A Cybersecurity Consultancy Boutique that Provides Niche & Bespoke Research Services
Joined September 2019
- Tweets 30
- Following 0
- Followers 802
- Likes 3
4 Photos and videos
Pinned Tweet
1 Dec 2020
If you like 0-day and N-day research, we'll love to hear from you! pixiepointsecurity.com/caree…
2
8
9% into 2026 and look what @cloudlldb already have... :)
1
16
4,014
22 Dec 2025
What better way to get into x'mas vibes than @flyingpassword dropping a BFS n-day (CVE-2025-29970) blog post! (Santa would approve :)) Merry X-mas!
pixiepointsecurity.com/blog/…
2
12
42
9,115
21 Oct 2025
And... hot on the heels will be @voix44er attempting the Philips Hue Bridge this week! All the best and have fun!
1
1
7
3,250
21 Oct 2025
Looks like @__neverm0r_ and @b1thvn_ TyphoonPwn entry is patched this month as CVE-2025-55681... thanks @SecuriTeam_SSD for the fun experience!
2
17
4,515
1 Aug 2025
If u think that Windows research is all we do, think again! In our first IOT blog, @voix44er details the Wolfbox EV charger setup, attack surface, his #Pwn2Own Automotive 2025 bug, exploitation, and best of all, displaying our name on it (in styleee...)!
pixiepointsecurity.com/blog/…
19
69
6,240
13 Jun 2025
Happy Friday! Our intern, @__neverm0r_ , discovered and reported a NPD due to race-condition in afd.sys. Wasn’t assigned a cve doesn’t mean it’s less interesting, right!?
pixiepointsecurity.com/blog/…
23
111
35,694
26 Apr 2025
Proud to see @_jaelkoh (with @saidelike) talking about undocumented internals of KTM, the bugs and exploits in 'Hunting for Overlooked Cookies in Windows 11 KTM and Baking Exploits for Them'. No ovens required for this recipe!
3
10
2,608
25 Jan 2025
Unfortunate, but still a good showing! 🫡
23 Jan 2025
Confirmed (with a collision)! Rafal Goryl of PixiePoint Security used a 2 bug chain to exploit the WOLFBOX Level 2 EV Charger, but one of the bugs was previously known. He earns himself $18,750 and 3.75 Master of Pwn points. #P2OAuto
1
3
781
23 Jan 2025
Annnddd... the odds ARE in your favor! Congrats @voix44er ! This result is just the cherry on the cake. Regardless of what it may be, what we don't see is the dedication and hard work put into the research.. 💪💪💪
23 Jan 2025
3
9
1,563
8 Aug 2024
Sometimes your past has a way of sneaking up/"garbage-collecting" on you.. Well done @b1thvn_, and thanks @TheZDIBugs for tracking these
zerodayinitiative.com/adviso…
zerodayinitiative.com/adviso…
1
3
1,171
1 Feb 2023
All shells are spawned equal, regardless of memory-corruption bugs or not!
CVE-2021-34462: Exploiting the Windows AppXSvc Service Logic-Error Vulnerability
pixiepointsecurity.com/blog/…
1
32
66
13,708
16 Jan 2023
New year, new blog post! CVE-2021-31985: Exploiting the Windows Defender AsProtect Heap Overflow Vulnerability
pixiepointsecurity.com/blog/…
1
63
154
30,674
1 May 2022
As it is confirmed to be the ITW CVE-2022-24521, we also contributed the content to GP0 for interested folks
googleprojectzero.github.io/…
25 Apr 2022
RCA for 1 of the 2 CLFS bugs patched in April 2022. While we can't determine the CVE, we did managed to exploit it ;) ... credit: @b1thvn_
pixiepointsecurity.com/blog/…
1
14
51
25 Apr 2022
RCA for 1 of the 2 CLFS bugs patched in April 2022. While we can't determine the CVE, we did managed to exploit it ;) ... credit: @b1thvn_
pixiepointsecurity.com/blog/…
56
143