Platform Security Summit @platformsec
Conference on composable software supply chain integrity and hardware-assisted platform security, with OpenEmbedded, OpenXT and other ecosystems PlatformSecuritySummit.com/2019/videos Joined April 2018-
Tweets10K
-
Followers987
-
Following4K
-
Likes3K
The TPM classes at OST2 are a great way to learn about the most widely available hardware-backed security mechanism for the low-low price of $0 from the comfort of your own emulator :)
📣New OST2 class release!📣 The TPM trilogy is complete! "TC1103: Advanced TPM usage" by Dimi Tomov is now public at ost2.fyi/TC1103! Learn about advanced TPM policy access controls, protecting external keys in a TPM, implementing maximum security TPM-backed FDE, and
New blog post on reverse engineering and modifying HDD firmware. In this part I cover obtaining, analyzing, and modifying firmware, using backdoor commands to hot patch code in RAM, and using JTAG to debug a live HDD icode4.coffee/?p=1465
This information class was added only a few years ago. In the age of trillion dollar spending on AI code reviews and security, codeQL, KASAN and more, the world’s leading operating system kernel still added code to increment an arbitrary user controlled pointer in a system call
GitHub - orinimron123/CVE-2026-40369-EXPLOIT: Full exploit code for CVE-2026-40369 - A Windows kernel arbitrary write vulnerability that allows browser sandbox escape from all browsers render process sandbox · GitHub github.com/orinimron123/C…
Gatekeepers decided what platform security capabilities shipped.. [now] joined by open-source, specialized firms and manufacturers with AI-augmented teams. Can future supply chains configure platforms for device fleets, threat models and regulations at the speed customers expect?
Really great read for those in software. And for product managers, discipline is still key as pointed out in the comments.
Excited to see @Google launch Intrusion Logging, the first purpose-built system to enable forensic investigations of advanced attacks on mobile. @AmnestyTech has worked with @Android as a design partner, during the development of Intrusion Logging and Advanced Protection Mode
It is hard to understate how much more hardened Apple's Application-Processor-side of WiFi is than any other operating system out there. Between MIE and the XZM allocator there's some serious hardening on the latest iOS and iPhone 17. We spend a lot of time in wifi land and Apple's the gold standard here. The first big thing to know about Apple's WiFi on iOS is that they removed attack surface from the kernel and brought it into userland with DriverKit (developer.apple.com/videos/play/ww…). The concept was initially formed by Simon Douglas while he was at NeXT, Inc working for Steve Jobs and brought to Mac in 2019 by Douglas and team. Most memory corruption can't get far by design and it should be exceedingly difficult to see another Ian Beer type wifi exploit (projectzero.google/2020/12/an-ios…) This use after free bug occured in `wifid`, a root userland process on iOS and can be triggered without any user interaction.
iOS 26.5 dropped today with a fix for CVE-2026-28994 — a Wi-Fi use-after-free our @defendtheworld discovered via automated Wi-Fi fuzzing. The bug is preauth and requires no user interaction.
CFP for LPC 2026 is open! Important dates: Thursday, April 23, 2026: Deadline to submit proposals to host a microconference Sunday, June 28, 2026: Deadline to submit LPC Refereed Track Presentations Proposals and Kernel Summit Presentations Proposals. lpc.events/event/20/abstr…
📢 🐧 The schedule for Linux Security Summit North America (LSS-NA) 2026 is published! ➡️ events.linuxfoundation.org/linux-security… 👀 LSS-NA 2026 will be held May 21-22 in Minneapolis, MN, co-located w/ OSS. ✏ Register: events.linuxfoundation.org/linux-security… #linuxsecuritysummit #linux #infosec
If AI finds the zero-day, writes the exploit, and patches the code, who trains the next generation of security researchers? Chris St. Myers' "Cognitive Rust Belt" essay kicked off a debate we couldn't stop having. Apple Podcasts podcasts.apple.com/us/podcast/thr…
This stirred a lot of thinking and emotion. I'd read it closely 👇🏽
The Cognitive Rust Belt - If you wait for the technology to settle before you address this, you will find there is nothing left to save. sentinelone.com/blog/the-imple…
Two weeks after the DarkSword iOS hacking tool was revealed, Apple is taking the rare step of pushing a security fix to older iOS 18 iPhones rather than just telling users to update to iOS 26, as it had previously done. (Which left millions vulnerable.) wired.com/story/apple-wi…
Intel SGX has fallen! Its most important key is in our hands: we extracted the Global Wrapping Key from an instance of the Intel Gemini Lake platform
This is made possible by executing arbitrary microcode on the DFX-locked system. And although this was a truly challenging task, we were able to do it after researching in details the interaction between PMC and PUNIT
The marginal effects here mean we are getting some amazing data about the types of bugs that were most exposed to AI, and once these waves of fixes go in and if things taper we’ll see the ongoing bug stream as a frontier capability signal.
