@securitymb@infosec.exchange

@SecurityMB

Improving the world’s security at Google. Opinions are mine.

Zurich, Switzerland Katılım Eylül 2014
284 Takip Edilen11.2K Takipçiler
Sabitlenmiş Tweet
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
Finally, my research is published. It has everything you might wish for in browser security: universal XSS, mutation XSS, CSS data exfiltration, and others. Check this out! In a few days, we'll also release a 30-minute presentation about this topic.
Securitum@securitum_com

We are publishing the research of Copy&Paste issues in browsers by @SecurityMB. Over $30k in bounties for bugs in Chromium, Firefox, Safari, Google Docs, Gmail, TinyMCE, CKEditor, and others. Includes also 0-day in Froala. research.securitum.com/the-curious-ca…

English
9
111
408
0
@[email protected] retweetledi
Harsh Jaiswal
Harsh Jaiswal@rootxharsh·
“And no, AI isn't perfect. But Christ, anybody who points to the problems at AI had better be looking in the mirror and pointing at themselves at the same time. Because it's not like natural intelligence is always all that great either.” @mail.gmail.com/" target="_blank" rel="nofollow noopener">lore.kernel.org/linux-media/CA…
English
0
2
13
1.9K
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
@S1r1u5_ Thanks for the appreciation! In theory this could be findable by just reading the HTML spec but I assume that would be difficult for agents. But if they can fiddle with the HTML and fuzz it, I’d expect them to be able to discover it.
English
1
0
5
929
s1r1us (mohan)
s1r1us (mohan)@S1r1u5_·
i am very curious to train frontier levels models with a 2019 cutoff and test whether it can rediscover @SecurityMB's DOMPurify double-parsing-namespace-switching-foreign-content-mutation bypasses. i don't think i've seen bugs as out-of-box and creative as these.
English
1
0
37
4K
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
@kinugawamasato I remember stumbling upon that when doing my copy&paste research a few years ago. AFAIR there was something similar in one of macOS built in apps but I don’t remember which one.
English
0
0
1
107
Masato Kinugawa
Masato Kinugawa@kinugawamasato·
WordやExcelのテキスト1文字でもコピーしてブラウザに貼り付けると、<link id=Main-File rel=Main-File href="file:///C:/Users/[USER_NAME]/AppData/ ..."> みたいなのがクリップボードにtext/html形式で常に含まれててユーザー名が漏れ得ると知った。さりげなくて地味に嫌だな
日本語
3
265
767
132.5K
@[email protected] retweetledi
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
@sudhanshur705 @kevin_mizu Cool research and nice write up! Also thanks for the shout outs! Side note: I’m actually planning to propose yet another spec change this year to try to kill even more mXSS-es so enjoy them while you can 😅
English
1
0
7
958
sudi
sudi@sudhanshur705·
Last year I found a MXSS (dream) bug in a Mail app,it involved bypassing 2 consecutive sanitizers recursive Dompurify calls plus CKEditor.Hope you will like it sudistark.github.io/2026/04/07/mxs… All thanks to @kevin_mizu for putting such great content around mxss and those bypasses🙇‍♀️
English
7
49
310
18.7K
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
That must be the worst captcha I’ve ever seen.
@securitymb@infosec.exchange tweet media
English
0
0
0
1.3K
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
@gridogram I forgot to play gridogram yesterday. Is there an option to play yesterday's puzzle?
English
1
0
0
444
@[email protected] retweetledi
Ark
Ark@arkark_·
Cross-Site ETag Length Leak blog.arkark.dev/2025/12/26/eta… I just posted the author writeup for impossible-leak in SECCON CTF 14 Quals. As far as I know, this is a new XS-Leak technique! The ETag header can become a side channel :)
English
4
99
356
43.5K
@securitymb@infosec.exchange
@[email protected]@SecurityMB·
Has there been some email leak from @Canva? Just got a spam message for an email used only for Canva.
@securitymb@infosec.exchange tweet media
English
2
1
2
2.1K
@[email protected] retweetledi
Rebane
Rebane@rebane2001·
my new blogpost is out!! this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration and i've already used it to get a google docs bounty ^^ have fun <3 lyra.horse/blog/2025/12/s…
English
20
78
432
40K
🕊
🕊@sephr·
what's a good use case for this outside of anti-fraud?
English
2
0
0
108
@[email protected] retweetledi
terjanq
terjanq@terjanq·
We published a blogpost about SafeContentFrame - a library for rendering untrusted content inside an iframe. The library is a big party of what I've been up to in the few last years! Check out the blog and take a slice of my birthday cake 🎂! bughunters.google.com/blog/671552987…
terjanq tweet media
English
6
52
198
18.4K