Cvewhen?
@cvewhen
born to be reverse engineer financially forced to do websec. god's favourite idiot.
I was one of the 16 devs in this study. I wanted to speak on my opinions about the causes and mitigation strategies for dev slowdown. I'll say as a "why listen to you?" hook that I experienced a -38% AI-speedup on my assigned issues. I think transparency helps the community.
We ran a randomized controlled trial to see how much AI coding tools speed up experienced open-source developers. The results surprised us: Developers thought they were 20% faster with AI tools, but they were actually 19% slower when they had access to AI than when they didn't.
Here is our 0day for kernelCTF🩸 - 82k bounty - quickest submission ever - all instances pwned😎 syst3mfailure.io/rbtree-family-… Disclaimer: We apologize for abusing the red black tree family. Turning grandparents against grandchildren is only acceptable in the context of pwn😤
Exploit write-ups for our 🚨latest 0-day🚨and the tragedy that swept the red black tree family dropping soon 👀 Here is a tiktok style video for those of you with no attention span thanks to slop and social media. Turn on the audio!!!
I wonder how chief scientists like @shengjia_zhao maintain a work life balance knowing every hour they spend is literally changing the world
These are the things that you need to fight to hold onto: Stay curious, stay tender (so hard to do), be humble and don't get bitter. Stay flexible and resilient. Remember that you might be the only one that can say the thing, solve the problem, or invent the tool.
Might get flame for this (happy to be corrected) but, I think there's no ethics in corporate. Your company would not think twice before replacing you or scapegoating you. So, why pick your company over your well-being? Sow the least, reap the most. Don't hurt others.
People who say Ai invents art are getting the mute from me I am not even going to bother explaining
Everything that happens to you is not a signal or referendum to update your self worth :) In conversation with a friend who was overanalyzing her colleague's texts.
don’t depend on corporations to grant you rights. defend them yourself using freedom technology. (you’re on one)
CVE-2023-52927 - Turning a Forgotten Syzkaller Report into kCTF Exploit Article by @seadragnol about finding an unfixed netfilter use-after-free bug reported by syzbot. The researcher exploited it to pwn the kernelCTF COS instance. seadragnol.github.io/posts/CVE-2023…
We found a new container escape affecting all container runtimes using @NVIDIA GPUs. The crazy part? The exploit is just three lines long 🤯 This is the story of #NVIDIAScape 🧵👇
Just released a short writeup for the A9 version of the Trigon exploit, which involves getting code execution on a coprocessor before exploiting the kernel - enjoy! alfiecg.uk/2025/07/16/Tri…
TIL Hairy Ball theorem. Mathematicians will prove it's impossible to avoid cowlicks just so they don't have to groom themselves
Perhaps one of the most badass CVE's I've ever seen from @midwestneil 💪😤 cisa.gov/news-events/ic…
so fkin glad i'll never have to learn Excel ever. Went 22 years without learning it and will continue