The “foreign routers ban” is being enforced at the FCC certification stage. If you don’t know what that means, here’s a quick explainer: Once you (the manufacturer) have FINALIZED your new hardware design, you produce a few units and send them off to a specialized lab to test the radio emissions from your device. If everything goes perfectly (no test failures), 2-3 months later you will have a FCC certification. Then you have to apply the FCC label to your product. Without the completed FCC cert, you cannot legally market, import, or sell in the USA. So, mass production typically doesn’t start until after the cert happens, unless you are very confident that you will one-shot the lab tests without any hardware revisions. Else, you’d be stuck with tons of hardware you can’t sell. This FCC change will be especially painful to anyone who was about to get their new device certified. The requirement to have an on-shoring plan is probably going to be the most significant hurdle for manufacturers. If this ban included all current routers (it doesn’t), it would have been way more painful. Not just from the consumer side with supply impact. But imagine every existing router having to go through a 3+ month process with labs that would be instantly booked with backlog for years. Sure, some sort of leaned down re-cert process would have been more probable, but you get the point.
FCC Updates Covered List to Include Foreign-Made Consumer Routers fcc.gov/document/fcc-u… (news.ycombinator.com/item?id=474953…)
The FCC today updated its list of products that can't be sold in the U.S. to include *all* consumer routers made in foreign countries. It's a big but potentially disruptive move to limit supply-chain security risks to U.S. networks. docs.fcc.gov/public/attachm…
Just remembered about this awesome video by @oxidecomputer where they discuss debugging powering on the board for the first time, including using AMD’s socket stress tool. “Twitter Space 12/6/2021 -- Tales from the Bringup Lab” youtu.be/lhji-kP3Lhk?si…
@never_released It would be nice for an iPad to start macOS when a keyboard is connected. Could be a quick boot VM based on a snapshot. Maybe with access to the files app on the host.
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
BINARLY🔬 @binarly_io
4K Followers 450 Following ⛓️Binarly is the world’s most advanced automated software supply chain security platform.
Satoshi Tanda @standa_t
8K Followers 397 Following Software security engineer and trainer https://t.co/tenaquooTc
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Mickey @HackingThings
7K Followers 745 Following Low hanging fruit maven. Cluster Head. Tweets are my own. https://t.co/NsUyMzcogk
Jon Masters 🏴�... @jonmasters
16K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServers
Hardened-GNU/Linux @hardenedlinux
2K Followers 241 Following We are "patient" zero, so we hardened ourselves!
Daniel Maslowski aka ... @OrangeCMS
2K Followers 4K Following cpuvangelist \o/ #app & #web #developer | #engineering #software, #firmware, #platforms, #systems & #interfaces
3mdeb @3mdeb_com
1K Followers 292 Following Creators of @Zarhus_com & @Dasharo_com. Specializing in trusted computing, embedded firmware, coreboot, UEFI, U-Boot, and Yocto https://t.co/EqPyWEobn1
Shawn C - citypw@ioc.... @citypw
705 Followers 2K Following Machine intelligence and system security. Cypherpunk and Neo-Calvinist. L0rd commander of @HardenedLinux
Zaolin @_zaolin_
737 Followers 590 Following Head of Solution Engineering @Binarly, IT-Consultant @ Niche Systems. Ex-CEO of @immune_gmbh. Founder of @9eSec, President of the @osfw_foundation.
