stephen @_tsuro
@v8js security, CTFs and CPU vulnz. LCHL. @[email protected] infosec.exchange/web/@tsuro# Zurich, Switzerland Joined August 2011-
Tweets1K
-
Followers10K
-
Following527
-
Likes2K
If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: youtu.be/qhhJCLy0YBA?si…
If you like Chrome IPC shenanigans like this, you might also enjoy my talk from black hat 25: youtu.be/qhhJCLy0YBA?si…
Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787…
Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787… https://t.co/g2FWl24wkc
That time when @tehjh was just reviewing a new Linux kernel feature, found a security vuln, then went on a journey to see if he could exploit it from inside the Chrome Linux Desktop renderer sandbox (spoiler: very yes) googleprojectzero.blogspot.com/2025/08/from-c…
v8(のd8)用に、new_spaceやold_spaceなどの内容をダンプするコマンドを作った。デバッグビルドしたd8が必要。 ちなみにv8公式でspace内部の一覧をダンプする手段ってあるんだろうか?(無いと思って作ったので)有ったら誰か教えて欲しい
I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵
I wrote two challenges for this year's Google CTF. One of them is Circo - A challenge inspired by EntrySign (the AMD ucode vuln) and the other is Sphinx (a diff crypto task). I wrote the tasks with a few goals in mind that I wanted to share, but this thread is about Circo. 1/🧵
V8 Security is hiring in Munich, Germany: google.com/about/careers/… Great opportunity to work on some really hard and interesting problems in the security space!
Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…
I spoke too soon 😆
Over 6 months and no ITW V8 exploits? Have I spoken too soon?..
🚨🚨🚨We just broke everyone’s favorite CTF PoW🚨🚨🚨 Our teammate managed to achieve a 20x SPEEDUP on kctf pow through AVX512 on Zen 5. Full details here: anemato.de/blog/kctf-vdf The Sloth VDF is dead😵 This is why kernelCTF no longer has PoW!
#OffensiveCon25 videos are now up! youtube.com/playlist?list=…
The fix for #Pwn2Own Mozilla Firefox Out-of-bounds access vulnerability when resolving Promise objects (CVE-2025-4920 [1966612]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox Out-of-bounds access vulnerability when resolving Promise objects (CVE-2025-4920 [1966612]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox JIT compiler vulnerability when optimizing linear sums (CVE-2025-4921 [1966614]): hg-edge.mozilla.org/mozilla-centra…
The fix for #Pwn2Own Mozilla Firefox JIT compiler vulnerability when optimizing linear sums (CVE-2025-4921 [1966614]): hg-edge.mozilla.org/mozilla-centra…
300 likes and we'll sponsor again next year @offensive_con
Me and the homies are dropping browser exploits on the red team engagement 😎. Find out how to bypass WDAC + execute native shellcode using this one weird trick -- exploiting the V8 engine of a vulnerable trusted application. ibm.com/think/x-force/…
My latest Spectre research is now public! See intra-mode BHI CPU vulnerability disclosure and PoC at github.com/google/securit…. This user-to-kernel attack bypasses eIBRS, BHB clearing and other mitigations.
No shortage of kernel bugs... :) Kernel 6.6.87 got pwned by 6 unique 0days within 25 seconds of going live on kCTF, lol: docs.google.com/spreadsheets/d…
THIS IS A GREAT TIME TO BUY 0DAY!!!
cts🌸 @gf_256
61K Followers 820 Following Co-founder and hacker @zellic_io & @pb_ctf | https://t.co/nlNai6iiMP | 24 Intern @egirl_capital slow to reply to DMs
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
h0mbre @h0mbre_
15K Followers 641 Following # Exploit Reliability Engineer # Developing a full-system snapshot fuzzer: https://t.co/mfVXhwoGYD # Avi: https://t.co/3fsQfVprCf
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Gareth Heyes \u2028 @garethheyes
37K Followers 1K Following JavaScript for hackers: Learn to think like a hacker. https://t.co/e0aNEbEDk5
Brendan Dolan-Gavitt @moyix
30K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
mdowd @mdowd
32K Followers 747 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Maddie Stone @maddiestone
61K Followers 804 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
lcamtuf @lcamtuf
38K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Shelly @moreofshelly
0 Followers 14 Following
da'u @AbdaRamadhani
145 Followers 3K Following
vishal @erhszo
4 Followers 129 Following
Brown Jack @BrownJack596114
0 Followers 359 Following
aseel @aloufi_asm
4 Followers 309 Following
CeeBam @cee_bam4141
0 Followers 91 Following
aqas @Aqas__
3 Followers 292 Following
Dany Frogz @Fd6472848
0 Followers 7 Following
Piet Koopman @PietKoop
11 Followers 62 Following
main main @mainmain684082
0 Followers 111 Following
r4bb1tm1n7 @r4bb1tm1n7
0 Followers 21 Following
statik @kinf_lk
6 Followers 52 Following learnin expdev ********** session - 0563da65639263ddace58418330773dfa4f01acce5523ee116e7b0af89b63f4876
alexdev @alexdev____
80 Followers 817 Following 💡 Je développe des petits programmes en cybersécurité. 🛠️ Des outils simples, autonomes et prêts à l’emploi.
