stephen @_tsuro
@v8js security, CTFs and CPU vulnz. LCHL. @[email protected] infosec.exchange/web/@tsuro# Zurich, Switzerland Joined August 2011-
Tweets1K
-
Followers10K
-
Following527
-
Likes2K
🔺iPhone models announced today include Memory Integrity Enforcement, the culmination of an unprecedented design and engineering effort that we believe represents the most significant upgrade to memory safety in the history of consumer operating systems. security.apple.com/blog/memory-in…
If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: youtu.be/qhhJCLy0YBA?si…
If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: youtu.be/qhhJCLy0YBA?si…
Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787…
Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787… https://t.co/g2FWl24wkc
That time when @tehjh was just reviewing a new Linux kernel feature, found a security vuln, then went on a journey to see if he could exploit it from inside the Chrome Linux Desktop renderer sandbox (spoiler: very yes) googleprojectzero.blogspot.com/2025/08/from-c…
v8(のd8)用に、new_spaceやold_spaceなどの内容をダンプするコマンドを作った。デバッグビルドしたd8が必要。 ちなみにv8公式でspace内部の一覧をダンプする手段ってあるんだろうか?(無いと思って作ったので)有ったら誰か教えて欲しい
I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵
I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵
V8 Security is hiring in Munich, Germany: google.com/about/careers/… Great opportunity to work on some really hard and interesting problems in the security space!
Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…
I spoke too soon 😆
Over 6 months and no ITW V8 exploits? Have I spoken too soon?..
🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: anemato.de/blog/kctf-vdf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!
#OffensiveCon25 videos are now up! youtube.com/playlist?list=…
The fix for #Pwn2Own Mozilla Firefox Out-of-bounds access vulnerability when resolving Promise objects (CVE-2025-4920 [1966612]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox Out-of-bounds access vulnerability when resolving Promise objects (CVE-2025-4920 [1966612]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox JIT compiler vulnerability when optimizing linear sums (CVE-2025-4921 [1966614]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox JIT compiler vulnerability when optimizing linear sums (CVE-2025-4921 [1966614]): hg-edge.mozilla.org/mozilla-centra…
300 likes and we'll sponsor again next year @offensive_con
Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…
My latest Spectre research is now public! See intra-mode BHI CPU vulnerability disclosure and PoC at github.com/google/securit…. This user-to-kernel attack bypasses eIBRS, BHB clearing and other mitigations.
No shortage of kernel bugs... :) Kernel 6.6.87 got pwned by 6 unique 0days within 25 seconds of going live on kCTF, lol: docs.google.com/spreadsheets/d…
THIS IS A GREAT TIME TO BUY 0DAY!!!
cts🌸 @gf_256
61K Followers 836 Following Co-founder and hacker @zellic_io & @pb_ctf | https://t.co/nlNai6iiMP | 24 Intern @egirl_capital slow to reply to DMs
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
LiveOverflow 🔴 @LiveOverflow
156K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
h0mbre @h0mbre_
15K Followers 641 Following # Exploit Reliability Engineer # Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD # Avi: https://t.co/3fsQfVprCf
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Brendan Dolan-Gavitt @moyix
30K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Alex Plaskett @alexjplaskett
12K Followers 572 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
mdowd @mdowd
32K Followers 746 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Maddie Stone @maddiestone
62K Followers 806 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
lcamtuf @lcamtuf
38K Followers 497 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
keyboard @K3yb0ard_violet
0 Followers 101 Following
Ofec Israel @ofecisrael
12 Followers 104 Following
Qifei Li @7feilee
1 Followers 17 Following
Noam Oved @N0P_1
0 Followers 75 Following
emin @emin_here
0 Followers 81 Following
arip petits @AripPetits
6 Followers 1K Following
Marc-Elvis @kraaakilo
16 Followers 264 Following
Rose Dupont @RoseDupont14717
20 Followers 116 Following DM ouverts pour uniquement ventes de nuides , cam, vidéos , réel 🥰 petite coquine 😍😍😍 tout en manque 💋
vl1729 @vls1729
12 Followers 81 Following Security Researcher Medium articles: https://t.co/dS8R0kjH2J Github: https://t.co/1hn5pOJVUX
VoidSec @voidsec86
3 Followers 356 Following
Grenier du dev @grenierdudevcom
3 Followers 95 Following Grenier est une entreprise Togolaise qui offre des services IT aux développeurs, individuels, SAAS, PME en Afrique
Ulysse @ulysse4sec
0 Followers 94 Following
Chris Isaias @_call_gate
113 Followers 2K Following Penetration Testing & Reverse Engineering. . . Phd(c), Msc (RHL), ESDC fellow, IEEE snr, FIRST liaison, CISSP, CRTO, PNPT, CRTP
RickyBobbeh @RBobbeh645535
1 Followers 534 Following
Ivan Krstić @radian
12K Followers 869 Following Head of Security Engineering+Architecture (SEAR) at Apple. I don’t speak for my employer.
newb @newb31329
4 Followers 248 Following
adam @Arkadiuz_Adam
0 Followers 16 Following
Garrett @g4rrettguo
5 Followers 311 Following
Uwu @Uwu79033065Uwu
267 Followers 6K Following
Shelly @moreofshelly
0 Followers 14 Following
da'u @AbdaRamadhani
141 Followers 3K Following
vishal @erhszo
6 Followers 134 Following
Brown Jack @BrownJack596114
1 Followers 390 Following
aseel @aloufi_asm
2 Followers 309 Following
CeeBam @cee_bam4141
0 Followers 100 Following
aqas @Aqas__
4 Followers 312 Following
Dany Frogz @Fd6472848
0 Followers 7 Following
Piet Koopman @PietKoop
10 Followers 65 Following
main main @mainmain684082
0 Followers 111 Following
r4bb1tm1n7 @r4bb1tm1n7
0 Followers 21 Following
statik @kinf_lk
7 Followers 55 Following learnin expdev ********** session - 0563da65639263ddace58418330773dfa4f01acce5523ee116e7b0af89b63f4876
alexdev @alexdev____
80 Followers 824 Following 💡 Je développe des petits programmes en cybersécurité. 🛠️ Des outils simples, autonomes et prêts à l’emploi.
ditogianto @ditogianto
882 Followers 808 Following
Rootedmind @Rootedmind20
3 Followers 69 Following
bowen @hubowent
8 Followers 195 Following
Ishfaq Fariq @ishfaq_fariq
160 Followers 2K Following Cybersecurity Engineer| Frontend Developer | Application Security Engineer | Red Teamer | Software Engineer |
huyn woo baek @woo_baek99199
1 Followers 4 Following
kr0tt @_kr0tt
85 Followers 264 Following
cts🌸 @gf_256
61K Followers 836 Following Co-founder and hacker @zellic_io & @pb_ctf | https://t.co/nlNai6iiMP | 24 Intern @egirl_capital slow to reply to DMs
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
LiveOverflow 🔴 @LiveOverflow
156K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Alex Plaskett @alexjplaskett
12K Followers 572 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
[email protected]... @0xdea
14K Followers 20 Following When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
mdowd @mdowd
32K Followers 746 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Maddie Stone @maddiestone
62K Followers 806 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
lcamtuf @lcamtuf
38K Followers 497 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him
offensivecon @offensive_con
26K Followers 2 Following OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
Faith 🇧🇩🇦�... @farazsth98
4K Followers 319 Following Lead Cosmos Security Engineer @zellic_io, CTFer @SuperGuesser, Prev: Android Vulnerability Research @dfsec_com
Marcos Bajo @h3xduck
357 Followers 116 Following PhD student at CISPA, cybersecurity researcher. I like malware, exploits and ducks. My projects: https://t.co/em4dyPsOfh
K-Scale Labs @kscalelabs
12K Followers 1 Following Moving humanity up the Kardashev scale Website: https://t.co/bDXBBRu51C Github: https://t.co/RJEpAnnece
Crusaders of Rust @cor_ctf
2K Followers 37 Following A European and American Security Research Group
Karsten @gr4yf0x
955 Followers 953 Following @gr4yf0x.bsky.social @[email protected] aka K³; Physicist now mostly interested in security stuff
Thomas H. Ptacek @tqbf
33K Followers 612 Following Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
0day.marketing @0dayMarketing
1K Followers 3 Following We are a group of like-minded individuals that work together to help grow YOUR 0day! We will do everything that 0day disclosure needs t0day. DM for inquiries.
