Olivia
Online
k0shl
@KeyZ3r0
BOOMBAP!
China
Joined December 2016
207 Following
6.8K Followers
615 Posts
I think every old-school researcher has their own yet broadly similar experience, that must be a long story.🤭
I’ve got the MSRC stories, if you’ve got the beers.
Update to the Windows Insider Preview bounty program: General Awards for Elevation of Privilege and Information Disclosure are now split by finishing privilege, with award ranges increasing to $1,000–$8,000.
This change is designed to better align rewards with the impact of reported vulnerabilities.
Learn more on the Windows Insider Preview bounty page: https://t.co/Vr0pvfcEOi
Have a lovely night connecting with MSRC team and MVRs, thanks @msftsecresponse for inviting me to attend Black Hat Asia and MSRC Researcher Celebration😊”trust me, we all love MSRC” — via Yuki Chen
Thank you to everyone who joined us for the MSRC Researcher Celebration at Black Hat Asia. It was great to connect with so many in the community and spend time sharing ideas and conversations.
We appreciate the collaboration that drives this work forward and look forward to what we’ll build together next.
Today is my last day at Cyber Kunlun. I’ve gained many valuable experiences and unforgettable memories with this amazing team. Thanks all my awesome teammates! Becoming an independent security researcher will be a new challenge for me in 2026. Keep on keeping on!
Who to follow
sakura
@eternalsakura13
Lead Security Researcher @zellic_io. Top 3 Chrome VRP. Top 2 Facebook Whitehat. MSRC MVRs 9th. BlackHat Asia/USA & Zer0Con & OffensiveCon speaker.
starlabs
@starlabs_sg
A Singapore company that discovers vulnerabilities to help customers mitigate the risks of cyber attacks. Organisers of @offbyoneconf
Mmm
@hackyzh
Chrome GPU sandbox escape and Anroid Kernel Stuff.
And then, the vulnerability requires no specific user group or configuration — any normal user in a default environment can trigger it. Finally, it is an out-of-bounds read that leaks about 64 pages from the .data section, not the heap memory. It's simple and easy to exploit.🤣
This month MSRC fixed my Windows Defender info leak vulnerability CVE-2025-62468, but all acknowledgments are incorrect. First, I provided a working exploit, so it’s not “exploitable unlikely.”😅https://t.co/TXNxu8XPjU
@cplearns2h4ck sometime
I found a stack overflow bug in a win component that, unlike a typical stack overflow, reliably writes into the PAGE_GUARD region before the start of stack. Root cause is new to me, I’ve never seen this kind of crash before. It’s an interesting case, and I might share more soon😌
@bestswngs 实在是更不动了啊🥲
New challenge coin in my showcase😆@msftsecresponse
@cplearns2h4ck chief god
Our slide is online: https://t.co/vpdHxw7NV5
Glad to share our pre-auth DoS & RCE bug hunting research at #BHUSA! Thanks @BlackHatEvents for the pre-recording, as we couldn’t attend in person this time for personal reasons. Questions? DM us @vv474172261 @XiaoWei___ @edwardzpeng
We released our Fuzzilli-based V8 Sandbox fuzzer: https://t.co/eVkR1bl76n
It explores the heap to find interesting objects and corrupts them in a deterministic way using V8's memory corruption API. Happy fuzzing!
Well. Happy to be on the MVRs annual list again and again — twice in a year 😂! Ended up #11. Thanks @msftsecresponse and congrats all!
Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard.
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure.
We are excited to recognize this year’s Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report. Please join us in celebrating this year’s MVRs, including our top 10:
1. 🥇wkai
2. 🥈VictorV (@vv474172261)
3. 🥉Suresh Chelladurai
4. Anonymous
5. Brad Schlintz (@nmdhkr )
6. @0x140ce
7. Anonymous
8. Dhiral Patel (@dhiralpatel94)
9. Nan Wang (@eternalsakura13) and Ziling Chen
10. Adnan (@adnanthekhan)
See the full list of this year’s MVRs, in addition to our Azure, Office, Windows, and Dynamics 365 leaderboards: https://t.co/zlTjhLunQY
#bugbounty
During #BHUSA Briefing "Diving into Windows HTTP: Unveiling Hidden Preauth Vulnerabilities in Windows HTTP Services," we will discuss the different architectures of Windows HTTP services and share multiple previously undisclosed vulnerability cases and attacks. We will also summarize these new vulnerability patterns and provide a comprehensive interpretation of the security threats within the realm of Windows HTTP services. Register now >> https://t.co/XEhPRbKdoD
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure.
Today, we are excited to recognize this year’s 100 Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report. Please join us in celebrating this year’s MVRs, including our top 10:
1. 🥇 VictorV (@vv474172261)
2. 🥈 wkai
3. 🥉 Suresh Chelladurai
4. Anonymous
5. Adnan (@adnanthekhan)
6. Dhiral Patel (@dhiralpatel94)
7. Nan Wang (@eternalsakura13) and Ziling Chen
8. Anonymous
9. @0x140ce
10. Azure Yang (@4zure9)
See the full list of this year’s 100 MVRs, in addition to our Azure, Office, Windows, and Dynamics 365 leaderboards: https://t.co/8vhDhDpr3E
#bugbounty
In #BHUSA Briefings "Diving into Windows HTTP: Unveiling Hidden Preauth Vulnerabilities in Windows HTTP Services" where the speakers will discuss the different architectures of Windows HTTP services and share multiple previously undisclosed vulnerability cases and attacks. They will also summarize these new vulnerability patterns and provide a comprehensive interpretation of the security threats within the realm of Windows HTTP services. Learn more here >> https://t.co/TUpAPISjbT
Excited to announce our talk has been accepted by
@BlackHatEvents #BHUSA!🥳🥳🥳
In my part of presentation, I’ll cover logic-based pre-auth remote vulnerabilities uncovered via novel abuse of Windows native HTTP API.
Can't wait to see y'all in Las Vegas!
https://t.co/XMIhb60Bqz
Last Seen Users on Sotwe
Doyan ngentot tante
Seen from Indonesia
Göğüs Delisi
Seen from Turkey
สาวใหญ่
Seen from Thailand
𝐹𝒾𝑔𝓊𝓇𝑒 𝓞𝓾𝓽
Seen from Turkey
Big Ass Xxx Free Porn Videos & Sex Movies
Seen from Saudi Arabia
Isma Mtz
Seen from Pakistan
W
Seen from Thailand
Kênh Khẩu Dâm
Seen from Vietnam
deli
Seen from Turkey
mickey
Seen from Malaysia
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers