security research

"By adopting the "build before you break" mindset, you develop an intuition that guides you to the most promising areas to investigate. With each new system you study, your intuition grows stronger..."

"To the 731 people who have DVWA exposed to the internet, I apologise for CVE-2023-39848, I recommend you temporarily remove them from the internet till I can create a patch."

Security researchers regularly chafe at the deafening silence when they report a critical vulnerability in software: White Hats simply wanting to help organisations fix their cybersecurity all too often still find themselves being ignored – or worse, threatened with legal action when trying to help publicly exposed organisations that have not

New CHERI instruction set allegedly eliminates almost all memory safety issues.

"Releasing symbols is a step towards making Office easier for researchers to audit."