FuzzingLabs
@FuzzingLabs
Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
We already reported 7 vulnerabilities to @ollama via @huntr_ai 🔥 The first one is CVE-2024-12886, report is now public even if the bug is not fixed yet... Please do not exposed your Ollama server, it is not the only bug we found... 🛡️ huntr.com/bounties/f115f…
Great work by @FuzzingLabs that hopefully will be very useful for the @solana community. @0xMert_ and @aeyakovenko hope you can check it :D!
🚀 We just released sol-azy on GitHub! A modular CLI for static analysis & reverse engineering of #Solana sBPF programs — with disassembly, CFGs, and Starlark rule support. 🧵 github.com/FuzzingLabs/so… 👀 Docs: fuzzinglabs.github.io/sol-azy/introd… #Solana #RE #Security #Rust
🚀 We just released sol-azy on GitHub! A modular CLI for static analysis & reverse engineering of #Solana sBPF programs — with disassembly, CFGs, and Starlark rule support. 🧵 github.com/FuzzingLabs/so… 👀 Docs: fuzzinglabs.github.io/sol-azy/introd… #Solana #RE #Security #Rust
Hmm 🤔 We bypassed the weak Python sandbox... 🧠 We successfully deployed a malicious Python SCORE on a localnet that: - Dumped all validator private keys - Executed arbitrary system commands - Demonstrated real-world RCE risk
To immediately address any concerns raised, we want to clarify that all bug bounty submissions we’ve received have been thoroughly reviewed and responded to appropriately. This has always been our practice, and we continue to act promptly on any genuine threats to the blockchain,…