Kostya Kortchinsky

Escaping VMware Workstation through COM1 -- docs.google.com/document/d/1sI… [VMSA-2015-0004]

US medical device maker Stryker hit with cyberattack from Iranian hacktivists who remotely wiped employee devices. "many employees have had their device data wiped and cannot access their accounts" Stryker makes surgical/imaging equipment, defibrillators corkbeo.ie/news/local-new…

The real story is worse. November 2025: Amazon mandates Kiro as their only AI coding tool. Sets an 80% weekly usage target. 1,500 engineers protest internally, saying Claude Code outperforms it. Leadership pushes through anyway. December: Kiro autonomously deletes a production AWS environment. 13-hour outage. Amazon's response: "user error, not AI autonomy." March 5: Amazon[.]com goes down for 6 hours. Checkout, pricing, accounts — all gone. Now the same SVP who co-signed the Kiro mandate is running an emergency meeting about "high blast radius" incidents from "Gen-AI assisted changes." The agent inherited a senior engineer's permissions and acted like one — except it doesn't hesitate. 1,500 engineers said the tool wasn't ready. Leadership made adoption a KPI. Amazon told Wall Street it's spending $200B on AI this year. They can't walk it back. This isn't an AI failure. It's what happens when adoption becomes a corporate OKR before the review process catches up. The tools work. The org chart didn't.

BREAKING: Amazon reportedly holds mandatory meeting after “vibe coded” changes trigger major outages.

Just derestricted a now-fixed kernel bug in Pixel 10. I think this ranks as the most easily exploited kernel bug of all time😬 Thanks to @tehjh for collab'ing on this driver and full credits for noticing this bug in the first 5 minutes of auditing😂 project-zero.issues.chromium.org/issues/4634382…

We're introducing Codex Security. An application security agent that helps you secure your codebase by finding vulnerabilities, validating them, and proposing fixes you can review and patch. Now, teams can focus on the vulnerabilities that matter and ship code faster. openai.com/index/codex-se…

SCOOP: Top investigators at Binance were fired after they uncovered evidence of more than $1 billion in Tether flowing to Iranian entities through the exchange in potential violation of sanctions laws. fortune.com/2026/02/13/bin… New piece w/ @bdanweiss

Introducing the Codex app—a powerful command center for building with agents. Now available on macOS. openai.com/codex/

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe - file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll - network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114 by @rapid7 rapid7.com/blog/post/tr-c…

This is bad. Putty level bad. notepad-plus-plus.org/news/hijacked-…

At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller. Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit. 🔍 Full technical write-up 👇 synacktiv.com/en/publication…

Verified! @synacktiv chained two vulnerabilities - an information leak and an out‑of‑bounds write - to achieve a full win in the Tesla Infotainment USB‑based Attack category, earning $35,000 USD and 3.5 Master of Pwn points. #Pwn2Own #P2OAuto

Blog post: On the Coming Industrialisation of Exploit Generation with LLMs sean.heelan.io/2026/01/18/on-… TL;DR: I ran an experiment with GPT-5.2 and Opus 4.5 based agents to generate exploits for a zeroday QuickJS bug. They're pretty good at it. Code: github.com/SeanHeelan/ana…

@seanhn I SEE IT WAS A TRAP

@crypt0ad Btw the AI *can* solve it if you spend enough tokens. I was curious as to whether the solution is obvious to anyone else though

You have a memory corruption exploit that lets you modify glibc's exit handlers. You need to write the string "foo" to the file /tmp/bar. How do you do it?

@seanhn SROP chain, exit handler to setcontext+0x35, uc with rip=syscall_gadget,rsp=&frame1,rax=SYS_rt_sigreturn,uc.ssp=leaked_ssp and then build frames with with rip to syscall, rax to SYS_*, regs to params, and rsp to next frame. No returns, but leaked_ssp required?

@crypt0ad You’re not going to love this, but … I also forgot to mention there’s shadowstack 😬

@seanhn AI says to make the exit handler call a libc context-switch gadget (setcontext+0x35 or the like) and drive a tiny ROP chain that does openat/write/close. __exit_funcs flavor ef_cxa, fn=setcontext,arg=&uc. With uc rsp=&rop[0],rip=ret_gadget, registers as needed

@crypt0ad Forgot to mention: assume you can’t spawn a process (Seccomp sandbox or whatever)

@seanhn IMPORTANT DETAIL

@ifsecure Reminder that Scudo is open source, feel free to send out improvements to the Secondary :P

New Project Zero blogpost series describing a 0-click exploit chain targeting Pixel 9, featuring a Dolby decoder bug spotted by yours truly.

@alkalinesec @itszn13 I am at capacity with Anthropic token throughput right now but i ran my agent with gpt5.2 gist.github.com/SeanHeelan/2ae… It took about 6m tokens and 30 mins. This is versus a build with partial RELRO, so it does the expected thing. A cool aspect is it builds nice, reusable, primitives.