Christian Walter @nablahero
340 Followers 177 Following Head of @9eSec - Founder of @osfw_foundation - Part of @9elements - Part of @osfc_io Team - Founder of @firmware_ci - https://t.co/R5TFxtJkzs
Open Source Firmware ... @osfc_io
3K Followers 188 Following Change the way of firmware development, collaborate with others and share knowledge #OSFC2025
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Dasharo @Dasharo_com
526 Followers 9 Following Dasharo is open-source firmware distribution focusing on long-term maintenance, transparent validation and privacy-respecting implementation.
gk98 @98erKAG
37 Followers 2K Following
antifuse @antifuse0
23 Followers 414 Following
Anderson Nascimento @andersonc0d3
4K Followers 6K Following Director & Security Researcher @alleleintel
Tracebit @tracebit_com
307 Followers 3K Following The Assume Breach platform that detects intrusions in seconds. Also on https://t.co/T4VNPGjS2O
مجد🇯🇵 @Ezel_0445
4 Followers 327 Following
Mohsen Mostafa Jokar @Mohsen_jokar
339 Followers 264 Following I'm a #Xen soldier with a #Redhat. I'm working on #Virtualization especially #Xen and #XCP_ng, #Linux_Administration and #Security. I'm an #author too.
Adriana Zenya-Furth @FurthZenya66936
1 Followers 10 Following
venkata reddy chinta @CHVR_363
0 Followers 48 Following
NFS📠 @nitzanfarhi
31 Followers 1K Following
ありねぇ ( 橘 �... @arisu_gyaru
2K Followers 7K Following オタクに理解のあるKカフェのギャル、 @gentoo カーネルのリーダー、サブカル&アングラ沼住み、クリエーター、モデル、一生ギャル、スノボー、中野の中の中野民、イタリア生まれ、血液型: ABの気分屋、星座は水瓶座 ♒️、コラボ・撮影の依頼はDMで✌️、みんなトモダチ🥂
D1v1deByZero @2wheelinate
9 Followers 112 Following C/C++, C#, .NET and 15 year Pythonista - 2 Decades of Automation. Now Gen-AI, MCP and Agentic Workflows
siliconvalley @siliconvallley
0 Followers 13 Following
Richard Rodrigues @rodr_ric
4K Followers 1K Following Chief Product (CPO) at Ravel Tech. Private Computing & Secured AI. #homomorphic #encryption. Former Weborama & Cap Gemini.
Beaudin Storniolo @S3901xom
7 Followers 540 Following
Ethical Hacker @offethhacker
2K Followers 6K Following
Oli @ProofofOli
293 Followers 650 Following privacy, decentralization, philosophy (and LoL) fulltime coms, part-time armchair intellectual
比个心 @vbigthing
51 Followers 4K Following
Nicholas Fish @MrNicholasFish
106 Followers 1K Following lazy computer engineer; free software pundit; privacy zealot; progressivist; entrepreneur; I'm my own employer
Tim Brown @timb_machine
3K Followers 5K Following push(@twitter, 'Adversarial Engineer'); # i tweet in Perl
Bex Cran @bexcran
2K Followers 1K Following
T1nt1n @t1nt1nsn0wy
679 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
mubeen ahmed @Malik_Mubeen_A
1 Followers 229 Following
Sanjay Shankar @msg2sanjay
164 Followers 3K Following Embedded Software Engineer, Exploring Literature, Finance and Fitness RTs are not endorsement.
Satharus @aelmayyah
524 Followers 860 Following HW&FW security researcher. GCFA, eCRE. Purple Teamer. Tinkerer. Into hardware, security, reverse engineering, videogames, rock, and cycling! Views are my own.
Pavel Korzh @korzhp
18 Followers 123 Following
Cleytu 蝶 @Simmao
67 Followers 79 Following Doutor em ciências ocultas, filosofia dramática, biologia dogmática, pedagogia charlatânica e astrologia eletrônica
NovaCustom @NovaCustom_EU
649 Followers 95 Following We are NovaCustom, we build custom laptops. Unlimited options with up to 96 GB of RAM, 8 TB of storage, the latest CPUs and GPUs, Linux support and coreboot!
Biniamin Belaciano @bbelacia
10 Followers 202 Following
今為 (0xAGI) 🇮�... @0xAGI_
240 Followers 7K Following UCLA Math & Cybersec. Founder of LIAIG (GenAI NPO). Lead Dev: https://t.co/x92iMTKFBr & https://t.co/Wc1YQgao47. Democratic Socialist Zionist. Lifetime AIPAC member.
tren @j35410712
61 Followers 374 Following
Yash Gupta @Yash3667
217 Followers 774 Following Security Engineer at the Fruit company. Opinions are entirely my own.
X86 is dead&back @x86deadandback
1K Followers 562 Following
Graeme Lawes @gclawes
202 Followers 2K Following 🇺🇲 I am an engineer. Opinions posted are the result of the initial conditions of the universe.
