Kirin @Pwnrin
Everything will be fine. Joined September 2017-
Tweets185
-
Followers2K
-
Following123
-
Likes2K
Whoah... $250000 (CVE-2025-4609, similar to CVE-2025-2783/412578726)[412578726][Mojo][IpczDriver]ipcz bug -> renderer duplicate browser process handle -> escape sbx is now open with PoC & exploit(success rate is nearly 70%-80%) issues.chromium.org/issues/4125787… issues.chromium.org/issues/4125787…
(CVE-2025-4609)[412578726][Mojo][IpczDriver]Incorrect handle provided in unspecified circumstances chromium-review.googlesource.com/c/chromium/src… Reported by Micky on 2025-04-22
Just finished a new blog sharing an interesting example demonstrating the power of cross-operating system vulnerability variant analysis! Check it out here: github.com/wangtielei/Sli… Hope you like it.
You can the slides for my today’s @bsidesbud talk (Apple Disk-O Party) on my site: theevilbit.github.io/talks/
Thrilled to share our latest deep dive into Windows Kernel Streaming! Just presented this research at @offensive_con. Check it out: devco.re/blog/2025/05/1…
My writeup of the 2023 NSO in-the-wild iOS zero-click BLASTDOOR webp exploit: Blasting Past Webp - googleprojectzero.blogspot.com/2025/03/blasti…
@theevilbit Perhaps it's due to different reviewers. In fact, my single category TCC bypass in 2023 still received 15.5k. Only issues that involve restrictions (root permission) or require user interaction would be awarded 5k.
@theevilbit I asked Apple half a month ago if there was any error in this CVE description. Apple didn't reply or correct it (BTW, the inspiration for this issue is from your paper in BlackHat).
@theevilbit Yes, I'm OK with this. It's just that one month's reply is too long. What's worse is that this issue has not been fixed. Once again, Apple confused my report with others.
I've just published a new blog post detailing how I developed a deterministic kernel exploit for iOS. Enjoy! alfiecg.uk/2025/03/01/Tri…
New writeup: CVE-2025-24104 – Apple’s bug allowed arbitrary file reads outside the sandbox. While iOS 18.3 added a mitigation, it doesn’t fully fix the issue. I even bypassed it since my recommended fix wasn’t followed. Read more 👉 github.com/ifpdz/CVE-2025… #AppleSecurity #CVE2025 #InfoSec
Two new posts from @tiraniddo today: googleprojectzero.blogspot.com/2025/01/window… on reviving a memory trapping primitive from his 2021 post. googleprojectzero.blogspot.com/2025/01/window… where he shares a bug class and demonstrates how you can get a COM object trapped in a more privileged process. Happy Reading! 📚
New Blog Post: jhftss.github.io/Endless-Exploi… Tell you more about what I didn’t talk about at the #OBTS 7 @objective_see
New Blog Post in 2025: jhftss.github.io/CVE-2024-54527… Tell you more about the AMFI👻
🍎🪳Second part of the diskarbitrationd - storagekitd vulnerability blog series is out on @KandjiOfficial 's blog. These vulnerabilities were presented at @BlackHatEvents #BHEU2024 and @POC_Crew #POC2024 conferences. kandji.io/blog/macos-aud…
iOS 17 PoC, Here’s how u can leak any iCloud app data by copying and pasting two completely unrelated files. jamf.com/blog/tcc-bypas…
My slides for the OBTS is here: github.com/jhftss/jhftss.… Exploits: github.com/jhftss/POC Blog will be posted after the fix of the variant issue.
As promised, I just dropped a dozen new sandbox escape vulnerabilities at #POC2024 If you missed the talk, here is the blog post: jhftss.github.io/A-New-Era-of-m… Slides: github.com/jhftss/jhftss.… Enjoy and find your own bugs 😎
Actually, 15+ new sandbox escape vulnerabilities discovered. All of them are simple logic issues. You may find your own sandbox 0-days by yourself after listening to this talk!🔥🔥🔥
crazyman_army @CrazymanArmy
6K Followers 2K Following CTFer / APT hunter / RedTeam / BlueTeam the member of @r3kapig the leader of @ShadowChasing1 CVE-2022-30190 find job opportunities opinions are own not group
C0ss4ck @CossackWang
2K Followers 449 Following Cloud Security | Long live the great unity of the people of the world!
