A bit late, but here's the talk I gave last year at CODE BLUE and HITCON, about the 20 Trend Micro Apex One LPE that @0x000050 and I disclosed. github.com/TrapaSecurity/Pre…

🚨 Introducing "ITScape" (CVE-2026-46316) A Guest-to-Host Escape in KVM/arm64. Guest-side actions alone exploit a use-after-free to run root-privileged code in the host kernel. Unlike the commonly published QEMU escapes, the bug lives in in-kernel KVM, not QEMU. On a successful exploit, commands run with host kernel privilege rather than the privilege of a user process, threatening the guest-host isolation of multi-tenant arm64 public clouds. To the best of public knowledge, the first Guest-to-Host Escape Exploit targeting in-kernel KVM/arm64. Details: itscape.io

Wow. Over 200 CVEs from #Microsoft and another 123 from #Adobe. It's a record-setting Patch Tuesday, but fear not! @dustin_childs has broken the release down and tells you what you need to know. Check out the blog at zerodayinitiative.com/blog/2…

🤦

Introducing Claude Fable 5: a Mythos-class model that we’ve made safe for general use. Its capabilities exceed those of any model we’ve ever made generally available.

Enhanced Insecurity Mode: 23 RCEs in Edge's "Safe" WebAssembly Interpreter Microsoft's "safer" fallback when the WASM JIT is off? 23 paths to RCE in the interpreter itself. Slides now public — huge thanks to the OffensiveCon crew and everyone who came by. @offensive_con

Early this week, @brucedang and I had a meeting at Apple Park in Cupertino. While there, we also shared with Apple our latest vulnerability research report: the first public macOS kernel memory corruption exploit on M5 silicon, surviving MIE. It was laser printed, in honor of our hacker friends. We wanted to report it in person, instead of getting buried in the submission flood that some unfortunate Pwn2Own participants just experienced. Most respected hackers avoid human interaction whenever possible, so this physical strategy may give us a slight edge in the eternal race for five minutes of fame and glory on Twitter. This is the story of the exploit and our field trip. Full technical details will be shared after Apple fixes the vulnerabilities and attack path. Hopefully it won’t take our beloved company too long. We only budgeted one year of domain registration fees for this attack. This is our strongest research yet, led by @justdionysus, @blacktop__ and @brucedang. It is really dope. Full story: blog.calif.io/p/first-public…

Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens projectzero.google/2026/05/p…

I've watched @orange_8361 work on this target for a long time, even during our trip to Antarctica. A real hacker. Congratulations!

XSS2RCE in Edge Microsoft Store (2022). Forgotten Web APIs enabled RCE on any signed-in device; all now retired. jinmo.github.io/blog/2026/05…

Two more zerodays - deadeclipse666.blogspot.com/…

I feel the traditional "responsible disclosure" concept has been broken since its inception. you can argue that forcing everyone's hand by dropping (weaponized) bugs/exploits is reckless/harmful behavior or blablabla but I feel you have to keep in mind everyone's stakes/motivation in the game are different. one thing I guess we can agree on: people sit on bugs/exploits all the time. sometimes because ZDI promises a big bag of money at the end of the rainbow that magically evaporates and sometimes because they don't want to disclose these things and use them tactfully for their own advantage/goals. I've always felt forcing this acceleration will (hopefully) get the software landscape in better shape, faster. albeit in a messy way. the noise it creates however could be a good signal for people to get an idea of the overall security posture of a piece of software, as well as get a good idea of how a vendor handles disclosures that don't follow their made up fairytale non-enforceable policies. (that typically don't come with any kind of silver lining) back then, you could be damn sure that another horde of teenagers grep'd the same src tree for memcpy and was probably also sitting on an exploit. today the same applies, anyone can out-slop you producing the next linux LPE after brad tweets out a commit ID remember: as a researcher you don't own the vendor anything. you don't own the public anything either. if you did this work for free its yours to publish in whatever way suits your needs, agenda or overall quirkiness. :)

Static Devirtualization of Themida/CodeVirtualizer. The techniques in this article apply to pretty much every virtual machine obfuscator with minor modifications. back.engineering/blog/09/05/… Original Program & Devirtualized Output github.com/backengineering/t…

0days doesn't seem cool enough anymore. what should real hackers be doing now?

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: dirtyfrag.io

my new idea: prompt2own like pwn2own, but teams can only submit prompts