CVE-2025-4919: Corruption via Math Space in Mozilla Firefox

July 15, 2025 | Hossein Lotfi CONTINUE READING

It’s Time to Terminate the Terminator

Blog post

It’s Time to Terminate the Terminator

May 15, 2018
VBScript, Research, Microsoft

Running with Scissors: The Dangers of Cutting and Pasting Sample Code

Blog post

Running with Scissors: The Dangers of Cutting and Pasting Sample Code

May 02, 2018
Research, JSON

When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion

Blog post

When Java throws you a Lemon, make Limenade: Sandbox escape by type confusion

April 25, 2018
Java, Oracle, Research

Inverting Your Assumptions: A Guide to JIT Comparisons

Blog post

Inverting Your Assumptions: A Guide to JIT Comparisons

April 12, 2018
Webkit, JavaScript, Research

Tales from HallwayCon – Busting Myths Over Adult Beverages

Blog post

Tales from HallwayCon – Busting Myths Over Adult Beverages

March 29, 2018
Pwn2Own, Research, Techniques

Testing for Truthiness: Exploiting Improper Checks

Blog post

Testing for Truthiness: Exploiting Improper Checks

March 09, 2018
Microsoft, Pwn2Own, Research

VMware Exploitation through Uninitialized Buffers

Blog post

VMware Exploitation through Uninitialized Buffers

March 01, 2018
VMware, Exploit, Research, Pwn2Own

Pushing WebKit's Buttons with a Mobile Pwn2Own Exploit

Blog post

Pushing WebKit's Buttons with a Mobile Pwn2Own Exploit

February 12, 2018
Apple, Research, Exploit, MP2O, Pwn2Own

One man's patch is another man's treasure: A tale of a failed HPE patch

Blog post

One man's patch is another man's treasure: A tale of a failed HPE patch

February 06, 2018
HPE, Research, Metasploit

Automating VMware RPC Request Sniffing

Blog post

Automating VMware RPC Request Sniffing

January 19, 2018
VMware, Research