Technical deep-dive into CVE-2025-53149, a heap-based buffer overflow in the Windows Kernel Streaming WOW Thunk Service driver (ksthunk.sys).
crowdfense.com/cve-2025-53149…
My first Pwn2Own 2025 Berlin vulnerability has finally been patched!
Curious about how I exploited it? Keep an eye out as I’m preparing a blog post!
msrc.microsoft.com/update-guide/v…
Inspired by @__sethJenkins's cool research on the adsprpc driver in Android, I took a deep dive into the codebase and documented the internal workings of the @Qualcomm DSP Kernel Driver (FastRPC implementation).
Blog: streypaws.github.io/posts/DSP-Kern…
Small teaser , location is Timisoara, Romania but venue is not yet decided till I have all the people confirmed :) please register only if you consider coming physically . it's just one stage no qualifier. More to be revealed soon :)
[Research] CVE-2025-24985: Windows Fast FAT Driver RCE Vulnerability
hackyboiz.github.io/2025/07/17/ogu…
The vulnerability was caused by the ability to control five variables within the VHD file that determine the number of clusters.
On Saturday 28th, 7pm, I will be giving a talk at @_leHACK_, on how @MrAle_98 and I implemented DCShadow in Python, and how this was the worst project idea 🥲 code will be released publicly then 📥
as much as I would have liked to retire seems univers won't let me :)
In any other case I'm organizing a ctf localy in Romania docs.google.com/forms/d/1uPmgV… . will be different only a one stage with a lot of hw hacking some sat pwn some bomb defusal and other cool shit.register please
93 Followers 118 FollowingSquid Sec provides custom built cyber security tools, blog posts, and hosts a podcast with interesting people in the community on Spotify & Youtube
1 Followers 173 FollowingRecruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/s3s8wPZPXJ
26 Followers 404 FollowingWatching you, the probability is that when the customer has not purchased any equipment, he will analyze the full flow with his bare hands, and through the way
2K Followers 853 FollowingFormer CTFer @Nu1L_Team & @StrawHat_CTF. Aspiring reverse engineer | Binary security padawan. 🌱 "The more I learn, the less I realize I know"
845 Followers 384 FollowingFounded @M2TeamOfficial. Author of NanaZip and NanaBox. Microsoft MVP (DT & WD). Research Windows user mode and Hyper-V guests as hobbies. Opinions are my own.
766 Followers 705 FollowingAdvance-sec platform: is one of the top leaders in research and acquisition of vulnerabilities and 0day exploits.
Email: [email protected]
Wire: @advance_sec
4K Followers 199 FollowingLong time listener, infrequent tweeter. Head of Project Zero @Google. Views are my own.
Still reading: "Brown Bear, Brown Bear, What Do You See?"
4K Followers 33 FollowingI'm a security researcher who uses this platform to share my projects and research. Opinions are my own.
https://t.co/UiWgKq40sV
3K Followers 1K FollowingWrite some shit code. CTF with @r3kapig. Do shit security research. Currently at University of California, San Diego. DEFCON 31/32/33 finalist | LOOKING FOR JOB
278K Followers 28 FollowingSharing Insights From the Experience, Timeless Wisdom and Knowledge of all the Greatest Men Ever Existed | Newsletter https://t.co/uke6mCW3B2
93 Followers 118 FollowingSquid Sec provides custom built cyber security tools, blog posts, and hosts a podcast with interesting people in the community on Spotify & Youtube
18K Followers 337 FollowingSoftware engineer and logic design hobbyist. Since 2021, Building RISC-V SoCs from scratch and hacking xv6/Linux to life, TU Berlin graduated