stypr

We’re expanding Trusted Access for Cyber with additional tiers for authenticated cybersecurity defenders. Customers in the highest tiers can request access to GPT-5.4-Cyber, a version of GPT-5.4 fine-tuned for cybersecurity use cases, enabling more advanced defensive workflows. openai.com/index/scaling-…

Learning to Jailbreak an iPhone with Claude (Part 1) Claude helped me take apart an iOS Safari exploit, and retune it for my Mac. It even wrote its own variant. open.substack.com/pub/calif/p/le…

wow. IPv8 draft ietf.org/archive/id/dra…

MAD Bugs: Codex Hacked a Samsung TV We gave Codex a foothold. It popped a root shell. open.substack.com/pub/calif/p/co…

some reflections of mine on the CTF i just helped run and AI in CTFs generally sylvie.fyi/posts/ritsec-2…

@bengi_mk5 aio 보드 추가하면 대충 저런모양 나오긴 해여 ㅋㅋ 좋은 장난감입니다

뭘한거야 ;;

New post is up! This one uses CVE-2025-20741 (a heap overflow in the MediaTek MT76xx driver) to show how a bit of kernel alchemy can turn a heap OOB write into a number of stronger exploit primitives, up to page-level r/w via pipe_buffer corruption :) blog.coffinsec.com/0day/2026/04/0…

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

So excited! I try to finish the escape of qemu 0day with LLMs, and all exploit codes are 100% generated by LLMs. At the same time, LLMs can generated some new ideas for exploit, and inspired me to discover new vulnerability patterns and exploit techniques.

Technical details on exploiting Firefox 0day we found last year by AI-assisted fuzzing. by @lanleft_ qriousec.github.io/post/cve-2025-…

👀👀👀 zerodayinitiative.com/advisories/upc…

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets. A step-by-step guide to exploiting a 20-year-old bug in the Linux kernel to achieve full privilege escalation and container escape, plus a cool bug-hunting heuristic. open.substack.com/pub/calif/p/a-…

With regards to the CTF discussion, I think we need t-shirts of '90 style website buttons which say: 1337 Pre-AI CTF Player 1337 I reversed on CTFs before IDA had a DECOMPILER! In my days it was called a WARGAME I HAD TO SOLDER MY OWN COMPUTER

Probably vibe-coded? github.com/BigBodyCobain/…

ctfs were originally made to compete and let people enjoy and share techs and vibes, but if LLM is destroying the manual auditing experience we need to move on.

yes it used to be a good learning resource back then (and will still probably be for juniors), but not anymore . if you really intend people to learn from your stuff you might want to make wargames or blogs instead.

I think LLM prompting is also a skillset to solve a good problem at the very bottom anyways If your objective of challenge making is to learn or teach someone, maybe make a wargame site instead