CVE-2020-16040 #GoogleChromeBug analysis. #Google#Chrome's V8 JIT compiler's SL VisitSpeculativeIntegerAdditiveOp was setting Signed32 as restriction type, even when relying on a Word32 truncation, skipping an overflow check.
🔗https://t.co/cc2xDIMHZq
#infosec#exploitdev
In light of the issue page for CVE-2024-5274 being made public. Me and @buptsb have decided to make our exploit public. It's a bit different than the issue page POC.
https://t.co/goBkUUIoWX
I'm very excited to share my blogpost series (including PoC code) about a remote, interactionless iPhone exploit over iMessage: https://t.co/9FNpYQIyWE
These #Phrack articles by @5aelo are the best primers on attacking #JavaScript engines
A case study of JavaScriptCore and CVE-2016-4622
https://t.co/Wkj0e1UwRO
#Exploiting Logic #Bugs in JavaScript JIT Engines
https://t.co/0Nbxq6cNOh
Sharing another V8 Sandbox design document more widely: https://t.co/h29nL4uBEM
This one discusses how to protect code pointers - probably the most performance sensitive part touched by the sandbox - with (almost) no performance overhead.
In 1890, Henri Poincaré proved the non-existence of the uniform first integral of a three-body problem and the sensitive dependence to initial conditions of its trajectories. Yet, stable solutions to it do exist
[read more: https://t.co/DwYrXLncFh]
https://t.co/haECKnWsfp
Via ESA’s Sentinel-1 multi-temporal #satellite imagery; we can identify #electromagnetic anomalies of ground based transmissions, revealing locations of various phased array #radar systems including surface-to-air systems. 6 day orbital repeat cycle, 1.5 day revisit time #GeoInt