Olivia
Online
four0four
@f0ur0four
Student | Security Researcher | CTFs with @ARESxCTF, @malta_ctf
Joined July 2021
976 Following
122 Followers
1.9K Posts
New research: We were able to access camera permissions and obtain user GPS coordinates across 20+ major mobile wallets by exploiting WebView misconfigurations. Here's how ↓
See how a single race condition led to renderer RCE.
In our new article, we examine a high-severity TOCTOU bug between Blink and V8's WebAssembly compiler that allowed a benign module to pass validation while a malicious one was compiled. Because the Wasm JIT pipeline resides outside the V8 heap sandbox, this resulted in renderer RCE without requiring a V8 sandbox escape.
Read our full analysis: https://t.co/goryCX6yQs
We published a new research article on the Chromium 146 Renderer Process!
In this article, we start from the CVE-2026-3910 Maglev write barrier elision bug and walk through the full exploit chain: building a V8 heap R/W primitive via a GC-induced UAF, achieving an out-of-sandbox read using WebAssembly internals, abusing JSPI UAF and StackMemory / JumpBuffer, and ultimately reaching renderer process RCE.
Our goal was to provide a structured explanation of how modern V8 exploitation works in practice, from compiler-level bug analysis to sandbox-boundary primitives and final code execution. Huge thanks to our team member @m411k_ for conducting this research!
Check out the PoC!
Full article:
https://t.co/qezGcrklC1
ARESx has quallified to greyctf finals!!🇸🇬🇸🇬
Thank you @NUSGreyhats for hosting the quallifiers, we look forward to seeing everyone in singapore! 🚀
67
New engineering blog:
How @neo_ai_engineer's agent architecture evolved from one agent to plan → execute → verify.
What worked, what broke, what we learned building agentic tooling for real security work.
https://t.co/hQVbq9nwsa
A trivial bypass was fixed in DOMPurify 3.2.5 (https://t.co/anfo1wseaD). It works only if an attacker can write "-->". DOMPurify usually tries to prevent you from writing "-->" on attributes, but it can be written through DOMPurify hooks in some cases, for example. PoC👇
🔓 On an asset under our continuous monitoring, our pentester @nol_tech turned a SELECT-only PostgreSQL SQLi in Drupal (CVE-2026-9082) into a full RCE when DB role is superuser. Details below 👇
📝 https://t.co/R7F5XQ2vZD
🛠️ https://t.co/yRJ8zX1Nlb
#Drupal #PostgreSQL #RCE #SQLi
I won't keep you in mystery any longer, here's how I found an XSS vulnerability *in* Shazzer!
The chain involved some interesting browser techniques no sane developer could foresee. Check out the details below:
https://t.co/nY20Anz0VO
(and thanks @garethheyes for making Shazzer!)
"Dad, what was it like playing CTFs before AI?"
Despite how much has changed, it's shocking to see how much of our original designs/learnings from 2+ years ago are still relevant now. It's fun to look at old blog posts + code as artifacts from "long ago": https://t.co/dRh0bVW8hC https://t.co/jHEWAuDiKF https://t.co/DN94jFFUcq
StubZero: $148,337 RCE in Google Cloud Production
https://t.co/m7cBnSTaj4
Thanks everyone for playing! I talk about the solution here, as well as how I discovered this behavior while looking into the Chrome Sanitizer API: https://t.co/sJFM83OOFG
people are too busy in exploring chrome, kernel and other oss CVEs,
meanwhile a DOMPurify bypass was silently dropped 👀
https://t.co/OCzsMzrQ1t
That's a wrap on Pwn2Own Berlin 2026! 🏆 $1,298,250 awarded. 47 unique 0-days. 3 days of absolute chaos. And talk about main character energy - congrats to DEVCORE for claiming Master of Pwn with 50.5 points and $505,000 - they never slowed down. See you next year! #Pwn2Own #P2OBerlin
And this one is human insight w/ LLM-assisted research. Took about one week to finish everything. The AI really rescued me from a lot of tedious work
— excluding the part where it changed the Domain Admin password, locked me out, and claimed it got RCE 🤦
🐘 PHP JPEG bugs: how image parsing leads to memory corruption.
Our researcher Nikita Sveshnikov discovered two JPEG-related memory-safety bugs in PHP’s ext/standard: CVE-2025-14177 in getimagesize and a heap buffer overflow in iptcembed.
https://t.co/WCQWlfuPZl
That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉
I wrote this story in a blog post, starting with my old challenge and leading up to this point. Chromium has since patched this attack vector. The full post is linked below, hope you enjoy reading it ;)
https://t.co/cRm6YTGAND
ARESx is proud to announce that we have placed 5th on Lake CTF in Lausanne🇨🇭
Thanks to the organization for the great event @LakeCtf and hope to see everyone soon!! 🚩🚀
A little late but here it is :-)
I qualified for Dreamhack Invitationals '26 Finals and had the privilege of going to Seoul 🇰🇷 to participate in the finals. A huge thanks to @dreamhack_io for the invitation and for the great hospitality. I had an awesome time participating!
Last Seen Users on Sotwe
boşver gitsin deymez
Seen from Turkey
Rose🍑
Seen from Netherlands
𝘡𝘦𝘱𝘩𝘺𝘳𝘶𝘴 (HIATUS)
Seen from France
青筋暴起【互推私信】
Seen from Malaysia
18FESSS 
Seen from Malaysia
2026 Türk İfşa
Seen from Turkey
Şanlıurfa İTİRAF ve GİZLİ
Seen from Turkey
Liam Harding 700k
Seen from Netherlands
코코koko
Seen from Korea
Olgun KADIN hayranı
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers