Olivia
Online
Patrick Ventuzelo
@Pat_Ventuzelo
Founder & CEO of @FuzzingLabs | Security Researcher focused on Fuzzing & Vulnerability Research | Rust, Go, Wasm, Browser, AI, Blockchain & Web3 Security
France
Joined January 2014
1.5K Following
3.6K Followers
5K Posts
Pinned Tweet
Here are the slides of my talk "Beaconfuzz - A Journey into #Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery" at @offensive_con 2022.
https://t.co/uORy7mb1oT
🛰️ We broke RTKLIB, the open-source engine behind centimeter-accurate GPS in drones, boats, autonomous vehicles & survey networks.
4 memory-corruption bugs in its RTCM3 / RINEX decoders. No auth. Reachable from a single crafted correction stream or one booby-trapped file.
1 OOB write + 3 OOB reads. A rogue NTRIP caster or a MITM'd stream is enough to crash or corrupt the positioning stack of a machine that moves itself.
Reported upstream, coordinated disclosure (RTKLIB #796–799).
Full write-up 👇
https://t.co/sb9nef0gF0
Excited to be there end of the year !!
Looking forward to show to the community what we have build with fuzzforge, our ai agents orchestration platform for embedded security !
🚀 FuzzingLabs has joined the OVHcloud Startup Program.
This will help us scale #FuzzForge, our platform orchestrating specialized AI agents for continuous offensive validation on firmware, binaries, and embedded systems, on sovereign European cloud infrastructure.
Aligned with what our customers in defense, industrial, and critical sectors need: sovereign, European & CRA-ready by design.
Thanks to the OVHcloud team for the support.
#Cybersecurity #AI #SovereignCloud #OVHcloud #FuzzForge
Who to follow
itszn
@itszn13
Amy | Security researcher @ OpenAI | https://t.co/W1SE7NmCx8 | bsky: https://t.co/JBmOGE4YKO | LLM ART: https://t.co/7FtQ8O8nAW
Connor McGarr
@33y0re
Software Engineer @CrowdStrike
s1r1us (mohan) 
@S1r1u5_
aham nityaṃ śiṣyaḥ, jagat mama guruḥ. {~hacker~} {founder @ElectrovoltSec, @HacktronAI}
🚀 FuzzingLabs is now part of the @NVIDIA Inception Program!
We're building FuzzForge, our AI agents platform leveraging GPU infrastructure for Continuous Offensive Validation on firmware, binaries & embedded systems.
Scaling fine-tuned Qwen, Gemma & DeepSeek for offensive security. 🔥
#NVIDIAInception #AI #Cybersecurity
We have been selected to join the Cyber Defense Factory, a program run by the French Ministry of Armed Forces.
This is a concrete validation of what we've been building with FuzzForge and a chance to test it on defense-grade use cases, working directly with DGA teams.
Six months of hands-on work, real targets, real feedback from people who know exactly what vulnerability detection security tools need to deliver.
Thank you to @DGA - Direction générale de l'armement, COMCYBER and the Agence de l'innovation de défense for making this possible.
Excited for what's ahead. 🔥
Last week at @offensive_con 2026, @_Noiche and @Pat_Ventuzelo presented "Navigating the MTE Landscape: iOS Memory Protection Deep Dive"
A tour through Apple's MIE: (E)MTE internals, XNU integration, kernel zalloc tagging policy, and the new XZone malloc in userland.
Slides 👇
https://t.co/Q9hZgBgrJf
#OffensiveCon #iOS #MTE
We got the email too.
We had a working RCE on Oracle Autonomous AI Database ready to demonstrate live at #Pwn2Own Berlin next week. ZDI confirmed they're at maximum capacity and can't add extra contest days.
AI is now generating offensive capability faster than the institutions built to process it can keep up.
We'll be in Berlin May 14-16 regardless. The conversations there will be really interesting!
New blog post: exploring NVIDIA’s open-source GPU drivers.
Kernel modules, IOCTL attack surface, mmap primitives, UVM internals, and CPU↔GPU interactions (pushbuffers → firmware).
Not just graphics: a large, exposed kernel surface.
https://t.co/2LO5vVXdM0
New training is live: Reversing Modern Binaries - Practical Rust & Go Analysis
4 days, hands-on, built from real malware (Luca Stealer & others).
Battle-tested at POC & REcon.
🎟️ Launch -20% with REVERSE20
Prefer in-person? See you at REcon Montreal 🇨🇦
👉 https://t.co/GLdOBfKqnR
Our team found a Poseidon hash collision in Solana's Agave VM crypto syscall.
Two distinct byte inputs → same field element → same Poseidon output. Affects both Agave and Firedancer via implicit padding paths.
Full write-up:
https://t.co/zYoJaGdeUE
Good job by @Ectari0
We reproduced and analyzed CVE-2026-23111, a Linux kernel vulnerability in nftables that led to a use-after-free which we leveraged to achieve local privilege escalation.
Full write-up:
https://t.co/cc0kG97fmK
🏴☠️ Proud to sponsor @ph0wn CTF 2026 this weekend including the Skull Island badges!
Amazing hardware/IoT CTF as always. Big thanks to @cryptax and the whole team for the incredible challenges.
https://t.co/ZtHWjaNlkc 🐊
#Ph0wnCTF #CTF #IoTSecurity #HardwareSecurity
🚀 New training live: Masterclass – Scapy for Offensive Security
Learn how to:
• Craft & manipulate packets
• Build & fuzz a DNS server
• Do differential fuzzing
• Reproduce real CVEs
• Analyze parsing & overflow bugs
Hands-on. Offensive. Practical.
Enroll 👇
https://t.co/q4lqKNQRqo
We just rewrote FuzzForge from scratch and open-sourced it.
Old: Temporal + MinIO + workers + backend. Heavy.
New: CLI + MCP server + containerized modules. Zero infra.
🖥️ Runs fully local
🧠 Plug your favorite LLM (Copilot, Claude, local models…)
🔗 AI agents orchestrate full security pipelines via MCP
Demo: 4 modules, 3 min, 994 crashes → 3 unique bugs.
AI-native security research.
https://t.co/cfAqPPV1Fw
🇨🇦 FuzzingLabs at @reconmtl Montréal 2026!
This June, we’re delivering 3 advanced, hands-on trainings at REcon:
🦀 Rust Development for Cyber Security
🔍 Reversing Modern Rust & Go Binaries
📡 Attacking Real-World IoT & Embedded Devices
📅 June 15–18, 2026
🔗 https://t.co/RQnWfG2RJK
Deep technical content. Real-world targets. No fluff.
See you in Montréal 👋
@AndrewMohawk @gecko_sec Yes they made an public announcement and modified there blogposts. Tldr: their AI SAST rediscovered public bugs
We won our entry at #Pwn2Own Automotive 🏆
🎯 Target: Phoenix Contact CHARX SEC-3150
🔓 Auth bypass + priv esc
💰 $20,000
⭐ 4 Master of Pwn points
Congrats to Julien & the team.
Thanks to @thezdi
#Pwn2Own #Infosec #AutomotiveSecurity
🚀 Open-sourcing MCP Security Hub
A growing collection of MCP servers bringing security tools to AI assistants
Nmap, Ghidra, Nuclei, SQLMap, Hashcat... and we're just getting started
Contribute your favorite tools 🛠️
⭐ https://t.co/SoKv2T1k1z
I'm very proud to announce that @ethrex_client is now one of the fastest @ethereum clients, right behind @Nethermind, which still leads by a small margin.
A little over a year ago, we set out to provide the market with an smaller, simpler and reliable alternative to reth. I believe we've achieved exactly what we set out to do.
We just pushed a PR that improved performance by 25% in the last few hours. The image shows numbers from the last 6 hours of @ethPandaOps mainnet testing.
We built all this with the top notch talent at @class_lambda in just one year, without any AI assistance. Last week we incorporated @claudeai into our workflow, and we believe it will significantly enhance our decision making and accelerate results further.
@alignedlayer is developing, with our help and @3miLabs, a new RISC-V zkVM that I believe will be simple, well-documented, and one of the fastest on the market.
Thanks to the @ethereumfndn for its help and support but particularly to all the partners and employees of @class_lambda that have been working very hard for this to happen.
If you can, please give the dinosaur Ethrex a star on GitHub and join the Telegram!
Confirmed! Julien COHEN‑SCALI of @FuzzingLabs targeted the Phoenix Contact CHARX SEC‑3150, chaining two vulnerabilities - an authentication bypass and privilege escalation - to earn $20,000 USD and 4 Master of Pwn points. #Pwn2Own #P2OAuto
Last Seen Users on Sotwe
Lucas Nguyễn
Seen from Vietnam
Sol
Seen from France
Cô Giáo Thảo
Seen from Indonesia
21 D.bakır 21
Seen from Germany
Jorgi
Seen from Indonesia
แม่nok
Seen from United States
سالى المتحررة
Seen from Saudi Arabia
Maxi Boeing
Seen from Brazil
小语mm
Seen from United States
cupcake 🔞💦🌹🥰
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers