StackWarp
For more details on the discovery process and our findings, we refer to our research paper, which is published at USENIX Security 2026.
paper: stackwarpattack.com
github: github.com/cispa/StackW...
\cc Tristan Hornetz, @d-we.bsky.social, Fabian Thomas, @misc0110.bsky.social
15.01.2026 18:29 β π 2 π 1 π¬ 1 π 0
Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMDβs stack engine across Zen 1β5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking.
15.01.2026 18:27 β π 32 π 13 π¬ 1 π 0
@ltrampert.bsky.social and I just gave a talk at Black Hat Asia showing how CSS can be abused to deanonymize you when opening an email!
cc: @blackhatevents.bsky.social #BHASIA25
03.04.2025 14:50 β π 4 π 0 π¬ 1 π 0
Heading to Black Hat Asia now! @ltrampert.bsky.social and I will give a briefing about deanonymizing users not only on the web but also in their email clients! #bhasia
30.03.2025 18:33 β π 4 π 0 π¬ 0 π 0
Just gave a keynote at #Ruhrsec about threat models, Side channels, fault attacks, how the evolve and how we should approach them...
21.02.2025 12:37 β π 15 π 4 π¬ 0 π 0
PhD Student @TU Braunschweig. Mainly web security, some program analysis, and privacy.
Project Foxhound core maintainer.
Tenured Researcher @Inria
USENIX Security Artifact Evaluation Co-Chair 2025 & 2026
Web Security & Privacy: JavaScript (in)security, browser extensions
https://aurore54f.github.io
Apple Security Researcher | Informatics PhD | TUGraz Alumni | Pwnie Award 2022 | BlackHat Speaker | Power Analysis | Fault Attacks | ΞΌ-Architectural Attacks | https://andreaskogler.com/
Official account of the Microarchitecture Security Conference (Β΅ASC).
Cutting-edge research on #security in #microarchitecture contexts.
Next Conference: February 3, 2026, in Leuven, Belgium. https://uasc.cc
News rund um Technik, IT und Digitales.
Β
heise.de/impressum.html & http://heise.de/privacy
wannabe hacker... he/him
π± grow your hacking skills https://hextree.io
Postdoc @Coresec Graz University of Technology
Silicon Security at Google | PhD from COSIC (KU Leuven)
Firmware/OS/Cellular Security Research @ruhr-uni-bochum.de
Computer scientist at CISPA. Formal methods, security, cyber-physical systems, and theory of computation. www.berndfinkbeiner.de
Software researcher at https://cispa.de, working on #Fandango, #S3, #FuzzingBook, #DebuggingBook. Testing, debugging, analyzing, and protecting software for a better world. Find me at https://andreas-zeller.info/
Researcher at Microsoft Azure
boriskoepf.de
Researcher at @cnrs.bsky.social in the Spirals team. Browser fingerprinting, web privacy and security, software engineering. Creator of http://AmIUnique.org.
Security Researcher | PhD Candidate with CoreSec at @tugraz.bsky.social | Microarchitectural Attacks | OS/HV Development | https://responsible.fyi
PhD student at CISPA | Hacking webapps | CTF at FAUST
Senior Scientist @TU Wien / Web & Mobile Security / #drumandbass DJ
π© with @mhackeroni.bsky.social We_0wn_Y0u kukhofhackerei Team Austria
π https://minimalblue.com/
