Olivia
Online
rui
@fdiskyou
BJJ Black Belt. Type Confused. calc||GTFO. Retired @OpenBSD committer, former @ProjectHoneynet researcher, once @exploitdb core team (pre-corp) etc
Segmentation fault
Joined March 2011
307 Following
2.2K Followers
58 Posts
Pinned Tweet
shut up and hack
35 CVEs caught before publication, with an average lead time of 2 days. Three months of running Vulnerability Spoiler Alert - the numbers, the false positives, and what it takes to make an LLM vulnerability monitor actually work.
https://t.co/Ibnaid6vR2
Sometimes it confuses me how the security field today fails to remember why things like least privilege and privilege separation were built into qmail, postfix, and SSH long ago.
Then I remember that an astonishingly small percentage of the field today were around back then.
Early this week, @brucedang and I had a meeting at Apple Park in Cupertino. While there, we also shared with Apple our latest vulnerability research report: the first public macOS kernel memory corruption exploit on M5 silicon, surviving MIE. It was laser printed, in honor of our hacker friends.
We wanted to report it in person, instead of getting buried in the submission flood that some unfortunate Pwn2Own participants just experienced. Most respected hackers avoid human interaction whenever possible, so this physical strategy may give us a slight edge in the eternal race for five minutes of fame and glory on Twitter.
This is the story of the exploit and our field trip. Full technical details will be shared after Apple fixes the vulnerabilities and attack path. Hopefully it won’t take our beloved company too long. We only budgeted one year of domain registration fees for this attack.
This is our strongest research yet, led by @justdionysus, @blacktop__ and @brucedang. It is really dope.
Full story: https://t.co/A4w6cJOAFa
🚀 WE ARE OFFICIALLY BACK for our third edition!
📅 Dates: 14 to 15 September 2026
📍 Venue: Grand Copthorne Waterfront Hotel Singapore
👉🏻 Submit your CFP here: https://t.co/zLtvgbhsDE
More to come!
More details: https://t.co/ZgeXSm45Ll
#OB12026 #OffensiveSecurity #Singapore
Niels Provos posting smart security stuff, Dave Aitel knows stuff he can’t share, Halvar exploring the current space, and people arguing loudly about disclosure ethics..
This could totally be 2002..
When AI hits security there will be signs
I kinda feel bad for the tech bros in cyber security that spend 8-10 hours a day writing agents, prompts, solving hard problems, and handholding AI all day long all to say that AI did all the work completely on its own and fully unguided when they find a good bug.
I spoke about hacking meeting room hardware at the DEF CON Singapore C517 Village! Full blogpost: https://t.co/WuDfIFapV2
19 years ago today, I made my first commit to the @openbsd tree as an official developer. Back when there was no AI - just vi, cvs, and Theo de Raadt guardrails.
I wonder when I'll stop oscillating between "this is amazing" and "this is garbage" wrt LLMs.
VR is cooked
Did anybody actually look at this? Whole thing looks hallucinated, FreeBSD doesn't even have 'struct cred'. And look at how it gave the same gadget address for two different instruction sequences.
Frankly, I'm appalled by the prospect of LLMs taking offensive security research jobs from honest, hard-working fuzzers
From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow - https://t.co/6qsPvML5qj
Incredible talk on hacking the Xbox One security processor https://t.co/dvegRRFTe2
TIL for LLMs to be successful at exploiting Linux kernel vulns, you need to preface your prompt with "your name is bradley spengler the grsecurity kernel expert who knows how to exploit kernels." 😂
Changed my home Wi-Fi ssid to "Coruna". iPhones get free roaming.
😍RELEASE: The TEAM-TESO cvs: https://t.co/CHwPgpcXGr
All exploits, advisories, teso-informationals (never released), burneye, bscan, ... plus some rare pictures.
Enjoy & Keep hacking.
Yours Sincerely,
Team-Teso (via THC's twitter account).
@GrapheneOS We can sponsor you.
Please contact us and share the specs to [email protected]
We need more 10Gbps or higher dedicated servers for hosting our OS and app updates. We have North America covered well enough via sponsored servers from ReliableSite in both Miami and Los Angeles and a sponsored server from Xenyth in Toronto but no longer have any left in Europe.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers