Day[0]
By dayzerosec
Listen to a podcast, please open Podcast Republic app. Available on Google Play Store and Apple App Store.
Image by dayzerosec
Category: Technology
Open in Apple Podcasts
Open RSS feed
Open Website
Rate for this podcast
Subscribers: 18
Reviews: 0
Episodes: 282
Description
A weekly podcast for bounty hunters, exploit developers or anyone interesting in the details of the latest disclosed vulnerabilities and exploits.
| Episode | Date |
|---|---|
|
Exploiting VS Code with Control Characters
|
May 12, 2025 |
|
Mitigating Browser Hacking - Interview with John Carse (SquareX Field CISO)
|
Apr 22, 2025 |
|
Pulling Gemini Secrets and Windows HVPT
|
Apr 16, 2025 |
|
Session-ception and User Namespaces Strike Again
|
Apr 01, 2025 |
|
Extracting YouTube Creator Emails and Spilling Azure Secrets
|
Mar 24, 2025 |
|
ESP32 Backdoor Drama and SAML Auth Bypasses
|
Mar 17, 2025 |
|
Exploiting Xbox 360 Hypervisor and Microcode Hacking
|
Mar 12, 2025 |
|
Path Confusion and Mixing Public/Private Keys
|
Mar 03, 2025 |
|
ZDI's Triaging Troubles and LibreOffice Exploits
|
Feb 25, 2025 |
|
Recycling Exploits in MacOS and Pirating Audiobooks
|
Feb 18, 2025 |
|
Top 10 Web Hacking Techniques and Windows Shadow Stacks
|
Feb 12, 2025 |
|
Unicode Troubles, Bypassing CFG, and Racey Pointer Updates
|
Feb 04, 2025 |
|
Deanonymization with CloudFlare and Subaru's Security Woes
|
Jan 27, 2025 |
|
Excavating Exploits and PHP Footguns
|
Jan 20, 2025 |
|
WhatsApp vs. NSO and CCC Talks
|
Jan 14, 2025 |
|
Buggy Operating Systems Are Coming to Town
|
Dec 16, 2024 |
|
Machine Learning Attacks and Tricky Null Bytes
|
Dec 09, 2024 |
|
A Windows Keyhole and Buggy OAuth
|
Dec 02, 2024 |
|
Linux Is Still a Mess and Vaultwarden Auth Issues
|
Nov 26, 2024 |
|
FortiJump Higher, Pishi, and Breaking Control Flow Flattening
|
Nov 18, 2024 |
|
Static Analysis, LLMs, and In-The-Wild Exploit Chains
|
Nov 11, 2024 |
|
Attacking Browser Extensions and CyberPanel
|
Nov 04, 2024 |
|
Hardwear.IO NL, DEF CON 32, and Filesystem Exploitation
|
Oct 29, 2024 |
|
Zendesk's Email Fiasco and Rooting Linux with a Lighter
|
Oct 16, 2024 |
|
Summer Recap: Phrack, Off-by-One, and RCEs
|
Oct 08, 2024 |
|
Attack of the CUPS and Exploiting Web Views via HSTS
|
Sep 30, 2024 |
|
Future of the Windows Kernel and Encryption Nonce Reuse
|
Sep 23, 2024 |
|
Iterating Exploits & Extracting SGX Keys
|
Sep 16, 2024 |
|
Memory Corruption: Best Tackled with Mitigations or Safe-Languages
|
May 17, 2024 |
|
[discussion] A Retrospective and Future Look Into DAY[0]
|
Apr 19, 2024 |
|
[binary] Bypassing KASLR and a FortiGate RCE
|
Mar 20, 2024 |
|
[bounty] RCE'ing Mailspring and a .NET CRLF Injection
|
Mar 19, 2024 |
|
[binary] Future of Exploit Development Followup
|
Mar 13, 2024 |
|
[bounty] libXPC to Root and Digital Lockpicking
|
Mar 12, 2024 |
|
[binary] Binary Ninja Free and K-LEAK
|
Mar 06, 2024 |
|
[bounty] Hacking Google AI and SAML
|
Mar 05, 2024 |
|
[binary] Rust Memory Corruption???
