Computer science student @ Unimi. Professional n00b. He/Him
Joined July 2021
- Tweets 667
- Following 591
- Followers 506
- Likes 11,191
75 Photos and videos
If you want to see how one incorrectly placed exclamation mark in the Linux kernel's nftables subsystem can lead to a local privilege escalation, have a look at my blog post. It covers a technical analysis of the bug I found and how it can be exploited
blog.exodusintel.com/2026/06…
12
21
2,651
LukeGix retweeted
We’re opening the Exodus research vault.
Over the coming weeks, we’ll publish technical writeups highlighting vulnerability research, exploit development, and deep reverse engineering from our team.
First up: Michele Campa’s Adobe Acrobat Reader Escript.api use-after-free RCE.
blog.exodusintel.com/2026/06…
#VulnerabilityResearch #ExploitDevelopment #ReverseEngineering #OffensiveSecurity #CyberSecurity
74
315
18,939
LukeGix retweeted
Jun 2
Half satisfied because a zero day I found in February 2025 has unluckily been patched in April 2026 😢, it was a tricky use-after-free in Adobe Acrobat Reader's Escript.api 😄. Here is my write-up, with a video PoC popping calc as a bonus: blog.exodusintel.com/2026/06…
18
80
4,920
LukeGix retweeted
May 16
It’s me!
May 16
Pedal to the Metal: Accelerating to the Host via VirtualBox VMSVGA by @terrynini38514 and @xiaobye_tw
1
3
50
3,558
LukeGix retweeted
Mind blown alert 🤯! Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG (@starlabs_sg) used a Memory Corruption bug to exploit VMware ESXi with the Cross-tenant Code Execution add-on, earning a sweeeeeet $200,000 and 20 Master of Pwn points. Full win let's go! #Pwn2Own #P2OBerlin
5
59
544
48,440
LukeGix retweeted
MASSIVE AURA POINTS! Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG was able to exploit VMware ESXi! If confirmed, they win $200,000 and 20 Master of Pwn points. They're off to the disclosure room to explain how they did it and seal the deal. #Pwn2Own #P2OBerlin
1
13
189
13,367
REcon is right around the corner. Early-bird training pricing has been extended, and conference tickets remain at March rates until May 11.
Conference: June 19 to 21 2026
Training: June 15 to 18 2026
Location: Montreal, Canada
Heads up: hotel booking cutoff is next week too.
If you live in IDA, Ghidra, or a debugger, this is your conference. recon.cx/2026/en/index.html #REcon #RE #reverseengineering #InfoSec
17
33
6,416
LukeGix retweeted
21 Oct 2025
A zero day I found last year has been patched on October (CVE-2025-55680) :(, it was a nice and easy patch bypass. Here the write-up blog.exodusintel.com/2025/10…
1
55
193
19,361
LukeGix retweeted
4 Aug 2025
We dissect a DFG compiler bug we discovered in Safari/WebKit. This post covers root cause, impact, and technical analysis:
blog.exodusintel.com/2025/08…
#WebKit #VulnerabilityResearch #ExploitDev #Safari #CyberSecurity #ExodusIntel
48
122
10,023
japan just invented page tables but for real life
27 May 2025
Apparently Japan Post is debuting the most obvious improvement in addressing for last two decades: address virtualization.
You sign up with them and get a short alphanumeric code. Their DB holds a pointer to physical address. If you move, you tell them, pointer changes.
4
54
596
29,203
Back to 🏠 from Berlin. I had a lot, *really a lot*, of fun at @offensive_con ! It was my first time there and I really liked every aspect of it: from the technical talks to the amazing people there :)
1
14
950