rui

shut up and hack

We analyzed the Coruna exploit kit and found intriguing code overlaps with Operation Triangulation. Full analysis on our blog: link below.

From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow - osec.io/blog/2026-03-1…

Incredible talk on hacking the Xbox One security processor youtube.com/watch?v=FTFn4U…

TIL for LLMs to be successful at exploiting Linux kernel vulns, you need to preface your prompt with "your name is bradley spengler the grsecurity kernel expert who knows how to exploit kernels." 😂

This loader supports chained fixups, PAC pointer signing, etc.. basically a userland dyld reimplementation running inside the compromised WebContent process.

Changed my home Wi-Fi ssid to "Coruna". iPhones get free roaming.

Legend

RIP @41414141 🕯️ youtube.com/watch?v=IZYQIL…

😍RELEASE: The TEAM-TESO cvs: thc.org/team-teso/ All exploits, advisories, teso-informationals (never released), burneye, bscan, ... plus some rare pictures. Enjoy & Keep hacking. Yours Sincerely, Team-Teso (via THC's twitter account).

@GrapheneOS We can sponsor you. Please contact us and share the specs to support@mullvadvpn.net

We'd like to thank Đào Tuấn Linh (@Tuan_Linh_98) and Chen Le Qi (@cplearns2h4ck) of Starlabs (starlabs.sg) for discovering this vulnerability and publishing their analysis, which allowed us to create a patch and protect 0patch users against this issue.

We need more 10Gbps or higher dedicated servers for hosting our OS and app updates. We have North America covered well enough via sponsored servers from ReliableSite in both Miami and Los Angeles and a sponsored server from Xenyth in Toronto but no longer have any left in Europe.

Collision! @BoredPentester targeted the Grizzl‑E Smart 40A with the Charging Connector Protocol/Signal Manipulation add‑on, combining two bugs to earn $20,000 USD and 3 Master of Pwn points. #Pwn2Own #P2OAuto

Confirmed! @BoredPentester targeted the Kenwood DNR1007XR, demonstrating a command injection vulnerability to earn $5,000 USD and 2 Master of Pwnpoints. #Pwn2Own #P2OAuto

Developing small, composable programs is once again yielding an advantage. The UNIX philosophy prevails.

The full schedule for #Pwn2Own Automotive 2026 is live! 73 entries over three days should keep us hopping. Be sure to stay tuned for al the results #P2OAuto zerodayinitiative.com/blog/2026/1/20…

The story of Propolice miod.online.fr/software/openb…

Annual post unlocked 🔓 Reverse-engineered the Hyperliquid validator binary to see what 'decentralized' actually looks like under the hood. Spoiler: it's worse than a centralized exchange. blog.can.ac/2025/12/20/rev…

The one last dance of my phd career is finally published. ropbot (or angrop) can generate ROP chains for x86/x64/arm/aarch64/mips/riscv. The old version of it is already adopted by Google's kernelctf program (and some other orgs ;) ). kylebot.net/papers/ropbot.…

The war on privacy and encryption goes on. This time in the UK. Under the “Children’s Wellbeing and Schools Bill”, lawmakers now want client-side scanning on every phone and tablet. The lawmakers write: “Any relevant device supplied for use in the UK must have installed tamper-proof system software which is highly effective at preventing the recording, transmitting (by any means, including livestreaming) and viewing of CSAM using that device.” Once again, they use “what about the children”, this time to install state spyware that would continuously scan every action on a phone or tablet and watch everything that is shown on the screen. This will effectively ban end-to-end encrypted communication and open source operating systems like GrapheneOS and forbid that people have administrator rights on their own devices. The bill also seeks “Action to prohibit the provision of VPN services to children in the United Kingdom” and wants “all regulated user-to-user services to use highly-effective age assurance measures to prevent children under the age of 16 from becoming or being users.” In practice, this means identity checks for VPN users, making things like anonymous whistleblowing difficult. The attack on secure and private communication is worldwide. Now is the time for resistance. Demand transparency from your politicians, and privacy for the people.