|
Feb 28, 2024 |
|
[bounty] A PHP and Joomla Bug and some DOM Clobbering
|
Feb 27, 2024 |
|
[binary] Linux Burns Down CVEs
|
Feb 21, 2024 |
|
[bounty] GhostCMS, ClamAV, and the Top Web Hacking Techniques of 2023
|
Feb 20, 2024 |
|
[binary] kCTF Changes, LogMeIn, and wlan VFS Bugs
|
Feb 14, 2024 |
|
[bounty] The End of a DEFCON Era and Flipper Zero Woes
|
Feb 13, 2024 |
|
[binary] The Syslog Special
|
Feb 07, 2024 |
|
[bounty] Public Private Android Keys and Docker Escapes
|
Feb 06, 2024 |
|
[binary] Busted ASLR, PixieFail, and Bypassing HVCI
|
Jan 31, 2024 |
|
[bounty] Reborn Homograph Attacks and Ransacking Passwords
|
Jan 30, 2024 |
|
[binary] Bypassing Chromecast Secure-Boot and Exploiting Factorio
|
Jan 17, 2024 |
|
[bounty] A GitLab Account Takeover and a Coldfusion RCE
|
Jan 16, 2024 |
|
[binary] Allocator MTE, libwebp, and Operation Triangulation
|
Jan 10, 2024 |
|
[bounty] Spoofing Emails, PandoraFMS, and Keycloak
|
Jan 09, 2024 |
|
[binary] RetSpill, A Safari Vuln, and Steam RCE
|
Dec 22, 2023 |
|
[bounty] IOT Issues and DNS Rebinding
|
Dec 19, 2023 |
|
[binary] Samsung Baseband and GPU Vulns
|
Dec 06, 2023 |
|
[bounty] Buggy Cookies and a macOS TCC Bypass
|
Dec 05, 2023 |
|
[binary] Hypervisor Bugs and a FAR-out iOS bug
|
Nov 29, 2023 |
|
[bounty] Kubernetes Code Exec and There Is No Spoon
|
Nov 28, 2023 |
|
[binary] A Heap of Linux Bugs
|
Nov 22, 2023 |
|
[bounty] Prompting for Secrets and Malicious Extensions
|
Nov 21, 2023 |
|
[binary] A Bundle of Windows Bugs
|
Nov 15, 2023 |
|
[bounty] Usurping Mastodon and Broken Signature Schemes
|
Nov 13, 2023 |
|
[binary] MTE Debuts, DNS Client Exploits, and iTLB Multihit
|
Nov 08, 2023 |
|
[bounty] Attacking OAuth, Citrix, and some P2O Drama
|
Nov 07, 2023 |
|
[binary] Windows Kernel Bugs, Safari Integer Underflow, and CONSTIFY
|
Oct 24, 2023 |
|
[bounty] Rapid Reset, Attacking AWS Cognito, and Confluence Bugs
|
Oct 22, 2023 |
|
[binary] A Chrome RCE, WebP 0day, and glibc LPE
|
Oct 11, 2023 |
|
[bounty] Insecure Firewalls, MyBB, and Winning with WinRAR
|
Oct 10, 2023 |
|
[binary] Busted Stack Protectors, MTE, and AI Powered Fuzzing
|
Sep 27, 2023 |
|
[bounty] DEF CON, HardwearIO, Broken Caching, and Dropping Headers
|
Sep 26, 2023 |
|
[binary] Exploiting VMware Workstation and the Return of CSG0-Days
|
May 25, 2023 |
|
[bounty] Jellyfin Exploits and TOCTOU Spellcasting
|
May 23, 2023 |
|
[binary] Attacking VirtualBox and Malicious Chess
|
May 18, 2023 |
|
[bounty] OverlayFS to Root and Parallels Desktop Escapes
|
May 16, 2023 |
|
[binary] TPMs and Baseband Bugs
|
May 11, 2023 |
|
[bounty] Bad Ordering, Free OpenAI Credits, and Goodbye Passwords?