Igor Kuznetsov @2igosha
2K Followers 339 Following Reverse engineering, soldering, programming, digital forensics & random stuff | Director @ Kaspersky GReAT | Tweets are my own
Boris Larin @oct0xor
18K Followers 658 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Operation Zero @opzero_en
6K Followers 0 Following The only Russian-based zero-day vulnerability purchase platform.
intrigus @intrigus_
272 Followers 184 Following I create and break stuff. GitHub ⭐. @KITCTF. #Java, #CodeQL and #V8. Github: https://t.co/2eJKNdhQaV Security stuff: https://t.co/eg564HmccR
Earth @earthcurated
974K Followers 46K Following Featuring stunning High Definition content curated by the world's greatest photographers and Artists
Lan Vu @lanleft_
1K Followers 417 Following she/her | Qrious Secure @qriousec | I made my own cover photo
sha1lan @sha1lan
232 Followers 2 Following
P4nda @P4nda20371774
2K Followers 426 Following Security researcher | PWN | Learning Browser security Cola enthusiast Tweets are my own
Edouard Bochin @le_douds
282 Followers 70 Following
Xion @0x10n
4K Followers 123 Following CMU CSD PhD student / 2024 Top#0 Chrome Researcher / P2O Vancouver '24, TyphoonPWN '24/'25, DEFCON CTF 31-33, ... / PPP, KAIST GoN '18, @zer0pts
Dohyun Lee @l33d0hyun
5K Followers 532 Following mobile / browser / microarchitectural / [email protected]
madStacks @madStacks3
106 Followers 36 Following
EpicTV Climbing @EpicTVClimbing
7K Followers 350 Following EpicTV's Daily Climbing News Show. Rock, Ice, Mountains, Big Walls, Scary Solos, Trad, Sport, Interviews, Insight. #AdventureStartsHere.
[email protected] @r3tr074
1K Followers 556 Following Security research | https://t.co/SFZNGja5pn | CTF pwn/rev @eltctfbr + @r3kapig | yes, I'm the browser guy
ttt @tchght
285 Followers 309 Following
Jordy Zomer @pwningsystems
3K Followers 258 Following Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.
avboy1337 @avboy1337
1K Followers 494 Following Majoring in Civil Engineering & English as Vulnerability researcher.
Raphaël Jamet @raphaeltoujours
65 Followers 223 Following Software security engineer, specialized in web/crypto. Likes cleaning up stuff. He/him.
Marcus Hutter @mhutter42
4K Followers 47 Following I 👨🔬 a mathematical definition&theory of Artificial General Intelligence 🎥&🎤@ https://t.co/OZsooP92mn 🍀 I now work @GoogleDeepMind 🧠 History:🇩🇪🇨🇭🇦🇺🇬🇧
VIE @vie_pls
2K Followers 235 Following Security Engineer @ Google • @mmm_ctf_team and @maplebaconctf • UBC alum
Simon Scannell @scannell_simon
3K Followers 501 Following Cloud Vulnerability Research @ google. Opinions are my own
藤井 こころ @ClimberHeart
3K Followers 275 Following よろしくお願いします!!Kokoro Fujii/関電工/森永製菓/ARC’TERYX/climbing/プロフェッショナルクライマー 仕事の依頼、お問い合わせは [email protected] こちら!✉️
Ben L. Titzer @TitzerBL
2K Followers 349 Following Director of the WebAssembly Research Center at Carnegie Mellon University. Principal Researcher. Wasm co-founder. Former V8 engineer. Compilers!
1377 High-yield Nukes @buptsb
2K Followers 1K Following
S @bfbi
18 Followers 255 Following
Trends for United States
You might like
