Zhihua Yao @hackyzh
Singapore Joined February 2018-
Tweets539
-
Followers3K
-
Following572
-
Likes1K
Finally found the patch for the vulnerability in the wild
Finally found the patch for the vulnerability in the wild
Reverse engineering Google's undocumented DSP pays off! Our co-workers @st424204 & @Peterpan980927 found the first public vuln in Pixel 8's DSP → kernel takeover MTE? What MTE? 😎 Their talk got accepted at @HacksInTaiwan hitcon.org/2025/en-US/age…
Documented instructions for setting up KGDB on Pixel 8. Including getting kernel log over UART via USB-Cereal, building/flashing custom kernel, breaking into KGDB via /proc/sysrq-trigger or by sending SysRq-G over serial, dealing with watchdogs, etc. xairy.io/articles/pixel…
Is there a way to make cpu_addr and libselinx share the same physical address? I can currently write to the read-only cpu_add, but this page is not controllable.
What is the problem? Why can I hexdump the data, and it is the data I wrote to that GPU address many times before running it?I don't know if this is a vulnerability, and it doesn't leak any important data.
I want to know if anyone can jailbreak on iOS 17 or 18 after A17 Pro? Or has anyone already worked out a bypass for SPTM privately?😏
Exploit is an art. In the writing process, creative thinking is very important and can help you improve efficiency greatly.
"Android In-The-Wild: Unexpectedly Excavating a Kernel Exploit" by @__sethJenkins
We are also newly publishing some mobile pwning shenanigans in the coming months: catch us presenting `Eastern Promises: Mobile VRP Lessons For Bug Hunters` at Troopers 2025 and Le Hack 2025! troopers.de/troopers25/tal…
@offbyoneconf founder @_jsoo_ bids👋farewell to our speakers, sponsors, review board, attendees, activities& communities teams, crew, friends & supporters. We couldn't have done it without your kind participation and encouragement! Hip hip hooray @starlabs_sg See you in 2026!
CVE-2025-21756: Attack of the Vsock Michael Hoefler published an article about exploiting an incorrect reference counter decrement causing a UAF in the vsock subsystem. hoefler.dev/articles/vsock…
🚨 New advisory was just published! 🚨 A vulnerability in PHP's extract() function allows attackers to trigger a double-free in version 5.x or a user-after-free in versions 7.x, 8.x, which in turn allows arbitrary code execution (native code): ssd-disclosure.com/ssd-advisory-e…
According to the vulnerability announcement, both vulnerabilities are exploitable. chromium-review.googlesource.com/c/chromiumos/t… chromium-review.googlesource.com/c/chromiumos/t…
TF is too mature for bug hunting, so we introduced a new surface for u guys.
TF is too mature for bug hunting, so we introduced a new surface for u guys.
Does anyone know why this single sharing pag is not next to the user page tables, but is allocated from somewhere else? The alloc_page flags are the same. I tested it in a virtual machine and it was adjacent, but on a real machine the success rate was only 1/10.
It doesn't happen very often, but Project Zero is hiring! goo.gle/41DBQBY Please share with anyone you think would be awesome for the role 🎉 Looking for at least one person. DMs open if you want to reach out about the role. The team: youtu.be/My_13FXODdU
Vous faites de la recherche de vulnérabilités sur mobile? On recrute en France mais aussi à l’international chez @epsilon_sec ! Envoyez nous un message à [email protected] 😁
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
h0mbre @h0mbre_
15K Followers 641 Following # Exploit Reliability Engineer # Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD # Avi: https://t.co/3fsQfVprCf
crazyman_army @CrazymanArmy
6K Followers 3K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / Team 501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
Md Ismail Šojal �... @0x0SojalSec
31K Followers 5K Following Cyber_Security_Re-searcher || 0SINT || Malware Analysis II Pwn || Ai Re-searcher || Project @AIStrikeSec || 0ld Accounts Suspended @0xSojalSec ||
Dohyun Lee @l33d0hyun
5K Followers 532 Following mobile / browser / microarchitectural / [email protected]
spaceraccoon | Eugene... @spaceraccoonsec
25K Followers 301 Following Here to learn! Infosec@Open Government Products | White Hat && SecOps
Nathaniel @nnwakelam
41K Followers 919 Following
Stephen Sims @Steph3nSims
24K Followers 833 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
hugo @hugo202_
1 Followers 37 Following
justB @iraA43456106
2 Followers 336 Following
Dũng Nguyễn Huy V�... @t4n3or4
3 Followers 185 Following
Sambam4mba @he31707900
9 Followers 1K Following Bor3d hacker of iot devices, security researcher? Security Breacher!
rui @fdiskyou
2K Followers 242 Following BJJ Black Belt. Type Confused. calc||GTFO. Retired @OpenBSD committer, former @ProjectHoneynet researcher, @exploitdb core team vet.
adm1nkyj @adm1nkyj1
1K Followers 528 Following @pksecurity_io co-founder / Android BlaBla researcher
Hoang Tien Thanh @htthanh02
2 Followers 190 Following
tomkrist @jieliuhouzi
0 Followers 48 Following
Advance-sec @advance_sec0
797 Followers 707 Following Advance-sec platform: is one of the top leaders in research and acquisition of vulnerabilities and 0day exploits. Email: [email protected] Wire: @advance_sec
brew @0x62797465
42 Followers 268 Following Doing CTFs, water polo, school, swim, reverse engineering, and occasionally coding.
chahua shan @Chahuashan1
5 Followers 304 Following
Muli @Mulis_Tech
2 Followers 72 Following
Garrett @g4rrettguo
4 Followers 312 Following
Qanon @qanonfree
0 Followers 4K Following
jocker @DavidSpid12189
3 Followers 954 Following
clay @3vi00l
0 Followers 55 Following
G2 @g2_hq1
31 Followers 342 Following Our platform offers advanced web tracking and header analysis services enabling users to monitor all resources loaded and audit web behavior
Arjun Basnet @abasnet123
201 Followers 3K Following Move On.... Threat Hunter, Deep and Dark Web, Security Researcher, Pentester, Vulnerability Management
Justin Liu @JustinLiu569073
0 Followers 156 Following
FAMASoon @FAMASoon
623 Followers 519 Following blog: https://t.co/vw7x2QFnxe GitHub: https://t.co/sj0X6Q3g9C
Abc Xyz @AbcXyz03921267
30 Followers 61 Following
BIND_THE_BEST @BindGodric
8 Followers 349 Following
Add your name @crashoutMerch
128 Followers 1K Following Troubleshooting my way through this rock….. Software engineer | Smart contract auditor in View
jimmycon @jimmycon485688
3 Followers 359 Following
lucky @lucky5502118041
4 Followers 174 Following
arip petits @AripPetits
6 Followers 1K Following
Sai Ashwin @hsaias_
67 Followers 2K Following undergrad @iitmadras. tech lead @RaftarIITM. security research @iitmcse. ambition/skill approaching infinity
Alibabas @0x_alibabas
76 Followers 359 Following
Oli @ProofofOli
167 Followers 616 Following privacy, decentralization, philosophy (and LoL) fulltime coms, part-time armchair intellectual
EoA @redfixy5
14 Followers 136 Following
Yasin @YasinPkd
7 Followers 357 Following
Vũ Tiến Hòa @_hoavt18
7 Followers 917 Following
Darren Webb ☠🕷 @spyd3r
1K Followers 7K Following Computational demonologist. The following tweets are classified SECRET GOLD JULY BOOJUM. 101 824 5150
yoav danziger @yoavd11
17 Followers 250 Following
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
0xor0ne @0xor0ne
82K Followers 514 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |
starlabs @starlabs_sg
9K Followers 18 Following A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Ptrace Security GmbH @ptracesecurity
58K Followers 867 Following Empowering IT Security Professionals through Hands-On Online Courses.
sakura @eternalsakura13
8K Followers 190 Following Lead Security Researcher @zellic_io. 2022-2024 Top 3 Chrome VRP. 2023 Top 2 Facebook Whitehat. 2025 MSRC MVRs 9th. BlackHat Asia/USA & Zer0Con speaker.
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
Julien | MrTuxracer �... @MrTuxracer
37K Followers 444 Following Freelancer | #BugBounty | @Hacker0x01 H1-Elite | $1,500,000 Overall Bounties | ❤️ Reversing | Mobile Hacker | https://t.co/pcWduPOt0n
Alex Plaskett @alexjplaskett
12K Followers 572 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Yarden Shafir @yarden_shafir
24K Followers 311 Following A circus artist with a visual studio license
ohjin @pwn_expoit
4K Followers 446 Following I'm still hungry. I will be world-class, @[email protected]
h0mbre @h0mbre_
15K Followers 641 Following # Exploit Reliability Engineer # Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD # Avi: https://t.co/3fsQfVprCf
shubs @infosec_au
56K Followers 2K Following Co-founder, security researcher. Building an attack surface management platform, @assetnote
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
crazyman_army @CrazymanArmy
6K Followers 3K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
klez @KlezVirus
8K Followers 708 Following Independent Cyber Security Researcher - Opinions are my own
adm1nkyj @adm1nkyj1
1K Followers 528 Following @pksecurity_io co-founder / Android BlaBla researcher
Advance-sec @advance_sec0
797 Followers 707 Following Advance-sec platform: is one of the top leaders in research and acquisition of vulnerabilities and 0day exploits. Email: [email protected] Wire: @advance_sec
Hanqing Zhao @hankein95
1K Followers 2K Following Member of Tea Deliverers CTF Team | Member of Georgia Tech SSLab @SSLab_Gatech | Co-lead AIxCC @TeamAtlanta24 | System & Security Research
Yash Gupta @Yash3667
227 Followers 753 Following Security Engineer at the Fruit company. Opinions are entirely my own.
Qrious Secure @qriousec
1K Followers 3 Following Debugger is main vehicle to satisfy our boundless Qriousity. A non-profit 🇻🇳 hackers' club driven by passion.
Azeria @Fox0x01
122K Followers 597 Following Sneaky bit flipper | CEO @azeria_labs | Author of “Arm Assembly Internals & RE” @BlueFoxBook | Adjunct Professor @SAISHopkins | Forbes 30u30
dunadan @udunadan
876 Followers 71 Following An open-eyed man falling into the well of weird warring state machines. I talk about reverse engineering, vulnerability research and exploit development.
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research Binarly. Grsecurity. BYOS - Advisor Dartmouth's Hacker in Residence OffensiveCon, Langsec, DistrictCon, Secdev Committee
[email protected]... @daviddiaul
877 Followers 3K Following Security Guy. All posts are my own and do not represent the opinions of my employer etc. @[email protected]
AJ @justandrijana
600 Followers 402 Following Janai researcher. AJ around the world. RCEPECT. CEO of SAFA Team.
0 cru5h @0Cru5h48452
65 Followers 294 Following Android kernel vuln researcher @ Pangu Team Speaker @ Poc2024 / Offensivecon2025 Former ctfer @ Blue Water / Water Paddler / 0x401 / Vidar Team
DistrictCon @DistrictCon
1K Followers 29 Following A new DC hacker conference: Bringing together builders, breakers, and fixers to do cool shit. 🪩 Year 1: January 24-25, 2026 🪩 https://t.co/qYKu4hl0Uj
V4bel @v4bel
1K Followers 141 Following Independent Vuln. Researcher / Pwn2Own Berlin 2025 / Google kernelCTF 0-day / Pwnie Awards 2025
0xTen @_0xTen
1K Followers 852 Following android/linux kernel @vigilant_labs • prev blockchain @osec_io • ctf/pwn @cor_ctf + @eltctfbr
Ken Gannon (伊藤 �... @Yogehi
2K Followers 289 Following 95% random tweets, 5% security related tweets. Pwn2Own 2023/2024. YayTweetsAreMyOwnYay
Vigilant Labs @vigilant_labs
3K Followers 3 Following Official account of Vigilant Labs (https://t.co/PzW4HkfAwd).
Richard Zhu @RZ_fluorescence
6K Followers 38 Following
BSides Oslo @OsloBSides
693 Followers 62 Following A security conference by and for the community. BSides 2025 will be on October 30th at Vulkan Arena
lime @limeSec_
441 Followers 257 Following CTFer@r3kapig | Bug hunter@Google | Top5 Chrome VRP | Bug hunter@Web3
Pantelis @PantelisStoufis
869 Followers 348 Following Infosec @Apple | PGP: 0x62B08390 | Opinions are my own, unless retweeted
Michal Melewski @carste1n
4K Followers 344 Following Security Engineer @ Somewhere ex-Google, ex-Cloudflare I use bad software and bad machines for the wrong things. My writing: https://t.co/Z7uucr5BYW
Stephen Sims @Steph3nSims
24K Followers 833 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
STÖK ✌️ @stokfredrik
135K Followers 1K Following Hi.. im that hacker / creative that your friends told you about., 💫🔮
BSides Belfast @bsidesbelfast
2K Followers 153 Following #BSidesBelfast will return with #BSidesBelfast25 Thursday September 11th 2025 at the Europa Hotel https://t.co/kQmpTXZqEd
Costin Raiu @craiu
39K Followers 7K Following Cybersecurity researcher focused on threat intel & APTs. Breaking down attacks, hunting threats, and crafting YARA rules. 🛡️💻 #ThreatIntel #CTI #Crypto #YARA
Orange Cyberdefense S... @orangecyberch
916 Followers 17 Following Orange Cyberdefense is the expert cybersecurity business unit of @orange. As the leading security provider, we strive to build a safer digital society.
8kSec @8kSec
2K Followers 525 Following Offensive Security Trainings and Services. OnDemand Mobile Security Courses - https://t.co/B8Q31o3o8q Follow us on Linkedin https://t.co/Td3Ww1uMgt
Matthias Kaiser @matthias_kaiser
7K Followers 1K Following Android/Java Vulnerability Researcher. 0xACED. Ex-Apple. Now @matthiaskaiser.bsky.social
Alexandre Borges @ale_sp_brazil
28K Followers 147 Following Vulnerability Researcher and Exploit Developer
Hexacon @hexacon_fr
5K Followers 1 Following Offensive security conference in the heart of Paris. 10-11th October 2025 Join our Discord server! https://t.co/Btl15G8LsI
Trends for United States
You might like