ditogianto @ditogianto
884 Followers 809 Following
Rootedmind @Rootedmind20
4 Followers 69 Following
bowen @hubowent
9 Followers 194 Following
Ishfaq Fariq @ishfaq_fariq
157 Followers 2K Following Cybersecurity Engineer| Frontend Developer | Application Security Engineer | Red Teamer | Software Engineer |
huyn woo baek @woo_baek99199
1 Followers 4 Following
kr0tt @_kr0tt
1 Followers 258 Following
random @random22334
1 Followers 1K Following
Jebril @Jebbril
6 Followers 112 Following
9MF @n1neMF
89 Followers 3K Following
Craxe @Craxe520550
23 Followers 1K Following
عبد السلام �... @lka3h_taime
487 Followers 2K Following
Otmane_ @Dzinosky
30 Followers 866 Following 🐒 الانسـان أكثر قردية من أي قـرد Cyber Security Researcher 💻📡
P D Vaswani @HAWK_PDVaswani
17 Followers 364 Following
Double Tape @tape_double
7 Followers 453 Following
j0guri @MazaalaiX
6 Followers 288 Following
Alan @Alan1144908
1 Followers 315 Following
kyuheon @kyuheon_
8 Followers 45 Following
Kingbabs @Cypher0x1
45 Followers 574 Following Malware Analysis | Reverse Engineering | Foodie | Security Analyst | Philosophy
Phishing Radar @PointerRadar
155 Followers 2K Following Linux | Ethical Hacker | Security Enthusiast | Python | Bug Hunter | sushi lover | 🍣 👾 🤖 🇨🇴
BlackCode @blackcode000
355 Followers 856 Following Cyber security Expert, Web application tester, CTF Player
0xSudip @0xsudip
597 Followers 947 Following Bug Hunter | YouTube ( BugBounty POC's): https://t.co/fhIw5Aq1LJ…
cts🌸 @gf_256
61K Followers 820 Following Co-founder and hacker @zellic_io & @pb_ctf | https://t.co/nlNai6iiMP | 24 Intern @egirl_capital slow to reply to DMs
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Halvar Flake @halvarflake
44K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Alex Plaskett @alexjplaskett
12K Followers 571 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
kylebot @ky1ebot
6K Followers 319 Following CTF player @Shellphish | PhD Student @ASU | @angrdothorse dev | Author of how2heap | Vulnerability Research Hobbyist | @[email protected]
[email protected]... @0xdea
14K Followers 19 Following When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl.
Ivan Fratric 💙💛 @ifsecure
18K Followers 207 Following Security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Matteo Rizzo @_MatteoRizzo
3K Followers 589 Following Security engineer, CTF player for @0rganizers. Mastodon: @[email protected]
mdowd @mdowd
32K Followers 747 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Maddie Stone @maddiestone
61K Followers 804 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
lcamtuf @lcamtuf
38K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
@[email protected]... @SecurityMB
11K Followers 284 Following Improving the world’s security at Google. Opinions are mine.