Gonzales Spidy @GonzalesSp46994
1 Followers 104 Following
sashmatash @sashmatash
42 Followers 1K Following
Guy Roi @Roi2Guy
0 Followers 1K Following
Xeno Kovah @XenoKovah
13K Followers 74 Following Interested in reverse engineering, firmware, bluetooth, trusted computing, and training. Founder of OpenSecurityTraining2 https://t.co/slK2fsMRwU
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
chompie @chompie1337
88K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Ken Shirriff @kenshirriff
70K Followers 1K Following No longer active on Twitter. Bsky: @righto.com; Mastodon: @[email protected]
BINARLY🔬 @binarly_io
4K Followers 450 Following ⛓️Binarly is the world’s most advanced automated software supply chain security platform.
Satoshi Tanda @standa_t
8K Followers 397 Following Software security engineer and trainer https://t.co/tenaquooTc
SwiftOnSecurity @SwiftOnSecurity
409K Followers 9K Following computer security person. former helpdesk.
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research of BigTech Advisor of Grsecurity. BYOS Commitee Member of OffensiveCon, Langsec, DistrictCon, Secdev
Mickey @HackingThings
7K Followers 745 Following Low hanging fruit maven. Cluster Head. Tweets are my own. https://t.co/NsUyMzcogk
vx-underground @vxunderground
437K Followers 357 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Matthew Garrett (@mjg... @mjg59
27K Followers 273 Following Not here. Fedi: @[email protected] Bsky: @mjg59.eicar-test-file.zip Signal: @mjg.59 Blog: https://t.co/CVivdtMBWe
Yarden Shafir @yarden_shafir
25K Followers 317 Following A circus artist with a visual studio license
Longhorn @never_released
15K Followers 145 Following Supposedly "Kernel/Hypervisor Engineer" @ Amazon EC2 Core Compute
stacksmashing @ghidraninja
49K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
Jon Masters 🏴�... @jonmasters
16K Followers 7K Following Troublemaker | Computer Architect | @Arm Servers Architect @Google | Previously @RedHat, @Nuvia_Inc | Runner | Author | All views my own | #ArmServers
openbom @openbom
3K Followers 4K Following Cloud-based Bill of Materials (BOM) and Inventory management system for engineering teams, manufacturing companies, and supply chain.
SANS Institute @SANSInstitute
193K Followers 413 Following SANS is the most trusted and by far the largest source for information & cyber security training, certification and research in the world.
Wladek Grabinski @wladek60
1K Followers 2K Following Compact/SPICE Modeling, Verilog-A Standardization, OpenPDK, FOSS TCAD/EDA Tools https://t.co/rhFyc6fhQL
Rob T. Lee @robtlee
27K Followers 1K Following Chief AI Officer, Chief of Research, @SANSInstitute | Cybersecurity Expert & Threat Hunter | Godfather of DFIR | Technical Advisor to US Govt
Workshop Labs @WorkshopLabs
3K Followers 1 Following Workshop Labs is an AI research company with a mission to make people irreplaceable.
Vates @vatesfr
1K Followers 86 Following Open Source virtualization software editor (XCP-ng/Xen Orchestra) Status: https://t.co/CqPkA1opKD Available on Mastodon: @[email protected]
Peter Girnus 🦅 @gothburz
191K Followers 590 Following The Cyber Populist | Hacker. Writer. Heretic. | Reverse engineering narratives, systems, and power. Holding the pen.
Understanding Linux: ... @unix_byte
12K Followers 186 Following https://t.co/ZcfVIhPSf6 v1.15 now released
Daniel Genkin @DanielGenkin
794 Followers 173 Following Associate Professor at Georgia Tech. Security, systems, side channels, cryptography.
Jake @jakeloosy
1K Followers 78 Following
Ryan Smith @hustlelabs
2K Followers 376 Following Henceforth, it is the map that precedes the territory. If we were to revive the fable, it would be the territory whose shreds are rotting across the map.
Android Authority @AndroidAuth
1.2M Followers 114 Following Your source for the best phones, apps, headphones, deals, and more. Send tips to [email protected]. Some of our links may earn us affiliate commissions.
winterknife 🌻 @_winterknife_
5K Followers 5K Following low-level developer with a focus on 𝙸𝚗𝚝𝚎𝚕 𝚡𝟾𝟼 ISA devices running 𝚆𝚒𝚗𝚍𝚘𝚠𝚜 | R&D @BHinfoSecurity | https://t.co/lyJL0y7qRZ
soaphorn seuo @soaphornseuo
2K Followers 7K Following
Michał Kopeć @mkopec_
8 Followers 39 Following Ceterum censeo UEFI esse delendam. My opinions are my own.
NovaCustom @NovaCustom_EU
649 Followers 95 Following We are NovaCustom, we build custom laptops. Unlimited options with up to 96 GB of RAM, 8 TB of storage, the latest CPUs and GPUs, Linux support and coreboot!
Production Haskell @prodhaskell
1K Followers 2 Following A book on pragmatic, professional Haskell development written by @mattoflambda. Follow this account to receive updates on the book's progress.
CROSSCON Project @crosscon_eu
79 Followers 17 Following CROSSCON is a new open IoT security stack that can run on a wide range of devices. #crosscon_eu Funded by the #horizonEU 🇪🇺 GA number 101070537
Zarhus @Zarhus_com
17 Followers 5 Following Zarhus brings a unique blend of tradition and innovation to your embedded systems experience.
Arm @Arm
98K Followers 2K Following Arm’s foundational technology is defining the future of computing. A future built by the greatest technology ecosystem in the world. A future built on Arm.
nt!PopGetDope @ntpopgetdope
1K Followers 1K Following vulnerability researcher: basebands, fault injection, semiconductors, cats. theres 2 SEMs in my living room... '02 Toyota MR-S (2ZZ-GE) '90 Honda VFR400R NC30
Canadian Centre for C... @cybercentre_ca
34K Followers 64 Following This account is not monitored 24/7 and does not act as a reporting platform. Suivez-nous en français : @CentreCyber_ca
Bernardo Quintero @bquintero
25K Followers 268 Following Founder of @virustotal 📖 INFECTED: https://t.co/RRguFlNWKR 📖 INFECTADO: https://t.co/WZ5C2U5ymR
Brian Maloney @bmmaloney97
3K Followers 622 Following "Distrust and caution are the parents of security." - Benjamin Franklin
Yash Gupta @Yash3667
217 Followers 774 Following Security Engineer at the Fruit company. Opinions are entirely my own.
lukas seidel @pr0me
2K Followers 414 Following AI x Infosec Researcher @RevEng_AI • Binary Program Analysis • PhD Candidate @TUBerlin • prev. built @VulHuntRE at Binarly • Capturing Flags for @ENOFLAG
X86 is dead&back @x86deadandback
1K Followers 562 Following
RET2 Systems @ret2systems
12K Followers 1 Following We strive to reimagine vulnerability research, program analysis, and security education as it exists today. An @RPISEC corporation.
Azeria @Fox0x01
121K Followers 618 Following Sneaky bit flipper | CEO @azeria_labs | Author of “Arm Assembly Internals & RE” @BlueFoxBook | Adjunct Professor @SAISHopkins | Forbes 30u30
❤️🔥 xiq @exgenesis
5K Followers 2K Following epistemics https://t.co/iBy34G03Pi https://t.co/b3L7uD5lNz https://t.co/1ZCaxKMOgA
Andreas Abel @uops_info
702 Followers 46 Following
Plane @planepowers
4K Followers 56 Following Simple, flexible and intuitive project management software for any-sized teams anywhere. Available on web and mobile • https://t.co/wfKJWwWBOQ
Boz @boztank
123K Followers 1K Following CTO @Meta. Leading Reality Labs and working on AR, VR, AI, and more. Built v1 of FB News Feed, Messenger, Groups, Mobile Ads. TweetDelete 6mo
IC3 @initc3org
12K Followers 278 Following The Initiative for CryptoCurrencies and Contracts | Stay Ahead of Blockchain Research📍Cornell Tech, NYC
Elastos Chimwanda, CI... @diamond_riou4z
512 Followers 7K Following A brilliant flash (moon shot) just before a total eclipse (crash). Blinding. Still remembered.
Jeremy Windmiller @j_windmiller
646 Followers 2K Following Enterprise Security Architect, CISSP, CEH, ITIL. Tweets are my own and not that of my employer.You might like
