
p0her
520 posts



GhostLock (CVE-2026-43499) is a 15yr old kernel 0-day we used in IonStack full chain exploit. Everything around you, as long as it runs Linux, from IoT to mobile to desktop, is affected. Read how we won $92,337 bug bounty with GhostLock and see our exploit on Github. Link below













The Seoul Sauna Shogunate (SSS 🇰🇷♨️🏯) finished 7th in DEF CON Quals CTF yesterday! 🥳 So proud to be part of this amazing coalition with @EQSTLab, H-T8, NAVER Cloud, @tkbpc, and individual players! Huge thanks to BBB for the great challenges. See you all in Vegas! 🛫🇺🇸



Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin









