-
Tweets4K
-
Followers14K
-
Following5
-
Likes885
Performing better than Opus models in RE/VR projects 🎉
Introducing Claude Fable 5: a Mythos-class model that we’ve made safe for general use. Its capabilities exceed those of any model we’ve ever made generally available.
Microsoft puts a feature flag in every vuln fix (my team published this 3 years ago). This makes N-day root cause id much simpler. Waiting to see which bugs they exploited! I’ve been impressed during my own N-day experiments but Opus still can’t crack the hardest bugs by itself
Frontier models are also really good at finding and exploiting n-day vulnerabilities, doing so on timescales of hours. Read about some recent work from my team studying these capabilities! red.anthropic.com/2026/n-days/
Discovery of N-day vulnerabilities are largely solved at scale by the Mythos and Opus models, for both proprietary and open-source software. It’s time to seriously rethink vulnerability disclosure and time-to-fix timelines. Cascading effects across the software supply chain are becoming a serious bottleneck.
Frontier models are also really good at finding and exploiting n-day vulnerabilities, doing so on timescales of hours. Read about some recent work from my team studying these capabilities! red.anthropic.com/2026/n-days/
🔺NEW: Apple is expanding Private Cloud Compute (PCC) beyond our data centers. PCC on Google Cloud: NVIDIA Confidential Computing, Intel TDX, and Google's Titan chip, with capabilities that go far beyond a traditional confidential computing deployment. security.apple.com/blog/expanding…
Arbitrary code execution in objdump -g We have a thing for finding bugs in bug finding tools. IDA Pro, Ghidra, Binja Sidekick, or radare2. You name it we hacked it. Our friends were saying we should try objdump. So here we go. Blog post: blog.calif.io/p/oobdump-relo… AI-generated PoC and writeup: github.com/califio/public…
I forked Anthropic’s new vuln-discovery harness and made it Codex-first. Recon → Find → Verify → Triage → Report → Patch Sandboxed agents find bugs, prove them with crashing PoCs, dedupe, write exploitability reports, and validate patches. github.com/zeroxjf/defend…
My talk "SELECT * FROM binary - Vibe Reversing Across IDA, Ghidra, and Binary Ninja" got accepted at @reconmtl . I am happy to talk about this toolset (idasql, bnsql and ghidrasql) and how it is designed to allow AI agents to work across all these top 3 reverse engineering tools. Point Claude, Codex, or your favorite agent to any single one or all of them at once, and allow your agent can now use the tools all at once to analyze one or more binary at once. These work nicely with loops like "/goal" to allow e2e analysis over many hours. Use cases: - Full source code recovery (with types and code structure) - Full database annotations (also with type recovery, comments, etc.) - Binary diffing - Or just any kind of Q&A against your binary or binaries cfp.recon.cx/recon-2026/tal…
MCP is slow for RE-heavy projects and, in some cases, is unstable. ghidra-rpc is way faster than MCP and scales more efficiently in a multi-agent setup, since it outputs structured JSON.
We're mostly an IDA shop at @CellebriteLabs, but I decided to play around with Ghidra. My main motivation was to experiment with agentic reverse engineering techniques. The result is an agent skill for Ghidra, which we are releasing publicly: github.com/cellebrite-lab… >>
Practical Android Software Protection in the Wild: An Appetizer In which @Farenain analyzes 2.5 million Android apps to identify and classify the obfuscators, packers and code protectors they use: blog.quarkslab.com/practical-andr…
We're mostly an IDA shop at @CellebriteLabs, but I decided to play around with Ghidra. My main motivation was to experiment with agentic reverse engineering techniques. The result is an agent skill for Ghidra, which we are releasing publicly: github.com/cellebrite-lab… >>
That is crazy! I do not believe there are any excuses for the overall behavior. I am extremely disappointed that Microsoft thinks this is acceptable at all and that a (non-)apology suffices @msftsecresponse @MSFTBlueHat @Microsoft
This guy sucks. At my first Pwn2Own he asked me over and over if it was my first CVE. I said no but he kept insisting, in front of everyone, he’d never seen my name credited before. Turns out he was confusing me with another woman in infosec. In charge of security research
Looks like @Binary_Gecko has published my blog post about putting a KASAN style MTE tag map into the kernel panic output of macOS. binarygecko.com/blog/looking-a…
Logic bug in the Linux kernel's __ptrace_may_access() function (CVE-2026-46333) Article about a logical bug in ptrace implementation that allows getting access to file descriptors of other processes and thus escalating privileges in certain scenarios. cdn2.qualys.com/advisory/2026/…
Agents need better tools for reversing! I'm releasing declib (previously libbs), with a new CLI today that gives agents CLI access to 4 decompilers (IDA, Ghidra, Binja, angr), parity feature support to most MCP (12 features), and the ability to sync those changes across decs!
Time-to-Exploit has changed significantly for n-days, especially in OSS projects, where the code changes in the fix can serve as a harness for PoC creation. There’s effectively zero time to apply updates, the MTTR metric has a negative value nowadays. Defense in depth definitely helps by adding layers to buy some time, but in general, old threat models are becoming irrelevant.
I was going to make this same point: “Is there even such thing as Security Through Obscurity” anymore? “I” (Claude) made short work of some DexProtect-ed Android app the other day to extract info I needed
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long. That's changed now. Beyond the acceleration in vulnerability
This is a critical point for defenders to get: "Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works."
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long. That's changed now. Beyond the acceleration in vulnerability
NYC folks: sprawl.nyc meetup this Thursday @ Etsy, 10+ lightning talks, registration link above! Our biggest one yet!
I fully agree: even targets such as anti-cheats and gaming DRMs have become significantly easier to analyze with agents, if you know how to guide them and validate their results. @nicolodev and I will about that at @reconmtl: cfp.recon.cx/recon-2026/tal…
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long. That's changed now. Beyond the acceleration in vulnerability
[#POC2026 NOTICE] Your offensive conference is BACK again in its shape! and POC2026 begins in a new home. ⏰ Date: November 12–13 📍 New Venue: The Westin Seoul Parnas, Korea 🇰🇷 👨🏫 CFT: June 1 – June 26 🎙️ CFP: June 1 – September 30 🎟️ Registration: September 1 – October 31 More info 👉 powerofcommunity.net
0xor0ne @0xor0ne
91K Followers 508 Following Cybersecurity | Reverse Engineering | Vulnerability Research | Embedded & Silicon Security | My Tweets, My Opinions :)
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
hasherezade @hasherezade
91K Followers 954 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Ali Hadi | B!n@ry @binaryz0ne
35K Followers 569 Following DFIR and Adversary Simulation | All posts reflect the views and interests of the person behind this account only |
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
Hex-Rays SA @HexRaysSA
9K Followers 150 Following We are a hi-tech company focusing on binary software analysis - IDA Pro and the Hex-Rays Decompiler. ***Discourse Forum: https://community.hex-rays***
Jiří Vinopal @vinopaljiri
10K Followers 560 Following Threat Researcher at Check Point @_CPResearch_ All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Karsten Hahn @struppigel
26K Followers 783 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Ange @angealbertini
25K Followers 919 Following Reverse engineer, file formats expert. Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika... Security engineer @ Google. He/him.
Mobile Security @mobilesecurity_
31K Followers 1K Following Mobile Security ✌🏻 #MobileSecurity #AndroidSecurity #iOSsecurity
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Łukasz @maldr0id
12K Followers 948 Following Military-grade @Android malware reverse engineer @Google || "Tom Brady of malware strings analysis" - @MalwareTech || Tweets are my own opinions || he/him ✨🌈🦄
Satoshi Tanda @standa_t
8K Followers 397 Following Software security engineer and trainer https://t.co/tenaquooTc
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Clandestine @akaclandestine
60K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
u*nK^0wn @Jashwan26920896
146 Followers 1K Following
Badsector @Badsektorr
30 Followers 624 Following
Threatward @threatward
1 Followers 84 Following
saiya @saiya2844
0 Followers 33 Following
Nikki Nikki @NikkiNikki9139
0 Followers 143 Following
protonVg @VgProton46217
9 Followers 408 Following
operator @operator163582
0 Followers 72 Following
Moseley @SapoLollo
21 Followers 423 Following
Al Millar @milldawgydawgy
40 Followers 441 Following Former Royal Marines Commando Red Team Operator Maldev Cat dad Motorcyclist
François Baligant @fbaligant
564 Followers 1K Following Forever curious | Vice President Cybersecurity @theodo_cloud | Stargazer at heart | Proud dad of 2
getfucked @GetFukct
0 Followers 156 Following
cr3ghost @cr3ghost
1K Followers 296 Following A student passionate about reverse engineering, windows internals, anti-cheat research, malware research, and exploit research. Aspiring red teamer.
