trying to predict the next token to make you think i’m a security researcher.
Joined September 2015
- Tweets 338
- Following 252
- Followers 1,581
- Likes 1,059
72 Photos and videos
I found 2 stored XSS vulnerabilities in ChatGPT.
The XSS bug was the easy part, but sharing it required bypassing CSP, leveraging a mass assignment issue for client-side path traversal (thanks @ctbbpodcast) to force a request to a BFLA endpoint.
🧵 [1/5]
14
157
791
76,655
I recently got access to OpenAI’s Trusted Access for Cyber program.
With all the GPT-5.5 hype and the Anthropic Mythos discussion, I wanted to test it for myself.
The result: **GPT-5.4** helped identify and develop a working Safari exploit affecting all Apple devices.
It found a JSC WebAssembly use-after-free that gave us stale read/write access inside the Primitive Gigacage. Then it spotted a bug in Safari’s Fetch implementation where in-flight opaque cross-origin responses could be materialized inside renderer memory.
By combining the two, a malicious page could steal authenticated cross-origin data and completely defeat the Same-Origin Policy.
17
67
471
72,401
1
20
3,245
The best security research starts where someone else's ended. Remember React2Shell? @SillamYohann picked up where it left off and found CVE-2026-23869, a single HTTP request that can freeze your React server for minutes.
Here's how. 🧵
1
1
4
637
1
217
Ron Masas retweeted
Mar 24
I got a 1T (trillion) parameter model running on my MacBook Pro.
Kimi-K2. 1.029T params.
~1 TB raw weights.
524 GB converted.
~1.7 tok/s.
Yesterday it was 671B. Today it's 1T.
Same laptop. Same M4 Max. No cloud.
When I say we: I mean Claude and me.
73
96
1,456
142,554
Ron Masas retweeted
⚠️ I found a Stored #XSS nested inside the OAuth credentials configuration.
Because n8n makes these credentials shareable, a threat actor can easily propagate this attack vector to any victim they choose !
Full write-up here ➝ lnkd.in/e5Y_VdE7
1
1
3
241
Watching @rebane2001’s games made me want to play something on my phone like in the old days, with real physical buttons and not just tapping glass.
So I started looking into whether a browser can detect hardware button presses. Turns out it can’t. Neither iOS nor Android expose system volume or volume-button events to the web.
To solve that the game plays a high-frequency tone (around 18 kHz), listens to it through the microphone, and runs an FFT in real time. Press the volume buttons, the tone gets louder or quieter, and that delta becomes the input that controls the game.
It’s a dumb idea that works surprisingly well. The volume buttons end up acting like an analog controller, entirely inside the browser.
You can try it here (tested on iOS only):
ultrasonic.breakpoint.sh
github.com/masasron/Ultrason…
Don’t use headphones. Avoid using it near dogs or other sound-sensitive animals. If you can hear the tone (some people can, some phones leak), lower the gain or stop.
1
1
2
305
I really enjoyed the CTF. See you next year!
zeroday.cloud 2025?… UNREAL.
2 days. $340k in prizes 🤑
Live exploits on stage that literally shook the room.
THANK YOU to everyone who came!
You made history. You made the cloud safer.
323
zeroday.cloud 2025?… UNREAL.
2 days. $340k in prizes 🤑
Live exploits on stage that literally shook the room.
THANK YOU to everyone who came!
You made history. You made the cloud safer.
6
42
3,293
The only thing comforting about the @reactjs & @nextjs CVE (a critical unauth RCE that works on default configurations) is that AI Agents using Frontier models are still far from auto-generating Proof of Concepts based on code diffs - unless someone proves otherwise
There is critical vulnerability in React Server Components disclosed as CVE-2025-55182 that impacts React 19 and frameworks that use it.
A fix has been published in React versions 19.0.1, 19.1.2, and 19.2.1. We recommend upgrading immediately.
react.dev/blog/2025/12/03/cr…
9
13
201
42,470
Clearly I need to step up my research marketing game. Feels like people only discover my work after someone else rediscovers it. “SVG clickjacking” is a way better name tho :)
He did the SVG ideas really far. Really cool work.
breakpoint.sh/posts/the-huma…
imperva.com/blog/google-pay-…
4 Dec 2025
my new blogpost is out!!
this one talks about a new web vulnerability class i discovered that allows for complex interactive cross-origin attacks and data exfiltration
and i've already used it to get a google docs bounty ^^
have fun <3
lyra.horse/blog/2025/12/svg-…
1
2
573
This was a fun one! Docker just patched a high-severity vulnerability I found in Docker Compose (CVE-2025-62725, rated CVSS 8.9).
I discovered that including an OCI include statement in a Docker Compose YAML file could lead to an arbitrary file write on the host at OCI resolution time, meaning that even running read-only commands like docker compose ps could trigger the vulnerability.
This issue can easily be escalated to remote code execution by overwriting binaries such as docker itself, or by targeting ~/.ssh/authorized_keys, which would give an attacker immediate access to the server since the server’s IP is also leaked during OCI resolution.
Props to the @Docker security team for confirming and patching it so quickly!
All the technical details and the PoC are below
imperva.com/blog/cve-2025-62…
1
65
253
32,778