https://t.co/1CH1WoMwKf

Implemented arbitrary webkit code execution on iPhone (not PAC devices).
You can chaining other exploits if you want for nice work, but do not use it for malicious purpose.

Check out src and README here:https://t.co/okIlYhzno0 pic.twitter.com/9KNeGuK5Kg

— wh1te4ever (@wh1te4ever) March 22, 2025

Last barrier destroyed, or compromise of Fuse Encryption Key for Intel Security Fuses by @_markel___https://t.co/P91XdpWIpD pic.twitter.com/pMDAs9Bvpi

— Alex Plaskett (@alexjplaskett) March 23, 2025

Here's the thing. When a browser, an app, or a website encourages you to turn on an awesome feature, it's almost always because a lawyer who understands the feature said "whoa, we're gonna be in real trouble if we don't have consent".

In other words, pic.twitter.com/nw1WvYv80W

— lcamtuf (@lcamtuf) March 23, 2025

CVE-2024-12695 the mystery has been revealed :)https://t.co/r9pVqQjauy

— j j (@mistymntncop) March 23, 2025

By making minor changes to command-line arguments, it is possible to bypass EDR/AV detections.

My research, comprising ~70 Windows executables, found that all of them were vulnerable to this, to varying degrees.

Here’s what I found and why it matters 👉 https://t.co/VpMttDZI9K pic.twitter.com/mO5PlQkRMr

— Wietze (@Wietze) March 24, 2025

Why hack one device, when you can hack a million of them? My latest blogpost based on my @nullcon talk explores hacking smart weighing machines and health devices by hijacking their user-device association flows. https://t.co/BNBPzZ5KQ9

— spaceraccoon | Eugene Lim (@spaceraccoonsec) March 24, 2025