j j
@mistymntncop
http://infosec.exchange/@blackeggs https://github.com/mistymntncop/
.@ryanjfleury's talk is out! Come learn why and how RADDBG so smoothly goes far beyond text debugging. youtu.be/_9_bK_WjuYY
My brief Analysis of Chrome's 0day CVE-2025-6554 in the Wild,it's really insterating,thanks sharing of @DarkNavyOrg,@mistymntncop before.
Brief analysis of Chrome vuln #CVE-2025-6554, which was exploited in the wild. ti.qianxin.com/blog/articles/…
Escalation methodology for CVE-2024-4947, a in-the-wild V8 type confusion bug. Shoutout to @vaber_b, @oct0xor, @buptsb, @mistymntncop, 303f06e3 and @DimitriFourny for their great research for this bug! github.com/bjrjk/CVE-2024…
Has there ever been anyone who has claimed to have performed the stack buffer overflow technique before the Morris Worm in 1988?
CVE-2025-4941 - Trend ZDI analyst @hosselot details the Firefox bug used at #Pwn2Own Berlin by Manfred Paul. Includes root cause analysis and video demo. zerodayinitiative.com/blog/2025/7/14…
Again an interesting bug, an excellent and very detailed report with PoC & exploit from 303f06e3🔥🔥🔥 [$50000][403211343][turboshaft]Improper Error Handling in LateLoadElimination for String Map -> RCE issues.chromium.org/issues/4032113…
[403211343][turboshaft] Remove LoopPeelingPhase chromium-review.googlesource.com/c/v8/v8/+/6360…
Mini Writeup of CVE-2025-6554. POC by @DarkNavyOrg. All errors in writeup my own. gist.github.com/mistymntncop/3…
Leak hole PoC for Chrome in-the-wild vulnerability CVE-2025-6554 published yesterday: github.com/DarkNavySecuri…
(CVE-2025-2783)[405143032][mojo] Google Chrome Sandbox Escape(exploited ITW) is now open(PoC & exploit are restricted🥲) issues.chromium.org/issues/4051430… Reported by @oct0xor @2igosha
Exploited ITW (CVE-2025-2783)[405143032][mojo] Receiving/sending sentinel handle values over IPCZ -> misinterpreted by OS function(Windows) -> .. chromium-review.googlesource.com/c/chromium/src… learn.microsoft.com/en-us/windows/… issues.chromium.org/issues/40077590 chromereleases.googleblog.com/2025/03/stable… @oct0xor @2igosha
Check out our first blog post about V8 CVE-2024-12695: bugscale.ch/blog/dissectin…
This weekend, I gave a talk on web browser security research at a student-organized conference. I tried to make the talk reasonably beginner-friendly, so the slides (linked here) could hopefully be useful to someone as a learning resource. docs.google.com/presentation/d…
RE: CVE-2025-5419 - vuln allows you to read uninitialized memory by removing an initializing store.
The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" docs.google.com/presentation/d…
Some of my analysis of several Map related bugs and vulnerabilities while learning v8. xia0.sh/blog/visit-the…
"WebAssembly Is All You Need:Exploiting Chrome and the V8 Sandbox 10+ times with WASM" by @0x10n Worth a watch :) youtube.com/watch?v=nb1so4…
My writeup for CVE-2024-7971. Just a POC. Let me know if u have any questions. github.com/mistymntncop/C…
`People talk about exploits as if they are "weapons", but really, they are fragile and stunningly improvisational rube goldberg machines.` ~@halvarflake youtube.com/watch?v=bl2U1p…