HexNomad's Avatar

HexNomad

@hexnomad.bsky.social

Infosec nerd

77 Followers  |  180 Following  |  2 Posts  |  Joined: 24.08.2023  |  1.7282

Latest posts by hexnomad.bsky.social on Bluesky

We derestricted crbug.com/382005099 today which might just be my favorite bug of the last few years: bad interaction between WebAudio changing the CPU's handling of floats and V8 not expecting that. See crbug.com/382005099#co... for a PoC exploit. Also affected other browsers

29.10.2025 14:27 โ€” ๐Ÿ‘ 17    ๐Ÿ” 6    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
U.S. government accuses former L3Harris cyber boss of stealing trade secrets | TechCrunch The U.S. Department of Justice accused Peter Williams, former general manager of L3Harrisโ€™ hacking division Trenchant, of stealing trade secrets and selling them to a buyer in Russia.

NEW: The U.S. govt accused Peter Williams, ex general manager of hacking tool maker L3Harris Trenchant, of stealing trade secrets and selling them to buyer in Russia.

As we reported earlier, Trenchant investigated a leak of internal tools this year. It's unclear if that investigation is related.

23.10.2025 15:47 โ€” ๐Ÿ‘ 25    ๐Ÿ” 21    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 5
Preview
Exclusive: Apple alerts exploit developer that his iPhone was targeted with government spyware A developer at Trenchant, a leading Western spyware and zero-day maker, was suspected of leaking company tools and fired. Weeks later, Apple notified him that his personal iPhone was targeted with spy...

SCOOP: A man who worked on developing hacking and surveillance tools for defense contractor L3Harris Trenchant was notified by Apple that his iPhone was targeted with mercenary spyware.

The developer believes he was targeted after he was wrongly accused of leaking zero-days developed by Trenchant.

21.10.2025 14:54 โ€” ๐Ÿ‘ 27    ๐Ÿ” 24    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 3
Project Zero

Serious bugs often occur in third-party components integrated by other software. Ivan Fratric and I found this vulnerability in the Dolby Unified Decoder. It affects Android, iOS and Windows among other platforms, sometimes 0-click.

project-zero.issues.chromium.org/issues/42807...

16.10.2025 19:50 โ€” ๐Ÿ‘ 10    ๐Ÿ” 1    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Post image

We now have a (draft) @metasploit-r7.bsky.social exploit module in the pull queue for the recent Microsoft SharePoint Server unauthenticated RCE zero-day (CVE-2025-53770), based on the in-the-wild exploit published a few days ago. Check it out here: github.com/rapid7/metas...

23.07.2025 13:18 โ€” ๐Ÿ‘ 11    ๐Ÿ” 8    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Preview
Google fixes bug that could reveal users' private phone numbers | TechCrunch The bug allowed a researcher to uncover recovery phone numbers of nearly any Google account.

New: A security researcher found a bug that revealed the private recovery phone number of almost any Google account.

TechCrunch verified the bug w/ the researcher, who quickly brute-forced the phone number of a test Google account we had set up.

09.06.2025 14:06 โ€” ๐Ÿ‘ 64    ๐Ÿ” 23    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 5
Preview
The Windows Registry Adventure #8: Practical exploitation of hive memory corruption Posted by Mateusz Jurczyk, Google Project Zero In the previous blog post , we focused on the general security analysis of the registry a...

The final part of Mateuszโ€™s Windows Registry series is live! Contains all the hive memory corruption exploitation youโ€™ve been waiting for

googleprojectzero.blogspot.com/2025/05/the-...

28.05.2025 18:24 โ€” ๐Ÿ‘ 6    ๐Ÿ” 4    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Blasting Past Webp An analysis of the NSO BLASTPASS iMessage exploit Posted by Ian Beer, Google Project Zero On September 7, 2023 Apple issued ย an out-...

Great write-up, as usual, from Project 0 going into even more detail on the BlastPass iOS zero click exploit from 2023: googleprojectzero.blogspot.com/2025/03/blas...

26.03.2025 23:03 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

"Windows App to replace Remote Desktop app for Windows"

There's a lot of confusion about what this means, so let me clarify:

This only affects the Remote Desktop App on the *Microsoft Store*, which you most likely don't use

Most system administrators use mstsc, the Windows built-in RDP client

12.03.2025 13:07 โ€” ๐Ÿ‘ 5    ๐Ÿ” 1    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

We will never knowโ€” we will never have the faintest ideaโ€” how much money is getting made in insider trading windfalls from people in Trump's and Musk's circles who have an hour of notice about the daily swings in tariff policy or the occasional announced *expectations* of such swings.

