Olivia
Online
nevul37
@nevul37
Windows Security Researcher 😉
Joined April 2022
109 Following
66 Followers
29 Posts
Update to the Windows Insider Preview bounty program: General Awards for Elevation of Privilege and Information Disclosure are now split by finishing privilege, with award ranges increasing to $1,000–$8,000.
This change is designed to better align rewards with the impact of reported vulnerabilities.
Learn more on the Windows Insider Preview bounty page: https://t.co/Vr0pvfcEOi
We’re happy to release 𝐒𝐄𝐂-𝐛𝐞𝐧𝐜𝐡 𝐏𝐫𝐨: a benchmark for measuring the bug-hunting capabilities of AI agents in critical software systems such as Chromium V8, Firefox SpiderMonkey, and more.
Explore the details here: https://t.co/gIMnS4Oohx
[1/2]
CVE-2026-32223: heap overflow in usbprint.sys (IOCTL 0x220064).
Malformed USB descriptor, Named Pipe spray + Ghost Chunk for kernel leak, forged IRP, SYSTEM.
Writeup: https://t.co/EMSyWCPsVL
#CVE_2026_32223 #WindowsKernel #LPE #vulnresearch
We recently achieved guest-to-host escape by exploiting a QEMU 0day.
We’ll share details on a new technique leveraging the latest glibc allocator behavior and what we believe is a novel QEMU-specific heap spray/RIP-control primitive.
Writeup coming next week.
🤯🤯🤯 Gemini 3 Pro + Live-SWE-agent hits 77.4% on SWE-bench Verified, beating ALL existing models, including Claude 4.5!!
🤖 Live-SWE-agent is the first live software agent that autonomously self-evolves on the fly — and it even outperforms the manually engineered scaffold used by the Gemini 3 Pro team (76.2%)
Some more of my bugs in Hyper-V are patched in this month's update. I'm able to exploit it to elevate privileges on the last 10 years of Windows. Also seems like more researchers are targetting this component now.
Ever wanted to debug the secure kernel but couldn't figure out how? Me too. It's awful.
But I eventually got it working and managed to do some cool stuff, so I documented my solutions here in case it helps anyone else: https://t.co/qvlH3s2XcF
How to reach the CTF finals
Other CTFs: study hard and grind to capture the flag
@Blackhatmea CTF: just trade flags 🥵☠️☠️☠️
Here is the PoC of the exploit for cve-2025-30712 as well as some of the code for the fuzzer i created to find the bug!
https://t.co/g82641DT2I
Whoah... $250000
(CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%)
https://t.co/KiQ6gHaHVj
https://t.co/5TXy8yIC0g
![xvonfers's tweet photo. Whoah... $250000
(CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%)
https://t.co/KiQ6gHaHVj
https://t.co/5TXy8yIC0g https://t.co/g2FWl24wkc](https://pbs.twimg.com/media/Gx8LeLaWcAA__Xu.jpg)
Here are the links to the recordings of my prior two webinars:
Debug of Hyper-V, Secure Kernel, VBS Enclaves, Defender, and other secrets: https://t.co/6moS4UdFWC
and Advanced Threat Analysis and Reverse Engineering using AI: https://t.co/BGkNXYzCnx
Windows Inter Process Communication – A Deep Dive Beyond the Surface, by @haider_kabibo
Part 1 https://t.co/WXPXxYwlbm
Part 2 https://t.co/vdZcjzy0J1
Part 3 https://t.co/Xymk9LDsCR
Part 4 https://t.co/zmAGonxDMj
Part 5 https://t.co/rUOLhwY1Sr
My ranking changed from 26th to 22nd with 662.5 points earned over the past year.
I placed 8th in the Windows category, collaborating with @develacker on the SEC-agent team.
Thanks to @msftsecresponse for the update, and to @ENKI_official_X for the support.
Our previously published Most Valuable Researchers (MVR) leaderboard contained inaccuracies due to technical issues on our end. We apologize for the error and have since resolved the issue. We’re now sharing a fully refreshed and accurate leaderboard.
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers by discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure.
We are excited to recognize this year’s Most Valuable Researchers (MVRs), based on the total number of points earned for each valid report. Please join us in celebrating this year’s MVRs, including our top 10:
1. 🥇wkai
2. 🥈VictorV (@vv474172261)
3. 🥉Suresh Chelladurai
4. Anonymous
5. Brad Schlintz (@nmdhkr )
6. @0x140ce
7. Anonymous
8. Dhiral Patel (@dhiralpatel94)
9. Nan Wang (@eternalsakura13) and Ziling Chen
10. Adnan (@adnanthekhan)
See the full list of this year’s MVRs, in addition to our Azure, Office, Windows, and Dynamics 365 leaderboards: https://t.co/zlTjhLunQY
#bugbounty
Congratulations to all the researchers named to this year’s Most Valuable Researchers (MVR) list, including: @vv474172261 @adnanthekhan @dhiralpatel94 @eternalsakura13 @0x140ce @4zure9 @KeyZ3r0 @nmdhkr @edwardzpeng @haifeili @thezdi @nevul37 @Xtytia0922 @scwuaptx @the1bernard @wh1tc @ycdxsb @Panther82Black @sim0nsecurity @Fatnass1F1ras @shhnjk @yuvalavra @crispr_x @scianto05 @niraj1mahajan @filip_dragovic @nvk0x @ashketchum_16 @guilhermesgi @c0d3nh4ck
CODEGATE CTF 재미있었어요. pwn가 너무 어려웠어요.
저는 Chromium RCE 와 Windows LPE 두 문제만 풀었어요.
SBX가 풀리지 않아서 슬퍼요.
운영 여러분 감사합니다!
🔥🔥🔥
Congratulations to all the researchers recognized in this quarter’s MSRC 2025 Q2 Security Researcher Leaderboard! Thanks to all the researchers who partnered with us for your hard work and continued dedication to securing our customers.
Learn more in our blog post: https://t.co/3xo0rk87zI
We also want to recognize the top 10 researchers in the leaderboard:
🥇wkai
🥈Brad Schlintz (@nmdhkr)
🥉@0x140ce
🥉 Zhiniang Peng (@edwardzpeng) with HUST & R4nger (@R4nger99) with CyberKunLun
5. VictorV (@vv474172261)
6. k0shl (@KeyZ3r0)
7. @wh1tc @ Kunlun lab& devoke & Zhiniang Peng (@edwardzpeng) with HUST
8. Jongseong Kim (@nevul37), SEC-agent team
9. Anonymous
10. Haifei Li (@HaifeiLi)
10. Nick Wojciechowski
Enki WhiteHat has detected activity where Kimsuky abuses GitHub as attack infrastructure.
Private GitHub repositories are accessed using PATs, leading to XenoRAT deployment.
See the full attack flow and the details of how Kimsuky approaches its victims:
https://t.co/WXfck17NHF
#APT #Kimsuky
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers