Mr. Anthony 安東尼
@darkfloyd1014
Director @vxresearch |@blackhatevents Asia & USA Review Board | Love animals, retro game & browser bug hunting
We got our first Google Chrome bounty for minimum wage or McDonalds before Christmas 🎄.
UPDATE: A security patch released by Microsoft earlier this month failed to fully fix a critical flaw in the U.S. tech company's SharePoint server software that had been identified at a hacking competition in May, opening the door to a sweeping global cyber espionage operation,…
ICYMI: A critical security flaw in Microsoft's SharePoint software has triggered widespread breaches, affecting government agencies, businesses, and institutions across multiple continents. Since attacks began around July 18, 2025, hackers have compromised at least 85 servers…
【劇場版「鬼滅の刃」無限城編 第一章 猗窩座再来】 竈門炭治郎と冨岡義勇が描かれた IMAXビジュアルを描き下ろしました。 本作は引き続き全国の劇場にて上映中です。 よろしくお願い致します。 #鬼滅の刃 #無限城編
CVE-2025-22226 (VMware ESXi wild exploit, infoleak part) x.com/alisaesage/sta…
CVE-2025-22224 (VMware ESXi)
💥 CERT-UA published a report on a malware powered by an LLM. The malware uses Qwen 2.5-Coder-32B-Instruct via the HuggingFace API to generate and execute commands on infected systems. It is a Python script that embeds prompts to dynamically craft Windows reconnaissance…
wtf every man and their dog comes out saying they detect the sharepoint thing now. Like it’s the next CEO HR affair story to chase.
Escalation methodology for CVE-2024-4947, a in-the-wild V8 type confusion bug. Shoutout to @vaber_b, @oct0xor, @buptsb, @mistymntncop, 303f06e3 and @DimitriFourny for their great research for this bug! github.com/bjrjk/CVE-2024…
I was reading the SharePoint zero-day news (I have a personal interest in itw 0day hunting), then I realized MSRC has bounties for SharePoint bugs, then I read the program & found it only offers like 20k for critical SharePoint RCE (if I read the rules correctly)…
(CVE-2025-3619)[$15000] [Critical][media][409619251]Heap-BoF in Codecs is now open issues.chromium.org/issues/4096192…
woah... (CVE-2025-3619)[Critical][media][409619251]Heap-BoF in Codecs(when the size of data to be copied ('copy_size') exceeded the allocated 'buffer_size') chromium-review.googlesource.com/c/chromium/src… chromereleases.googleblog.com/2025/04/stable… Reported by Elias Hohl on 2025-04-09
From iconic recipes to regional rivalries, take a hot dog road trip with AI Mode in Search 🌭
Exploiting a Windows Application Using Return Oriented Programming x.com/i/broadcasts/1…
Writeup of my SharePoint RCE: CVE-2024-38018. ZDI decided not to publish the blog and I didn't find time to write a new one 😅 Enjoy @_l0gg analysis!
While waiting for the Pwn2Own chain, you might want to read this. Disclaimer: This is a bug I discovered by accident, and already been resolved. I’m not sure which CVE or patch this maps to. If you know any information, please feel free to leave a comment blog.viettelcybersecurity.com/sharepoint_pro…
📣 IDA 9.2 Beta is here! This release is packed with UI upgrades, smarter analysis, and expanded architecture support. ➥ Already a Beta user? Grab it now. ➥ Not enrolled? Sign up today. eu1.hubs.ly/H0lS6nv0
101 Chrome Exploitation — Part 0: Preface We are starting a new series on modern browsers' architecture and their exploitation using Chrome as an example. Readers will learn how browser subsystems are implemented, how their security is ensured and how it is violated with…
hey hey, registration for the @rfhackers @defcon 33 World Wide War Drive opens TOMORROW! Start thinking about those the geo-quads and watch this space for the reg. link!
🔗 GitHub: github.com/rfidresearchgr… 💬 Discord: iceman.one Test it. Break it. Contribute. Let’s push the boundaries of RFID. #Infosec #ReverseEngineering
Good news, score updated higher😄 Honoured to be #2😆, Huge thx to @msftsecresponse for the support & to @guhe120 and @XiaoWei___ for their guidance and sharing & to friends' help🤗 Congrats to everyone on the board! 🎉
Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard. The Microsoft Researcher…
#BHUSA Regular Registration ends tomorrow, July 18! Lock in your pass before the price increase>> bit.ly/4jnXIa5
(CVE-2022-2011)[$12000][40059796][ANGLE ][Vulkan]Heap-UAF when bind/unbind TransformFeedback after deleting buffer issues.chromium.org/issues/40059796