|
May 09, 2023 |
|
[binary] A Timing Side-Channel for Kernel Exploitation and VR in the wake of Rust
|
May 04, 2023 |
|
[bounty] Git Config Injection and a Sophos Pre-Auth RCE
|
May 02, 2023 |
|
[binary] A Ghostscript RCE and a Windows Registry Bug
|
Apr 27, 2023 |
|
[bounty] SecurePoint UTM, Chfn, and Docker Named Pipe Vulns
|
Apr 25, 2023 |
|
[binary] Glitching the Wii-U and Integer Overflows
|
Apr 13, 2023 |
|
[bounty] Pentaho Pre-Auth RCE and Theft by CAN Injection
|
Apr 11, 2023 |
|
[binary] A SNIProxy Bug and a Samsung NPU Double Free
|
Apr 06, 2023 |
|
[bounty] Bamboozling Bing and a Curl Gotcha
|
Apr 04, 2023 |
|
[binary] 200th Episode! Integer Bugs & Synthetic Memory Protections
|
Mar 30, 2023 |
|
[bounty] Bypassing CloudTrail and Tricking GPTs
|
Mar 28, 2023 |
|
[binary] TOCTOUs in Intel SMM and Shannon Baseband Bugs
|
Mar 23, 2023 |
|
[bounty] Popping Azure Web Services and Apollo Config Bugs
|
Mar 21, 2023 |
|
[binary] An OpenBSD overflow and TPM bugs
|
Mar 16, 2023 |
|
[bounty] Stealing Secrets with Security Advisories and CorePlague
|
Mar 14, 2023 |
|
[binary] Hacking the DSi and some Fuzzing Tips
|
Mar 09, 2023 |
|
[bounty] ImageMagick, Cracking SmartLocks, and Broken OAuth
|
Mar 07, 2023 |
|
[binary] A GPU Bug and the World's Worst Fuzzer Findings
|
Mar 02, 2023 |
|
[bounty] Param Pollution in Golang, OpenEMR, and CRLF Injection
|
Feb 28, 2023 |
|
[binary] Fuzzing cURL, Netatalk, and an Emulator Escape
|
Feb 23, 2023 |
|
[bounty] Compromising Azure, Password Verification Fails, and Readline Crime
|
Feb 21, 2023 |
|
[binary] Rusty Kernel Bugs, mast1c0re, and OpenSSH
|
Feb 16, 2023 |
|
[bounty] Top 2022 Web Hacking Techniques and a Binance Bug
|
Feb 14, 2023 |
|
[binary] An XNU Exploit and a Chrome Heap Overflow
|
Feb 09, 2023 |
|
[bounty] Facebook Account Takeovers and a vBulletin RCE
|
Feb 07, 2023 |
|
[binary] KASAN comes to Windows and Shuffling ROP Gadgets
|
Feb 02, 2023 |
|
[bounty] CSS Injection and a Google Cloud Project Takeover Bug
|
Jan 31, 2023 |
|
[binary] Exploiting Null Derefs and Windows Type COM-fusion
|
Jan 26, 2023 |
|
[bounty] Cloud Bugs and More Vulns in Galaxy App Store
|
Jan 24, 2023 |
|
[binary] An iPod Nano Bug, XNU Vuln, and a WebKit UAF
|
Jan 19, 2023 |
|
[bounty] Client-Side Path Traversal and Hiding Your Entitlement(s)
|
Jan 17, 2023 |
|
[binary] Attacking Bhyves and a Kernel UAF
|
Jan 12, 2023 |
|
[bounty] Web Hackers vs. Cars and a Facebook Account Takeover
|
Jan 10, 2023 |
|
[binary] JS Type Confusions and Bringing Back Stack Attacks
|
Dec 15, 2022 |
|
[bounty] Pwn2Own Bugs and WAF Bypasses
|
Dec 13, 2022 |
|
[binary] A Huawei Hypervisor Vuln and More Memory Safety
|
Dec 08, 2022 |
|
[bounty] Remotely Controlling Hyundai and a League of Legends XSS
|
Dec 06, 2022 |
|
[binary] Patch Gaps and Apple Neural Engine Vulns
|
Dec 01, 2022 |
|
[bounty] Tailscale RCE, an SQLi in PAM360, and Exploiting Backstage
|
Nov 29, 2022 |
|
[binary] Hacking Pixel Bootloaders and Injecting Bugs
|
Nov 24, 2022 |
|
[bounty] Racing Grafana, Stealing Mastadon Passwords, and Cross-Site Tracing
|
Nov 22, 2022 |
|
[binary] Exploiting Undefined Behavior and a Chrome UAF
|
Nov 17, 2022 |
|
[bounty] Bypassing Pixel Lock Screens and Checkmk RCE
|
Nov 15, 2022 |
|
[binary] OpenSSL Off-by-One, Java XML Bugs, and an In-the-Wild Samsung Chain
|
Nov 10, 2022 |
|
[bounty] Apache Batik, Static Site Generators, and an Android App Vuln
|
Nov 08, 2022 |
|
[binary] XNU's kalloc_type, Stranger Strings, and a NetBSD Bug
|
Nov 03, 2022 |
|
[bounty] A Galaxy Store Bug, Facebook CSRF, and Google IDOR
|
Nov 01, 2022 |
|
[binary] Edge Vulns, a SHA-3 Overflow, and an io_uring Exploit
|
Oct 27, 2022 |
|
[bounty] XMPP Stanza Smuggling in Jabber and a Cobalt Strike RCE
|
Oct 25, 2022 |
|
[binary] Some Browser Exploitation and a Format String Bug?
|
Oct 20, 2022 |
|
[bounty] GitHub to GitLab RCE and a new PHP Supply Chain Attack
|
Oct 18, 2022 |
|
[binary] i.MX Secure Boot Bypass and a Hancom Office Underflow
|
Oct 13, 2022 |
|
[bounty] Got UNIX Sockets and Some Filter Bypasses?
|
Oct 11, 2022 |
|
[binary] Pwning Scoreboards, uClibC, and PS5 Exploitation
|
Oct 06, 2022 |
|
[bounty] Akamai Cache Poisoning and a Chrome Universal XSS
|
Oct 04, 2022 |
|
[binary] SoCs with Holes, Crow HTTP Bugs, and Bypassing Intel CET
|
Sep 29, 2022 |
|
[bounty] Web3 Universal XSS, Breaking BitBucket, and WAF Bypasses
|
Sep 27, 2022 |
|
[binary] An iOS Bug, Attacking Titan-M, and MTE Arrives
|
Sep 22, 2022 |
|
[bounty] Reading GitLab Hidden HackerOne Reports and Golang Parameter Smuggling
|
Sep 20, 2022 |
|
[binary] Fuchsia OS, Printer Bugs, and Hacking Radare2
|
Jun 02, 2022 |
|
[bounty] A Zoom RCE, VMware Auth Bypass, and GitLab Stored XSS
|
May 31, 2022 |
|
[binary] Pwn2Own, Parallels Desktop, and an AppleAVD Bug
|
May 26, 2022 |
|
[bounty] Stealing DropBox Google Drive Tokens, a GitLab Bug, and macOS "Powerdir" Vulnerability
|
May 24, 2022 |
|
[binary] Python 3 UAF and PS4/PS5 PPPoE Kernel Bug
|
May 19, 2022 |
|
[bounty] Deleting Rubygems, BIG-IP Auth Bypass, and a Priceline Account Takeover
|
May 17, 2022 |
|
[binary] Pwn2Owning Routers and Anker Eufy Bugs
|
May 12, 2022 |
|
[bounty] Cloudflare Pages, Hacking a Bank, and Attacking Price Oracles
|
May 10, 2022 |
|
[binary] NimbusPwn, a CLFS Vulnerability, and DatAFLow (Fuzzing)
|
May 05, 2022 |
|
[bounty] XSS for NFTs, a VMWare Workspace ONE UEM SSRF, and GitLab CI Container Escape
|
May 03, 2022 |
|
[binary] Getting into Vulnerability Research and a FUSE use-after-free
|
Apr 28, 2022 |
|
[bounty] A Struts RCE, Broken Java ECDSA (Psychic Signatures) and a Bad Log4Shell Fix
|
Apr 26, 2022 |
|
[binary] Another iOS Bug and Edge Chakra Exploitation
|
Apr 21, 2022 |
|
[bounty] Taking Over an Internal AWS Service and an Interesting XSS Vector
|
Apr 19, 2022 |
|
[binary] A subtle iOS parsing bug and a PHP use-after-free
|
Apr 14, 2022 |
|
[bounty] A Double-Edged SSRF, Pritunl VPN LPE, and a NodeBB Vuln
|
Apr 12, 2022 |
|
[binary] FORCEDENTRY Sandbox Escape and NetFilter Bugs
|
Apr 07, 2022 |
|
[bounty] Spring4Shell, PEAR Bugs, and GitLab Hardcoded Passwords
|
Apr 05, 2022 |
|
[binary] Pwning WD NAS, NetGear Routers, and Overflowing Kernel Pages
|
Mar 31, 2022 |
|
[bounty] GitLab Arbitrary File Read and Bypassing PHP's filter_var
|
Mar 29, 2022 |
|
[binary] Chrome Heap OOB Access and TLStorm
|
Mar 24, 2022 |
|
[bounty] DOMPDF XSS to RCE, Chrome Leaking Envrionment Vars, and cr8escape
|
Mar 22, 2022 |
|
[binary] A Windows UAF, Branch Prediction Bugs, and an io_uring Exploit
|
Mar 17, 2022 |
|
[bounty] Pascom RCE, AutoWarp, and a GKE Container Escape
|
Mar 15, 2022 |
|
[binary] Dirty Pipe and Analyzing Memory Tagging
|
Mar 10, 2022 |
|
[bounty] Facebook Exploits, pfSense RCE, and MySQLjs SQLi
|
Mar 08, 2022 |
|
[binary] ImageGear JPEG Vulns, NetFilter, and a LibCurl Memory Disclosure
|
Mar 03, 2022 |
|
[bounty] DynamicWeb RCE, VMWare Bugs, and Exploiting GitHub Actions
|
Mar 01, 2022 |
|
[binary] Zynq-7000 Secure Boot Bypass and Compiler-Created Bugs
|
Feb 24, 2022 |
|
[bounty] CoinDesk, Zabbix, and Leaking Secrets Through Mirrored Repos
|
Feb 22, 2022 |
|
[binary] Another Kernel TIPC Bug, MySQL, and Buggy Go
|
Feb 17, 2022 |
|
[bounty] Baby Monitor Bugs, Grafana, and Twitter De-anonymization
|
Feb 16, 2022 |
|
[binary] Fastly Infoleak, Samba OOB Access, and Pwning MacOS
|
Feb 10, 2022 |
|
[bounty] Hacking Google Drive Integrations and XSS Puzzles
|
Feb 08, 2022 |
|
[binary] PwnKit, a Win32k Type Confusion, and Binary Ninja 3.0
|
Feb 03, 2022 |
|
[bounty] Zoho Auth Bypass, a Bogus Bug, and Leaking Microsoft Bug Reports
|
Feb 01, 2022 |
|
[binary] NetUSB RCE, a Linux Kernel Heap Overflow, and an XNU Use-After-Free
|
Jan 27, 2022 |
|
[bounty] Bypassing Box MFA and Bad AES Key Generation
|
Jan 25, 2022 |
|
[binary] Pwning Camera and Overflowing your Integers
|
Jan 20, 2022 |
|
[bounty] Bad Code and Bad URLs
|
Jan 18, 2022 |
|
[Binary] Rooting Ubuntu By Accident and Samsung Kernel Bugs
|
Jan 13, 2022 |
|
[Bounty] RocketChat RCE, Flickr, and a Critical Smart Contract Bug
|
Jan 11, 2022 |
|
An Android Kernel Bug and a Chrome+Edge Bug [Binary Exploitation]
|
Dec 16, 2021 |
|
Log4j RCE coming to a service near you and uBlock CSS Injection [Bounty]
|
Dec 15, 2021 |
|
MediaTek, Yet Another Chrome Bug, and BigSig [Binary Exploitation]
|
Dec 09, 2021 |
|
Bypassing MFA, WebCache Poisoning, and AWS SageMaker [Bounty Hunting]
|
Dec 07, 2021 |
|
KVM Bugs and an iOS IOMFB Kernel Exploit [Binary Exploitation]
|
Dec 02, 2021 |
|
GitLab Prototype Pollution and Some Authentication Bypasses [Bounty Hunting]
|
Nov 30, 2021 |
|
Hacking Neural Nets, a Chrome WebRTC UAF and Pwning Windows [Binary Exploitation]
