ABX

What happens if you try to analyze 58.5GB of Windows drivers? I built a pipeline using MWDB and custom Karton services (sigcheck, IOCTLance) to see if this is even doable. Part 1 covers the setup. Analysis is still running. threatunpacked.com/2026/01/21/bui…

congrats bro! @sangs00Jeong

Collision! @gbdngb12, @pwnstar96, @jeongZero, @sangs00Jeong, and @nonetype_pwn of 78ResearchLab targeted the Kenwood DNR1007XR, exploiting one n-day vulnerability along with two collisions to earn $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

VM escape exploits are S tier, reserved for 4 digit IQ exploit devs

dropping a zero-day as 𝚎𝚡𝚙𝚕օ𝚒𝚝.𝚎𝚡𝚎 is so diabolical.

@zeifan nice art bro nafiez :)

Last but not least bug of the year, 2025. Found a remote printer bug that allows remote arbitrary write file. This was reported to MSRC however they told us is not replicated on their side.

100k bounty for CVE-2025-11460 heap use after free . the poc is public now in the report below, i just grabbed the video from this report

Trainer malaysia cybersecurity camp moment, huge thanks to @rehackxyz for the warm hospitality. It was fun to reconnect with old friends. loved every moment of this camp. @CybercampMY #MCC2025 #Malware #Awareness

@unshadow97 @rehackxyz @CybercampMY steady tuan, kita hebat bersama. 🙏

@vx_antibi0tic @rehackxyz @CybercampMY Hebat tuan

@frdfzi lepas task siap, plan nak mai. nanti fat roger2

@vx_antibi0tic Esok mai lagi ke fat

xmas

surreal experience at Malaysia Cybersecurity Camp 2025 thankyou so much for the opportunity @hcs_ctf @rehackxyz @CybercampMY

(Video) Parallel Pulse @ NanoSec Tech Series Training Q2 2026 youtu.be/C3il6ohPrBY?si… for more details: pulse.nanosec.asia/techseries/

Latest #Endgame episode about #Rhadamanthys takedown. Funny how they not even subtly hint that Rhada Admins are/where stealing (high value) data from their customers. Potentially with customers never seeing the logs. Criminals will be criminals. operation-endgame.com

The FBI and our partners successfully dismantled an infostealer, remote access trojan, and botnet as part of Operation Endgame. This marks the third large-scale action in this ongoing initiative, which was launched to combat criminal infrastructure used for ransomware attacks worldwide. This operation is a joint effort with partners from Australia, Belgium, Canada, Denmark, France, Germany, Greece, Lithuania, the Netherlands, and the UK. We took down 1,025 servers, seized 20 domains, and arrested one suspect in Greece. The dismantled infrastructure, including the Rhadamanthys infostealer, VenomRAT, and Elysium botnet, was crucial to cybercriminal activities. By working with international partners, we are defending the homeland by shutting down the key services that cybercriminals depend on.

@unshadow97 @frdfzi hi bro, ahhahaha steady je. thankyou for playing ~~~~

@VX198800 @frdfzi hi bam, tq host smlm. power!

@frdfzi session. osem sharing. 👍 #SupportLokal