@XuanwuLab profile picture
Tencent's Xuanwu Lab @XuanwuLab
Joined May 2015
  • Tweets 21
  • Following 0
  • Followers 2,832
1 Photos and videos
HaS.md — On-Device Text & Image Privacy Protection has.md/

HaS.md — On-Device Text & Image Privacy Protection

HaS (Hide and Seek) on-device text and image anonymization. Text: 8 languages, open-set entity types. Image: 21 privacy categories. 100% on-device inference.

has.md
2
524
Ghost Dependencies: An Emerging Supply Chain Security Threat in the Agentic Coding Paradigm - Tencent Xuanwu Lab xlab.tencent.com/en/2026/02/…

Ghost Dependencies: An Emerging Supply Chain Security Threat in the Agentic Coding Paradigm

Author: Tianchu Chen of Tencent Xuanwu Lab 0x00 IntroductionAs the capabilities of Large Language Models (LLMs) continue to advance, AI-assisted software development is evolving from the “Copilot” par

xlab.tencent.com
6
11
3,586
AI Web Crawler Security White Paper - Tencent Xuanwu Lab xlab.tencent.com/en/2026/02/…

AI Web Crawler Security White Paper

Author: Guancheng Li and Zheng Wang of Tencent Xuanwu Lab This white paper from Tencent Xuanwu Lab analyzes how moving browsers and crawlers from user endpoints into AI server-side infrastructure fund

xlab.tencent.com
3
8
3,798
Tencent's Xuanwu Lab retweeted
CVE@CVEnew
Jan 5
CVE-2025-67303 An issue in ComfyUI-Manager prior to version 3.38 allowed remote attackers to potentially manipulate its configuration and critical data. This was due to the applicat… cve.org/CVERecord?id=CVE-202…
2
3
798
Tencent's Xuanwu Lab retweeted
ZDNET
@ZDNET
20 Jul 2020
BadPower attack corrupts fast chargers to melt or set your device on fire zdnet.com/article/badpower-a…

1
9
8
Tencent's Xuanwu Lab retweeted
Chuanda Ding@FlowerCode_
12 Jan 2019
Our lab @XuanwuLab made a curated list of infosec resources available at sec.today. It provides global search for past research materials, in a way much like Everything or Spotlight, and also insights about current research focus and trends.
2
98
219
Tencent's Xuanwu Lab retweeted
md5_salt@md5_salt
28 Nov 2018
We are proudly to release our slides for NTLM Relay is DEAD, Long Live NTLM Relay in HITB 2018 Dubai conference.hitb.org/files/hi… And the tools github.com/5alt/ultrarelay We even meet the author of ntlmrelayx! Thank you! @T0m4to_ @darkfloyd1014 @HITBSecConf @XuanwuLab
2
20
49
We are proud to introduce our spectre vulnerability online check tool: xlab.tencent.com/special/spe… Surface Pro, iPhone X, Chrome, Firefox, almost everything is supported. :-) #Meltdown #Spectre

4
86
97
Congratulation! By the way, we are a department of Tencent, not Tencent itself;) x.com/YoStartups/status/8759…
3
Microsoft introduced a new exploit mitigation "RFG" in Windows 10 Redstone 2 14942 to protect return address: xlab.tencent.com/en/2016/11/…
129
107
Our BadBarcode page: xlab.tencent.com/badbarcode/. No new domain name, no logo, just a page:-). #BadBarcode
6
5
The detailed technical report of #BadTunnel : "BadTunnel - A New Hope" xlab.tencent.com/en/2016/06/…

1
33
28
Abusing Special Cases in System Exception Handling to Achieve Unbelievable Vulnerability Exploitation - xlab.tencent.com/en/2016/04/…

1
13
13
Use Chakra engine again to bypass CFG - xlab.tencent.com/en/2016/01/…
5
12
Tencent's Xuanwu Lab retweeted
dragosr@dragosr
27 Jan 2016
CanSecWest 2016 (Mar. 16-18) Presentation: Sandbox Escape with Generous Help from Security Software - Chuanda Ding, Tencent Xuanwu Lab
5
2
Drag & Drop Security Policy of IE Sandbox - xlab.tencent.com/en/2015/12/…
2
8
Use Chakra engine again to bypass CFG - xlab.tencent.com/en/2016/01/…
8
7
Bypass DEP and CFG using JIT compiler in Chakra engine - xlab.tencent.com/en/2015/12/…
50
44
As the most ancient tech of IoT, barcodes are everywhere, even starship Enterprise. See you #PacSec2015. @PacSecjp
7
6
Poking a Hole in the Patch: Escaping from IE Sandbox with a Poorly Patched Vulnerability - xuanwulab.github.io/2015/08/…

1
40
48
Load more