|
Nov 25, 2021 |
|
Big Bounties by Exploiting WebKit's CSP & Concrete CMS Bugs [Bounty Hunting]
|
Nov 23, 2021 |
|
DDR4 Rowhammer, Azure Bugs, "Essential 0days", and Backdoored IDA [Binary Exploitation]
|
Nov 18, 2021 |
|
Rust in the Web? A Special Guest and some Bad Crypto [Bounty Hunting]
|
Nov 16, 2021 |
|
A too trusty TrustZone and a few Linux Kernel bugs [Binary Exploitation]
|
Nov 11, 2021 |
|
A MacOS SIP Bypass & an XSS Fiesta [Bounty Hunting]
|
Nov 09, 2021 |
|
Type Confusion in Android NFC, PHP-FPM Local Privilege Escalation, and CallbackHell [Binary Exploitation]
|
Nov 04, 2021 |
|
Discourse SNS RCE, a Stored XSS in GitLab, and a Reddit Race Condition [Bug Hunting]
|
Nov 02, 2021 |
|
A Kernel Race, SuDump, and a Chrome Garbage Collector Bug [Exploit Dev/VR]
|
Oct 28, 2021 |
|
A Slack Attack and a MySQL Scientific Notation Bug [Bug Hunting]
|
Oct 26, 2021 |
|
WebKit Bugs, a Windows Race, and House of IO Improved [Exploit Dev/VR]
|
Oct 21, 2021 |
|
WebSocket Hijacking, GitHub review bypass and SQLi to RCE [Bug Hunting]
|
Oct 19, 2021 |
|
HyperKit Bugs & an Open5GS Stack Overflow [Binary Exploitation]
|
Oct 14, 2021 |
|
SharePoint RCE & an Apache Path Traversal [Bug Hunting]
|
Oct 12, 2021 |
|
Chrome Exploits and a Firefox Update Bug [Binary Exploitation]
|
Oct 07, 2021 |
|
Gatekeeper Bypass, Opera RCE, and Prototype Pollution [Bounty Hunting]
|
Oct 05, 2021 |
|
Kernel UAFs and a Parallels VM Escape [Binary Exploitation]
|
Sep 30, 2021 |
|
iOS 0days, Apache Dubbo RCEs, and NPM bugs [Bounty Hunting]
|
Sep 29, 2021 |
|
A Curl UAF, iPhone FORCEDENTRY, and a Crazy HP OMEN Driver [Binary Exploitation]
|
Sep 23, 2021 |
|
A Flickr CSRF, GitLab, & OMIGOD, Azure again? [Bounty Hunting]
|
Sep 21, 2021 |
|
NETGEAR smart switches, SpookJS, & Parallels Desktop [Binary Exploitation]
|
Sep 16, 2021 |
|
Reused VMWare exploits & Escaping Azure Container Instances [Bounty Hunting]
|
Sep 14, 2021 |
|
Escaping the Bhyve, WhatsApp, & BrakTooth [Binary Exploitation]
|
Sep 09, 2021 |
|
Takeover A Facebook, SnapChat or JetBrains Account [Bounty Hunting]
|
Sep 07, 2021 |
|
NoSQL Injection, Mobile Misconfigurations and a Wormable Windows Bug
|
May 25, 2021 |
|
Cross-Browser Tracking, Frag Attacks, and Malicious Rust Macros
|
May 18, 2021 |
|
Fake Vulns, More Valve, and an AWS Cognito issue
|
May 11, 2021 |
|
Defcon Quals, Dead μops, BadAllocs, Wordpress XXE
|
May 04, 2021 |
|
Bad Patches, Fuzzing Sockets, & 3DS Hacked by Super Mario
|
Apr 27, 2021 |
|
Windows Bugs, Duo 2FA Bypass, and some Reverse Engineering
|
Apr 20, 2021 |
|
Pwn2own, Linux Kernel Exploits, and Malicious Mail
|
Apr 13, 2021 |
|
Speculation in Predictive Store Forwarding, Broken Fixes, and Owning Rocket.Chat
|
Apr 06, 2021 |
|
Google exposes an APT campaign, PHP owned, and Several Auth Issues
|
Mar 30, 2021 |
|
Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!
|
Mar 23, 2021 |
|
Hacking Cameras, Stealing Logins, and Breaking Git
|
Mar 16, 2021 |
|
Buggy Browsers, Heap Grooming, and Broken RSA?
|
Mar 09, 2021 |
|
BlackHat USA, Pre-Auth RCEs, and JSON Smuggling
|
Mar 02, 2021 |
|
PDF Exploits, GPGME Making Mistakes EZ and Favicon Tracking
|
Feb 23, 2021 |
|
Industrial Control Fails and a Package disguised in your own supply
|
Feb 16, 2021 |
|
MediaTek BootROM Broken, Free Coffee, and an iOS Kernel Exploit
|
Feb 09, 2021 |
|
OSED, North Korean hackers, NAT Slipstream 2.0, and PGP (in)security
|
Feb 02, 2021 |
|
Snooping YouTube History and Breaking State Machines
|
Jan 26, 2021 |
|
Breaking Lock Screens & The Great Vbox Escape
|
Jan 19, 2021 |
|
Universal Deserialization, Stealing Youtube Videos, and CTFs
|
Jan 12, 2021 |
|
Hacking Nintendo 3DS, Apple vs Corellium, and Android Bugs
|
Jan 05, 2021 |
|
Fireeye, PS4 exploit, and MacOS LPE
|
Dec 15, 2020 |
|
Rooting iOS, Hacking with cURL, and the end of Use-After-Free
|
Dec 08, 2020 |
|
Bad Blocklists, Legal News, and Windows Vulns
|
Dec 01, 2020 |
|
Jailbreaks, Stealing Playstation Accounts, and Automatic Exploit Generation
|
Nov 24, 2020 |
|
Hacking Voatz and Rooting Ubuntu
|
Nov 17, 2020 |
|
Pwn2Own, Tianfu Cup, and Other Hacks
|
Nov 10, 2020 |
|
A Look At OSEP, Hacking Metasploit and the Legal Risks of Research
|
Nov 03, 2020 |
|
Low-cost Penetration Testing, High Performance Fuzzing and Github RCEs
|
Oct 27, 2020 |
|
Some Discord, a Bad Neighbor and a BleedingTooth
|
Oct 20, 2020 |
|
Breaking into HashiCorp Vault, Apple and Google
|
Oct 13, 2020 |
|
Fingerprinting Exploit Devs, BLURtooth and Punking Punkbuster
|
Oct 06, 2020 |
|
Instagram Hacks, Half-life 1 Exploits, and Gaslighting Android
|
Sep 29, 2020 |
|
Bhyves and Evil LEDs (+Roulette)
|
Sep 22, 2020 |
|
Raccoons, Incomplete fixes and Kernel Exploits
|
Sep 15, 2020 |
|
Zoom E2E, 15 year old bugs, and killing 20 year old attacks
|
May 26, 2020 |
|
iOS 0days are worthless, PrintDemon, and a takeover of hackerone
|
May 19, 2020 |
|
Defcon is canceled, Microsoft was hacked, Rust has vulns
|
May 12, 2020 |
|
Auth Bypass, XSS, RCE and more
|
May 05, 2020 |
|
Relyze Decompiler, jQuery XSS, Sandbox Escaping and 0-Click Mail RCE
|
Apr 28, 2020 |
|
Binary Ninja's Decompiler, git credential leak, cross-platform LPEs
|
Apr 21, 2020 |
|
IDA...Go home, Sandboxie source, and some RCEs (TP-Link, Starcraft 1, OhMyZsh)
|
Apr 14, 2020 |
|
Zoom-ers, VM Escapes, and Pegasus Resurfaces
|
Apr 07, 2020 |
|
A shortcut (.lnk) to RCE, Pi-Hole, Shadow Stacks, and fine-grained kASLR
|
Mar 31, 2020 |
|
Pwn2Own Results, Voatz (again), some web-exploits and a code-reuse mitigation