Alucard @AlucardLVI
20 Followers 610 Following The bird of Hermes is my name, eating my wings to make me tame
John Smith @JohnSmithqskg
0 Followers 51 Following
nt!RajKit @NtRajkit
8 Followers 268 Following
wir3sh4rk @wir3sh4rk
0 Followers 314 Following
AYS @amreeesh_ays
0 Followers 55 Following Cybersecurity tools and templates for developers, analysts, and pentesters.
prxcmn @prxcmon
224 Followers 1K Following tiap weekend kalo gak ngoding, PoC research, ya nimbrung di https://t.co/09BGDEa5zs
p1und3r3r @p1und3rer
4 Followers 142 Following
Chris Olin @realchrisolin
2K Followers 5K Following 🇺🇸🗽🔧 old millennial child of the internet, contrarian, skeptic, wordsmith, philomath, doesn't suffer fools gladly Perspective is in the eye of the beholder
Juan Martin @jfmriva
649 Followers 753 Following Buscad la belleza. Es lo único que merece la pena en este asqueroso mundo. (Ramón Trecet)
42 @zg2bARYB739tIb8
0 Followers 88 Following
EnemyUAVHasBeenDestro... @ValidatedGfx
9 Followers 31 Following
yorgun @hisolara
6 Followers 601 Following
Nachname MitN @nachnamemitn
6 Followers 392 Following Cybersecurity, ML and AI welfare. Co-evolution beats activation steering anytime.
Sav4j @sav4j_64646
4 Followers 61 Following Im just here for the internet crash outs and the drama. Post at your leisure.
mischievous @slightmischief
0 Followers 42 Following concerned computer user - microarchitecture whisperer - i like bugs
KYZRTXP @kyzrtxp
5 Followers 635 Following
Sathishds @sathishdatwit
177 Followers 2K Following Incident response analyst, Interested in sharing Cyber threat hunting,Threat Intelligence, Malware analysis, Forensics artifacts, Red team blogs
Shitagaki @Shitagaki0023
0 Followers 12 Following
Based_Pon @BasedPon
1 Followers 196 Following
yiming zhang @kerjo_007
0 Followers 51 Following
ethicalsoup @ethicalsoup
21 Followers 764 Following infosec junkie CPTS | CRTO | PNPT | CRTE | CRTP | ejPT | CCNP
vodanh @vodanh193
0 Followers 199 Following
John Doe @JohnDoe08992600
0 Followers 63 Following
Alex Matrosov @matrosov
20K Followers 2K Following Security REsearch @Anthropicai · Breaking & Fixing AI Failure Modes | Founder @binarly_io · @SBOM_Tools · @REhints | Author “Rootkits & Bootkits" (https://t.co/1wd2dfYHY6)
Bill Pollock -- nosta... @billpollock
11K Followers 2K Following Founder, No Starch Press and Hacker Initiative. Views expressed are *entirely* my own. He/him/his Contact our editors at: [email protected]
sergey bratus @sergeybratus
6K Followers 1K Following The cat is the Otocolobus Manul, https://t.co/Xswt7Vp2F1 . Manul is the perfect privacy mascot. All views & opinions are my own & personal.
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research of BigTech Advisor of Grsecurity. BYOS Commitee Member of OffensiveCon, Langsec, DistrictCon, Secdev
You might like