Mas0n @Mas0nShi
2K Followers 890 Following Member of @Zeroverse_ai, Former CTFer @Nu1L_Team. Aspiring reverse engineer | Binary security padawan🌱"The more I learn, the less I realize I know"
Danis Jiang @danis_jiang
3K Followers 1K Following Yuhao Jiang / former ctfer @ Vidar-Team / Security Researcher @ Ant Group Light-Year Security Lab / GeekPwn 2022 / Pwnie Awards 2023 / Tianfu Cup 2023
Matteo Rizzo @_MatteoRizzo
3K Followers 587 Following Not used anymore, you can find me on Mastodon at @[email protected]
HackSys Team @HackSysTeam
10K Followers 636 Following Vulnerability Research, Kernel Exploitation, Reverse Engineering, Exploit Development, Program Analysis, Malware Research, Web, Machine Learning
Immunefi @immunefi
75K Followers 640 Following Immunefi is the leading security platform for blockchains. Over $180B of user funds protected across 650+ protocols.
Adam Doupé @adamdoupe
6K Followers 1K Following Former DEF CON CTF organizer. Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.
kirby swift @kirby_swiftios
4 Followers 30 Following
boulevard @fakeboulevard
0 Followers 90 Following
ひなちゃん @hina_sauce
9 Followers 198 Following
White Coat Black Cat @medsci_yb3r
1K Followers 7K Following #Indigenous Researcher del T8. Completing my MD/MSc. Specialized in: Applied Psych, BioSci, Native Studies, #Neuro & #Cybersecurity. #LongCovid Advocate.
Owen Pawling @OwenPawling
0 Followers 3 Following
sen @senpagax
256 Followers 2K Following
Space Cadet @BwompWomp
42 Followers 344 Following Fastest cowboy in the us-west-2; matrix: (at)douglas:https://t.co/ZIByNMBw5g
Senor Dickhead @SenorDickead
1 Followers 69 Following
Madhav Gokalani @MGokalani
44 Followers 206 Following
dᴉlℲ ouᴉlɹɐƆ @FlipCarlino
4K Followers 884 Following B̷̺̳̮̪̜͙̖̞͗̍̇̚̚̚͝ü̶͕̫͎̙͈̹̟̟̈́̂́̅̈͐̈́͘͘̕ͅġ̶̗̥̖̟̙̱͐̈̈ ̶̪͓̦͓̪̙͈͍̂̐͛̇̽H̶̨̱͙͙̝̏͛̂̎̐̾́̀ͅų̸̡̪̘͈̜̞͓̔́̊͒̐̅̚͜͠ͅn̸̛̦̱̻̫̒̀͂̎̋͑̈́̾̓̓ͅt̷͔͓̘̮̗̺͉̟̿̏ė̵̢͙̝̫̪̦͐̌̄r̴̥̹̔̎̒̔͒̒͒̆
AISecHub @AISecHub
9K Followers 7K Following 🚀 AISecHub | AI & Cybersecurity | Securing AI systems, and sharing insights on emerging challenges | https://t.co/YeYtqq5tJC
Elliptyc @elliptyc
2 Followers 767 Following
Andrei Sorescu @realasorin
1 Followers 241 Following Hiking through life, security researching in the meantime.
Nurul @nrlaminbd
0 Followers 211 Following
Sly Bacalso @slyintist
1 Followers 129 Following
보보 @bqhqeel
2 Followers 17 Following
Guy @TheSecGuy
4 Followers 517 Following
Pearl Ruecker @PearlRueck97875
135 Followers 5K Following
Anonymous Dominicana @Anonymous_DR
2K Followers 111 Following We Support the people Rights #hacktivist #anonymous #AntiCensorship #antisec
Sky Grip @skygrip777
6 Followers 675 Following
@demo_lvrs @demo_lvrs
17 Followers 318 Following i'm never gonna know you now but i'm gonna love you anyhow
Regis Filbuerne @filbuerne
121 Followers 4K Following Hacker, Maker, all-around Curious Lad, Q-theory post-doc
Daniel @dancr0i
2 Followers 740 Following
iam_tanmay_ tayade @TanmayIam63092
0 Followers 159 Following
xarkes @xarkes_
899 Followers 637 Following
Brian Halbach ☕️ @brianhalbach
1K Followers 6K Following Who has two thumbs and can count to ten. Does cyber security things | abyss gazer | opinions are my own | (he/him)
KingSlayer @gaurav99071SIFF
149 Followers 724 Following Nation first. Human Rights Activist. Fight against misuse of laws.
H Ancient @4ncientH
11 Followers 46 Following
DongHa Lee @gap_dev
420 Followers 119 Following Vulnerability Researcher in KR 👋 / / [email protected]
Real @realoxygen007
3 Followers 140 Following
Mohammed | مُحَم... @mmuteb_
3K Followers 1K Following Mobile (Development/Security/Forensics) | DevSecOps
Sambam4mba @he31707900
18 Followers 2K Following Bor3d hacker of iot devices, security researcher? Security Breacher!
SpaceBurn @SpaceBurn_
146 Followers 2K Following I’ll get back to you on that one 🇦🇺 | he/him | 🏳️🌈 | Private: @SpaceBurn_Priv
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Project Zero Bugs @ProjectZeroBugs
37K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
TrendAI Zero Day Init... @thezdi
89K Followers 16 Following TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
Alex Plaskett @alexjplaskett
14K Followers 584 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Zhuowei Zhang @zhuowei
31K Followers 188 Following link in bio ⬛⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩 ⬛⬛⬛⬛🟩🟩🟩🟩🟩🟩🟩🟩 ⬛⬛🟧⬛🟩🟫🟫🟫🟫🟫🟫🟩 ⬛⬛🟧⬛🟫🟫🟫🟫🟫🟫🟫🟫 ⬛⬛🟧🟧🟫🟧🟩🟧🟧🟩🟧🟫🟧 ⬛⬛🟧🟧🟫🟧🟫🟧🟧🟫🟧🟫🟧 ⬛⬛⬛🟧🟧🟧🟧🟧🟧🟧🟧🟧🟧 ⬛⬛⬛🟩🟩🟧🟧🟫🟫🟧🟧🟩🟩 ⬛🟫🟫🟫🟫🟫🟧🟧🟧🟧🟩🟩🟫 🟫🟫🟧🟫🟫🟫🟫🟩🟩🟩🟩🟩🟧 🟫🟧🟧🟧🟫🟫🟧🟫🟫🟩🟩🟧🟧
Samuel Groß @5aelo
25K Followers 524 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Julien | MrTuxracer �... @MrTuxracer
39K Followers 443 Following Founder of @rcesecurity | #BugBounty | @Hacker0x01 MVH && H1-Elite | $1,5+ Mio in Bounties | Mobile Hacker | @[email protected]
ohjin @pwn_expoit
4K Followers 453 Following I'm still hungry. I will be world-class, @[email protected]
simo @_simo36
7K Followers 126 Following
stephen @_tsuro
10K Followers 525 Following @v8js security, CTFs and CPU vulnz. LCHL. @[email protected]
ϻг_ϻε @steventseeley
23K Followers 557 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Immunefi @immunefi
75K Followers 640 Following Immunefi is the leading security platform for blockchains. Over $180B of user funds protected across 650+ protocols.
SSD Secure Disclosure @SecuriTeam_SSD
24K Followers 2 Following SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. [email protected]
Thach Nguyen Hoang �... @hi_im_d4rkn3ss
4K Followers 350 Following Security Researcher @starlabs_sg. Pwn2Own Mobile 2020, 2021, 2022, 2023. Pwn2Own Vancouver 2022, 2023, 2024, 2025.
Jonathan Bar Or (JBO)... @yo_yo_yo_jbo
4K Followers 1K Following Hacker, security researcher at @Crowdstrike. Ex @Microsoft Defender. Linux, Windows, Android, MacOS, iOS, ChromeOS, bare metal. 日本語オーケーです👌
TyphoonCon🌪️ @typhooncon
8K Followers 4 Following TyphoonCon is an annual all Offensive Security Conference, taking place May 24-29, 2026 in Seoul, South Korea 🌪️
.. @R00tkitSMM
11K Followers 853 Following
L4ys @_L4ys
4K Followers 1K Following Co-Founder of @TrapaSecurity and @PwnableTW MSRC Top 100 / ZDI Platinum Hunting bugs for fun
Synacktiv @Synacktiv
21K Followers 274 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.
Ron Masas @RonMasas
2K Followers 252 Following trying to predict the next token to make you think i’m a security researcher.
Code4rena @code4rena
41K Followers 547 Following Web3 security, on demand. $20M+ in rewards paid. 1600+ High Severity vulns found. Zero platform fees.
slipper🩴 | Offside... @0xslipper
818 Followers 173 Following Hack🥷everything you see and you like⚠️🩴🪨 Founder & CEO @Offside_Labs
Gergely Kalman @gergely_kalman
2K Followers 457 Following bug bounty hunter I guess @[email protected]
Hossein Lotfi @hosselot
7K Followers 60 Following Application security specialist at ZDI (views are my own). Check #hosselot_tips for vulnerability research tips.
Huke @08Tc3wBB
14K Followers 348 Following iOS/macOS Security Researcher. Jailbreak exploit Developer.
William Bowling @wcbowling
6K Followers 417 Following Head of Assurance at @zellic_io, a.k.a vakzz when doing bug bounties and CTFs with @pb_ctf - https://t.co/9bjECLAwXg
pwning.eth | Offside ... @PwningEth
6K Followers 21 Following the newest pwn star on the block(chain)! won $8M+ bounty✨ for protecting $300M+ funds at risk🔥| Whitehat @Immunefi Hall of Fame 🏆| @Offside_Labs CTO
@[email protected]... @qwertyoruiopz
118K Followers 861 Following I no longer use Twitter. Mastodon: @[email protected], IRC: https://t.co/Fl1O3K3DTV #chat
Zhiyi @zhiyi___
505 Followers 545 Following 2023 MSRC MVR #3;2022 MSRC MVR #7;2019 2020 MSRC Top 100;Chromium Bug Hunter;Tweets are my own.
Firefox 🔥 @firefox
2.1M Followers 509 Following The only non-profit-backed, people-first browser. Help: @FirefoxSupport
quarkslab @quarkslab
12K Followers 13 Following Securing every bit of your data https://t.co/hqdd8jMkYM https://t.co/GOXPtukIXE
BearerX @bearergo
4K Followers 730 Following $2a$10$zZkCdXkZTIvf0mPslz4lMOlbWSWFRvRPFG2dz9.UJUpuSVm5C560q
Mobile Security @mobilesecurity_
31K Followers 1K Following Mobile Security ✌🏻 #MobileSecurity #AndroidSecurity #iOSsecurity
@Pwn20wnd @Pwn20wnd
205K Followers 287 Following Hacker @unc0verTeam. Jailbroke iOS 11.0-14.8. Helping Apple make iOS more secure by unc0vering real security issues. #unc0ver
Manfred Paul @_manfp
5K Followers 311 Following Security but not as in "national security". Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2024\{2023}. @[email protected]
Linus Henze @LinusHenze
26K Followers 22 Following macOS and iOS Fan. CTF with @allesctf and @Sauercl0ud. Founder @pinauten. they/them
WebKit @webkit
36K Followers 26 Following Official Twitter account for the WebKit Open Source Project — the web browser engine that powers Safari and other apps on macOS, iOS, Windows, and Linux.
GitHub Security Lab @GHSecurityLab
27K Followers 15 Following GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
Maddie Stone @maddiestone
62K Followers 796 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.Trends for United States
You might like
