CVE-2025-23298: Getting Remote Code Execution in NVIDIA Merlin

September 24, 2025 | Peter Girnus CONTINUE READING

Pwn2Own Toronto 2023 - Day One Results

Blog post

Pwn2Own Toronto 2023 - Day One Results

October 24, 2023
Pwn2Own

Pwn2Own Toronto 2023 - The Full Schedule

Blog post

Pwn2Own Toronto 2023 - The Full Schedule

October 23, 2023
Pwn2Own, Synology, Western Digital, QNAP, Sonos, Xiaomi, Samsung

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

October 18, 2023
Apple, Safari, Underflow, Research

The October 2023 Security Update Review

Blog post

The October 2023 Security Update Review

October 10, 2023
Adobe, Microsoft, Security Patch

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

October 05, 2023
Sony, Automotive, Infotainment, Research

Finding Deserialization Bugs in the SolarWinds Platform

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

The September 2023 Security Update Review

Blog post

The September 2023 Security Update Review

September 12, 2023
Apple, Cisco, Adobe, Microsoft, Security Patch

Looking at the ChargePoint Home Flex Threat Landscape

Blog post

Looking at the ChargePoint Home Flex Threat Landscape

September 07, 2023
ChargePoint, Automotive, Attack Surface

Revealing the Targets and Rules for the First Pwn2Own Automotive

Blog post

Revealing the Targets and Rules for the First Pwn2Own Automotive

August 29, 2023
Pwn2Own, Automotive, EV, IVI

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit