Ta-Lun Yen

I want to share a quick thought for people in cyber security. This will be my longest tweet ever. I’ve spoken to many lately who are having an existential crisis from the constant posts about “the end of cybersecurity jobs.” Yes, things are changing quickly. This is a significant moment for the tech industry. Change can be uncomfortable. But we’ve seen cycles like this before. • When GitHub and open source took off, people said software engineers would disappear because code was free. • When AWS and cloud computing emerged, people said infrastructure jobs would vanish. • When fuzzing and SAST tools improved, people said vulnerability research would disappear. • Virtualization would eliminate infrastructure jobs. • Mobile computing was going to end desktop dev. • Exploit mitigations would end exploitability. It didn't. Each time automation improved, the amount of software grew faster than the automation. It does feel "different" this time as it's explosive. Some roles will shrink: • repetitive pentesting • basic vulnerability scanning • tier-1 SOC monitoring But other areas are expanding rapidly: • AI system security • supply chain security • identity architecture • autonomous agent security • critical infrastructure protection Historically, every time we eliminate one class of bugs, new classes emerge. Right now people are vibe-coding entire systems, giving AI access to their machines, crossing trust boundaries, and deploying autonomous agents with excessive permissions. The legal and regulatory world is nowhere close to ready. There will absolutely be new failure modes. Humans are amazing and always adapt, finding new ways to do things. The worst thing you can do right now is fall into a doom loop. ...and I’ll be honest, I too have felt the "psychological paralysis" a few times thinking, “Is this time different?” It's especially impactful when it comes from someone I respect in the community. There are certainly unknowns, in an industry where we've become accustomed to predictability. But... the majority of those reactions are usually driven by social media, not reality. Platforms like X reward engagement, and sensational doom posts spread faster than measured thinking. If you see something like: “Holy #$%^! Opus 66.6 just found every bug in Chrome and replaced 50 startups!” …mute it and move on. Instead: Stay curious. Learn the new technology. Adapt your skillsets. Build things. We’ll get through this transition the same way we always have. If I'm wrong then Sam Altman better be right about UBI! :) I'm sure that if this tweet gets any engagement that I'll get some heat for it, but a good friend of mine reminds me often to focus on what you have control over. I'll revisit this tweet at DEF CON 40!

We recently achieved guest-to-host escape by exploiting a QEMU 0day. We’ll share details on a new technique leveraging the latest glibc allocator behavior and what we believe is a novel QEMU-specific heap spray/RIP-control primitive. Writeup coming next week.

这个项目笑死我了 github.com/tonyyont/peon-… 给 ClaudeCode 添加上魔兽争霸3 兽族苦工的声音，它的音效也是魔兽3中我最喜欢最喜感的音效，可以提醒当前 CC 的运行状态，还是很实用的。 Session 开始 "Ready to work?", "Yes?", "What you want?" 任务完成 "Work, work.", "I can do that.", "Okie dokie." 需要权限 "Something need doing?", "Hmm?", "What you want?" 太亲切了 这里可以看 demo：peon-ping.vercel.app

Look.. it's a Conditional Access policy simulator built by an infra architect guy who got tired of squinting at What If results 🫠 Shiny graphs yay! 🔗ca.haakonwibe.com No sign-in needed, click Sample Data and play around. Or connect to your own data - all's in browser.

Other analysis: 1. The back cover may fail in long term. It seems to be fixed in place only using plastic clips. 2. Battery seems to be not shared among popular phones

2. How long does the battery really last? Looks like the platform is IPQ9574+X72. I think it will not last 8 hours under light-moderate use. 3. What is the expected use case for charging a 2nd battery overnight?

Questions Mudi 7 by @GLiNetWiFi as the only "unboxing reviews" were videos of people going to their CES booth. 1. Will reviewers release their review before pre-order opens? 1/2

Looking at Moltbook, it feels like bork souls: agents now wielding API keys and perhaps your wallet, your kitchen, your car and your house keys (but humans gave access to it in the first place)

when i take a look at such write-up and understand nothing , i know that im years away from being a security researcher it takes time , really good amount of time

@saoto28 Ask this man to perform stress testing? x.com/i/status/19530…

I think this is nice. I wonder if someone will commercialize it. Patent pending. compact #ergonomic keyboard mockup

China ordered domestic firms to stop using cybersecurity software from about a dozen US and Israeli vendors (including VMware, Palo Alto, Fortinet, Check Point). Effects: faster switch to other, maybe Chinese alternatives, reduced Western sales in China, immediate share-price drops for affected firms, and costly, disruptive IT migrations for customers.

Quake III Arena Directory Traversal & Arbitrary File Read Vulnerabilities (0day) github.com/hackerhouse-op…

Wanted to silence some Bluetooth speakers? I did - and had spare Raspberry Pi Picos in my inventory, so… > github.com/gentilkiwi/knr…

We built a full-system iOS fuzzer using QEMU+AFL, dup2() I/O channels, hypercalls, syscall enumeration & __syscall tricks on undocumented architecture. Bridged gap between fuzzing theory & closed-source systems. Instructions and code github.com/PacktPublishin… Course and book fuzzsociety.org/fuzzsociety-co… a.co/d/8AWaczi The course has an exam and a certification. #iOSFuzzing #SecurityResearch #Fuzzing

⚡ The Fuzzing Playbook: **Part 5 - Binary Fuzzing** Fuzzing the "Black Box". 📦 🔹 QEMU Mode (Binary rewriting) 🔹 WinAFL (DynamoRIO)

This talk is going to be very interesting, and not even because it makes scaling fuzzers easier. I'm more interested to see how hard it is to emulate device specific kernel drivers in general in QEMU, as it prevents needing a real device for testing 👀 events.ccc.de/congress/2025/…

almost done cleaning up the code for a custom qemu device to emulate the MediaTek mt7622. going to make this available along with a KASAN-enabled build of the driver and kernel for anyone that wants to play around with the bugs discussed in my latest blog post :)

Wow, remote OS command injection (from the same network segment) in FreeBSD IPv6 stack via router advertisement packets: freebsd.org/security/advis… rtsold passes the unescaped domain search list option from the RA packet to the resolvconf shell script.

THC Release 💥: The world’s largest IP<>Domain database: ip.thc.org All forward and reverse IPs, all CNAMES and all subdomains of every domain. For free. Updated monthly. Try: curl ip.thc.org/1.1.1.1 Raw data (187GB): ip.thc.org/docs/bulk-data… (The fine work of messede 👌)

Me in 2011 instead of claiming 5 Bitcoin for free