06.03.2025 19:06 โ€” ๐Ÿ‘ 1943    ๐Ÿ” 644    ๐Ÿ’ฌ 42    ๐Ÿ“Œ 45
Post image

Ghidra 11.3 is OUT!

โ€จPyGhidra is the new feature to be excited about.โ€จโ€จItโ€™s a Python library providing direct access to the Ghidra API. โ€จโ€จ

I expect this to massively increase Reverse Engineering tool development, as it significantly reduces the barrier to entry for Ghidra interaction.

06.02.2025 18:34 โ€” ๐Ÿ‘ 36    ๐Ÿ” 16    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 1
Preview
Musk Cronies Dive Into Treasury Dept Payments Code Base Overnight, Wired reported that, contrary to published reports that DOGE operatives at...

A 25-year-old DOGE worker named Marko Elez who has admin privileges on Treasury dept systems that control about 95% of payments made by the gov, including Social Security checks, tax refunds and contract payments "has already made extensive changes to the code base for these critical payment system"

04.02.2025 19:12 โ€” ๐Ÿ‘ 567    ๐Ÿ” 345    ๐Ÿ’ฌ 33    ๐Ÿ“Œ 64
Post image 03.02.2025 01:52 โ€” ๐Ÿ‘ 22    ๐Ÿ” 3    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Windows Bug Class: Accessing Trapped COM Objects with IDispatch Posted by James Forshaw, Google Project Zero Object orientated remoting technologies such as DCOM and .NET Remoting make it very easy ...

New blog post on the abuse of the IDispatch COM interface to get unexpected objects loaded into a process. Demoed by using this to get arbitrary code execution in a PPL process. googleprojectzero.blogspot.com/2025/01/wind...

30.01.2025 18:37 โ€” ๐Ÿ‘ 65    ๐Ÿ” 41    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 0
Post image

To all our Bluesky friends, feel free to follow us here as we will be posting regular updates as the conference gets closer. See you in May!

21.01.2025 15:32 โ€” ๐Ÿ‘ 8    ๐Ÿ” 3    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Project Zero

Just unrestricted an issue that shows a fun new attack surface. Android RCS locally transcribes incoming media, making vulnerabilities audio codecs now fully-remote. This bug in an obscure Samsung S24 codec is 0-click

project-zero.issues.chromium.org/issues/36869...

10.01.2025 00:08 โ€” ๐Ÿ‘ 38    ๐Ÿ” 16    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 2

Around 2008 I was in Ottawa and some MoD person mentioned that only a few years ago they stopped wargaming against a US invasion, and I joked "just wait until they run out of water for their golf courses in Arizona"...

09.01.2025 11:08 โ€” ๐Ÿ‘ 23    ๐Ÿ” 5    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 0

Someone is using a fake PoC for the LDAPNightmare exploit to infect researchers and threat actors with an infostealer

www.trendmicro.com/en_us/resear...

09.01.2025 10:05 โ€” ๐Ÿ‘ 29    ๐Ÿ” 11    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 2
Preview
Racing round and round: The little bug that could Get the straightforward approach to bug hunting โ€”ย from an IBM X-Force Red expert.

Another Chompie banger: securityintelligence...

30.07.2024 15:54 โ€” ๐Ÿ‘ 2    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Surfer Gabriel Media leaping from his surfboard at the top of the wave so the he appears to be floating in the air above the water, completely upright, with one arm extended above his head, holding out one finger, his surfboard trailing behind and also floating in the air

Surfer Gabriel Media leaping from his surfboard at the top of the wave so the he appears to be floating in the air above the water, completely upright, with one arm extended above his head, holding out one finger, his surfboard trailing behind and also floating in the air

Brazil's Gabriel Medina with the best touchdown celebration I've ever seen (Photo: Jerome Brouillet/Getty)

29.07.2024 20:08 โ€” ๐Ÿ‘ 334    ๐Ÿ” 97    ๐Ÿ’ฌ 8    ๐Ÿ“Œ 17

in the 90โ€™s, computers would scream every time you went online. thatโ€˜s called foreshadowing

07.09.2023 21:40 โ€” ๐Ÿ‘ 8402    ๐Ÿ” 3063    ๐Ÿ’ฌ 56    ๐Ÿ“Œ 57
Recon2023 Erik Egsgard HuntForRedOctober
The windows networking stack has been the source of various vulnerabilities over the years, a few of which could lead to remote code execution. This talk wil... Recon2023 Erik Egsgard HuntForRedOctober

Video of the talk I gave at Recon on hunting for bugs in the Windows TCP/IP stack is now up!

youtu.be/jzA5aLrK4OY

07.09.2023 21:32 โ€” ๐Ÿ‘ 10    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

@hexnomad is following 19 prominent accounts