Kagemusha
@kagemusha1337.bsky.social
Independent vulnerability researcher
Reposted by Kagemusha
Exploit and mini writeup for CVE-2025-5419.
github.com/mistymntncop...
github.com/mistymntncop...
github.com
August 25, 2025 at 8:06 AM
Exploit and mini writeup for CVE-2025-5419.
github.com/mistymntncop...
github.com/mistymntncop...
Reposted by Kagemusha
I will give two lightning talks at #38c3 🎉 Both on day 3, stage Huff, around 11:30am.
Detecting Fake Base Stations with CellGuard on iOS 📶
cfp.cccv.de/38c3-lightni...
iOS Inactivity Reboot 📲
cfp.cccv.de/38c3-lightni...
Detecting Fake Base Stations with CellGuard on iOS 📶
cfp.cccv.de/38c3-lightni...
iOS Inactivity Reboot 📲
cfp.cccv.de/38c3-lightni...
iOS Inactivity Reboot 38C3 Lightningtalks
When your phone is stolen, a simple reboot significantly improves the security of your data! Curious about how this protection works and how Apple automated reboots in iOS 18?
cfp.cccv.de
December 27, 2024 at 9:24 PM
I will give two lightning talks at #38c3 🎉 Both on day 3, stage Huff, around 11:30am.
Detecting Fake Base Stations with CellGuard on iOS 📶
cfp.cccv.de/38c3-lightni...
iOS Inactivity Reboot 📲
cfp.cccv.de/38c3-lightni...
Detecting Fake Base Stations with CellGuard on iOS 📶
cfp.cccv.de/38c3-lightni...
iOS Inactivity Reboot 📲
cfp.cccv.de/38c3-lightni...
Reposted by Kagemusha
Announcing #CodeQL Community Packs
https://github.blog/security/vulnerability-research/announcing-codeql-community-packs/
https://github.blog/security/vulnerability-research/announcing-codeql-community-packs/
github.blog
December 24, 2024 at 5:51 AM
Announcing #CodeQL Community Packs
https://github.blog/security/vulnerability-research/announcing-codeql-community-packs/
https://github.blog/security/vulnerability-research/announcing-codeql-community-packs/
Reposted by Kagemusha
Curious about the inner workings of the ADB server-to-device protocol? Check out our second blogpost about ADB internals.
www.synacktiv.com/publications...
www.synacktiv.com/publications...
Diving into ADB protocol internals (2/2)
www.synacktiv.com
December 16, 2024 at 2:16 PM
Curious about the inner workings of the ADB server-to-device protocol? Check out our second blogpost about ADB internals.
www.synacktiv.com/publications...
www.synacktiv.com/publications...
Reposted by Kagemusha
Can you find an ITW 0-day from crash logs? Project Zero finds out
googleprojectzero.blogspot.com/2024/12/qual...
googleprojectzero.blogspot.com/2024/12/qual...
The Qualcomm DSP Driver - Unexpectedly Excavating an Exploit
Posted by Seth Jenkins, Google Project Zero This blog post provides a technical analysis of exploit artifacts provided to us by Google's Thr...
googleprojectzero.blogspot.com
December 16, 2024 at 6:16 AM
Can you find an ITW 0-day from crash logs? Project Zero finds out
googleprojectzero.blogspot.com/2024/12/qual...
googleprojectzero.blogspot.com/2024/12/qual...
Reposted by Kagemusha
Using a 😡 emoji to DoS Facebook Messenger
Using a 😡 emoji to DoS Facebook Messenger
s11research.com
December 13, 2024 at 11:54 AM
Using a 😡 emoji to DoS Facebook Messenger
Reposted by Kagemusha
Unfortunately, Revolut has banned GrapheneOS users from logging into the app because of an incorrectly implemented device integrity check based on the anti-competitive Play Integrity API. Our users need to put pressure on apps like this to get them to whitelist GrapheneOS.
December 8, 2024 at 2:25 PM
Unfortunately, Revolut has banned GrapheneOS users from logging into the app because of an incorrectly implemented device integrity check based on the anti-competitive Play Integrity API. Our users need to put pressure on apps like this to get them to whitelist GrapheneOS.
Reposted by Kagemusha
At #Pwn2Own Ireland, our team successfully exploited vulnerabilities in the Lorex 2K Indoor WiFi Camera. Check out our blog for the full technical breakdown: blog.infosectcbr.com.au/2024/12/expl...
Exploiting the Lorex 2K Indoor Wifi at Pwn2Own Ireland
Introduction In October InfoSect participated in Pwn2Own Ireland 2024 and successfully exploited the Sonos Era 300 smart speaker and Lor...
blog.infosectcbr.com.au
December 9, 2024 at 2:16 AM
At #Pwn2Own Ireland, our team successfully exploited vulnerabilities in the Lorex 2K Indoor WiFi Camera. Check out our blog for the full technical breakdown: blog.infosectcbr.com.au/2024/12/expl...