|
Mar 24, 2020 |
|
How to Hack a CTF and more (LVI, TRRespass and some web-exploits)
|
Mar 17, 2020 |
|
FuzzBench, MediaTek-su, Request Smuggling, and Memory Tagging
|
Mar 10, 2020 |
|
kr00k, GhostCat, and more issues from NordVPN, Samsung, OpenSMTPd
|
Mar 03, 2020 |
|
A Dark White-Hat hacker? and various vulns ft. Cisco, Periscope, NordVPN and Tesla/EyeQ
|
Feb 25, 2020 |
|
A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing
|
Feb 18, 2020 |
|
Hack Twitter, WhatsApp and all your Cisco phones (CDPwn) ft. GhostKnight
|
Feb 11, 2020 |
|
OK Google, sudo ./hacktheplanet
|
Feb 04, 2020 |
|
Return of the Zombieload, Bezos Hacked, and other exploits
|
Jan 27, 2020 |
|
Project Verona, CurveBall, CableHaunt, and RCEs-a-plenty
|
Jan 21, 2020 |
|
SHA-mbles, Shitrix, Responsible Disclosure, and wtf is TikTok doing?
|
Jan 14, 2020 |
|
First Edge bounty, Hacking Tesla via Wi-Fi, Cisco advisories, and Shadow Clones
|
Jan 08, 2020 |
|
PlunderVolt, Real-World Bug Hunting, Presidents Cup CTF, SockPuppet and more
|
Dec 17, 2019 |
|
Permanent DoS, HackerOne Hacked, and Wide-OpenBSD
|
Dec 10, 2019 |
|
CWE Top 25, Hacking Anti-Viruses and Adversarial Machine Learning Attacks
|
Dec 03, 2019 |
|
What does the NSA say?
|
Nov 26, 2019 |
|
Election hacking, Kernel Security, MDS Attacks and Github's Security Lab
|
Nov 19, 2019 |
|
Rogue Employees, Lasers, Fuzzing, and an iOS Exploit (checkra1n)
|
Nov 13, 2019 |
|
A Bit of everything: 0days, Breaches, Lawsuits, Attacking AI, and some insecure
|
Nov 05, 2019 |
|
NordVPN Again, Snowden, CPDoS, a PHP-RCE, and some console hacking
|
Oct 28, 2019 |
|
Linux Exploits, Secure Credentials, Side-Channels and Election(SDK) hacking
|
Oct 21, 2019 |
|
When your errors have errors...
|
Oct 14, 2019 |
|
Exploits-galore iOS (checkm8), Android, Signal, Whatsapp, PHP and more
|
Oct 07, 2019 |
|
Offensive Security's OSWE/AWAE, Massive Security failures, and a handful of cool attacks
|
May 27, 2019 |
|
Intel has done it again, ft. Zombies, Cats, and Windows exploits
|
May 20, 2019 |
|
The Unhackable Morpheus chip and other exploit mitigations
|
May 13, 2019 |
|
Another CSG0-day, Ransomware? and a 36 year old vuln
|
May 06, 2019 |
|
Docker, Government Attacks, and Best Practices
|
Apr 29, 2019 |
|
Fun Malware, Fun AI Tricks, and General Fun
|
Apr 22, 2019 |
|
Compromises, Challenge Design, and 0days
|
Apr 16, 2019 |
|
CTFs, Backdoors, and Control Flow Integrity
|
Apr 02, 2019 |
|
RE Tools, Ethereum, and Plaintext Passwords
|
Mar 26, 2019 |
|
CSG0-Days, Exploit Mitigations, and Voting Systems
|
Mar 18, 2019 |
|
Zero-Days, Ghidra, and Questionable CVE's
|
Mar 11, 2019 |