Gynvael Coldwind @gynvael
38K Followers 1K Following security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him
offensivecon @offensive_con
26K Followers 2 Following OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
Faith 🇧🇩🇦�... @farazsth98
4K Followers 318 Following Lead Cosmos Security Engineer @zellic_io, CTFer @SuperGuesser, Prev: Android Vulnerability Research @dfsec_com
Marcos Bajo @h3xduck
357 Followers 116 Following PhD student at CISPA, cybersecurity researcher. I like malware, exploits and ducks. My projects: https://t.co/em4dyPsOfh
K-Scale Labs @kscalelabs
12K Followers 10 Following Moving humanity up the Kardashev scale Website: https://t.co/bDXBBRu51C Github: https://t.co/RJEpAnnece
Crusaders of Rust @cor_ctf
2K Followers 36 Following A European and American Security Research Group
Karsten @gr4yf0x
956 Followers 951 Following @gr4yf0x.bsky.social @[email protected] aka K³; Physicist now mostly interested in security stuff
Thomas H. Ptacek @tqbf
33K Followers 611 Following Don't look at me sideways. Don't even look me straight on. bsky:@sockpuppet.org
0day.marketing @0dayMarketing
1K Followers 3 Following We are a group of like-minded individuals that work together to help grow YOUR 0day! We will do everything that 0day disclosure needs t0day. DM for inquiries.
Igor Kuznetsov @2igosha
2K Followers 339 Following Reverse engineering, soldering, programming, digital forensics & random stuff | Director @ Kaspersky GReAT | Tweets are my own
Boris Larin @oct0xor
18K Followers 655 Following Former console hacker (PS3/PS4). Hunting in the wild 0-days at Kaspersky GReAT. All tweets are my own.
Operation Zero @opzero_en
6K Followers 0 Following The only Russian-based zero-day vulnerability purchase platform.
intrigus @intrigus_
267 Followers 184 Following I create and break stuff. GitHub ⭐. @KITCTF. #Java, #CodeQL and #V8. Github: https://t.co/2eJKNdhQaV Security stuff: https://t.co/eg564HmccR
Earth @earthcurated
954K Followers 46K Following Featuring stunning High Definition content curated by the world's greatest photographers and Artists
Lan Vu @lanleft_
1K Followers 409 Following she/her | Qrious Secure @qriousec | I made my own cover photo
sha1lan @sha1lan
232 Followers 2 Following
P4nda @P4nda20371774
2K Followers 426 Following Security researcher | PWN | Learning Browser security Cola enthusiast Tweets are my own
Edouard Bochin @le_douds
264 Followers 68 Following
Xion @0x10n
4K Followers 123 Following CMU CSD PhD student / 2024 Top#0 Chrome Researcher / P2O Vancouver '24, TyphoonPWN '24/'25, DEFCON CTF 31-33, ... / PPP, KAIST GoN '18, @zer0pts
madStacks @madStacks3
104 Followers 36 Following
EpicTV Climbing @EpicTVClimbing
7K Followers 350 Following EpicTV's Daily Climbing News Show. Rock, Ice, Mountains, Big Walls, Scary Solos, Trad, Sport, Interviews, Insight. #AdventureStartsHere.
[email protected] @r3tr074
1K Followers 552 Following Security research | https://t.co/SFZNGja5pn | CTF pwn/rev @eltctfbr + @r3kapig | yes, I'm the browser guy
ttt @tchght
286 Followers 305 Following
Jordy Zomer @pwningsystems
3K Followers 258 Following Security Engineer @ Google, likes fuzzing, static analysis and VR. The opinions stated here are my own, not those of my company.
avboy1337 @avboy1337
1K Followers 483 Following Majoring in Civil Engineering & English as Vulnerability researcher.
Raphaël Jamet @raphaeltoujours
65 Followers 223 Following Software security engineer, specialized in web/crypto. Likes cleaning up stuff. He/him.
Marcus Hutter @mhutter42
4K Followers 47 Following I 👨🔬 a mathematical definition&theory of Artificial General Intelligence 🎥&🎤@ https://t.co/OZsooP92mn 🍀 I now work @GoogleDeepMind 🧠 History:🇩🇪🇨🇭🇦🇺🇬🇧
VIE @vie_pls
2K Followers 235 Following Security Engineer @ Google • @mmm_ctf_team and @maplebaconctf • UBC alum
Simon Scannell @scannell_simon
3K Followers 501 Following Cloud Vulnerability Research @ google. Opinions are my own
藤井 こころ @ClimberHeart
3K Followers 276 Following よろしくお願いします!!Kokoro Fujii/関電工/森永製菓/ARC’TERYX/climbing/プロフェッショナルクライマー 仕事の依頼、お問い合わせは [email protected] こちら!✉️
Ben L. Titzer @TitzerBL
2K Followers 349 Following Director of the WebAssembly Research Center at Carnegie Mellon University. Principal Researcher. Wasm co-founder. Former V8 engineer. Compilers!
1377 High-yield Nukes @buptsb
2K Followers 1K Following
S @bfbi
18 Followers 255 Following
Trends for United States
You might like
