified fuzzers and handholding. more cves incoming. harness > model

First cve in chromium, MiraclePtr is a real pain. chromereleases.googleblog.com/2026/04/stable…

I wrote something: sockpuppet.org/blog/2026/03/3…

1/4 LLMs solve research grade math problems but struggle with basic calculations. We bridge this gap by turning them to computers. We built a computer INSIDE a transformer that can run programs for millions of steps in seconds solving even the hardest Sudokus with 100% accuracy