i love this exploit! universal SELinux bypass still works to this day. I released it for Qualcomm based processors and just realized I never released the Exynos version so here it is unprivated: github.com/chompie1337/s8_20…

The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees. The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance. Access to all other Claude models is not affected. We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible. Read our full statement: anthropic.com/news/fable-myt…

3-part series on a 0-click exploit chain targeting Pixel 9, from RCE in mediacodec to kernel LPE. Part 1: projectzero.google/2026/01/p… Part 2: projectzero.google/2026/01/p… Part 3: projectzero.google/2026/01/p… Research by @natashenka and @__sethJenkins #infosec

Today, live from South Korea, we have a presentation by Hakai, with João Pedro Tricta. Zygote is Android’s first process and the template for every app. Its privileged position makes it ideal for system-level injection that can bypass SELinux restrictions. This talk breaks down the end-to-end injection chain, from loader stages to Zygote and process-spawn propagation, then demos my own native and Dalvik (DEX) hooking approach as an alternative to attach-based tools and for research into bypassing RASP protections. João Pedro Tricta is a 20-year-old Brazilian security researcher, malware developer, and Client Applications Squad Leader at Hakai Offensive Security. Passionate about Sysinternals, reverse engineering, low-level internals, and client-side applications, he lives deep in debuggers and disassemblers. When he’s not coding or breaking things, he’s gaming, hanging out with cats, and eating an unreasonable amount of pizza. Linkedin: linkedin.com/in/joão-pedro-… Instagram: @_tricta Data 28/05/2026 - Horário de Brasília 22:45h Agenda: typhooncon.com/2026-agenda/

We’re excited to announce the first confirmed speaker for TyphoonCon 2026! João Pedro (aka Tricta) will be joining us in Seoul to share insights, research, and real-world experience in The Age of Zygote Injection talk. typhooncon.com/2026-agenda/

Big thanks for trying it out and sharing it around, really appreciate it! This keeps things moving, and I’ve got some really cool stuff coming soon!

Wow man!! Thanks so much for spreading the solution and giving it a try, really means a lot! We’ve got some cool stuff coming soon, and everyone’s welcome to jump in!

You don’t “print” in C. You ask the kernel to do it. printf("hi") → calls write() → invokes syscall interrupt → kernel writes to stdout.

O Beerus Framework é uma ferramenta ofensiva mobile desenvolvida para facilitar todo o processo de pentest em dispositivos Android. Com uma interface unificada diretamente no dispositivo, o Beerus permite realizar desde a instrumentação de aplicações de forma built-in no dispositivo com Frida Core, exfiltração de dados do sandbox, memory dumping, proxying, controle de módulos Magisk, manipulação de propriedades e muito mais. Construído sobre Frida e Magisk, o Beerus é modular, extensível e projetado para testes em dispositivos com root, otimizando tarefas comuns de pentest e habilitando automações a partir de um único app. Neste paper, exploramos as principais funcionalidades do framework, com foco especial em algumas delas. A proposta não é detalhar exaustivamente seu funcionamento, mas oferecer uma visão ampla do que ele abrange e do que é capaz. Lembrando que o Beerus Framework já está disponível para download diretamente no repositório oficial no GitHub. github.com/hakaioffsec/beeru… Autores: Tricta e Daniel Franca Lima