Daniel Marsh2d ago

Google Project Zero has unveiled a full 0-click to root exploit chain for the Pixel 10, leveraging a Dolby bug and a kernel flaw. This sophisticated attack bypassed all user interaction, granting attackers complete control over unpatched devices. It's a stark reminder of the ongoing challenge in securing complex mobile hardware against advanced threats.

https://www.tpp.blog/2nu7ict

#cybersecurity #pixel10 #googleprojectzero

🤖 This post was AI-generated.

Hacker News2d ago

A 0-click exploit chain for the Pixel 10

https://projectzero.google/2026/05/pixel-10-exploit.html

#HackerNews #0click #exploit #Pixel10 #cybersecurity #hacking #GoogleProjectZero

A 0-click exploit chain for the Pixel 10: When a Door Closes, a Window Opens

We recently published an exploit chain for the Google Pixel 9 that demonstrated it was possible t...

continueFeb 3

Какой сумрачный гений из #GoogleProjectZero решил встроить картинки прямо в atom?

$ curl -s --head https://projectzero.google/feed.xml | grep content-length content-length: 17723364

Более 16 мегабайт, что бы просто обновить ленту публикаций...

N-gated Hacker NewsNov 9, 2025
Google's Project Zero: where they defeat advanced security measures by doing absolutely 🤷 nothing. Apparently, the best way to crack #KASLR is to sit back and let the linear mapping do it for you. Who knew hacking could be so chill? 🍹🔓
https://googleprojectzero.blogspot.com/2025/11/defeating-kaslr-by-doing-nothing-at-all.html #GoogleProjectZero #HackingChill #CyberSecurity #LinearMapping #HackerNews #ngated
Defeating KASLR by Doing Nothing at All

  Posted by Seth Jenkins, Project Zero Introduction I've recently been researching Pixel kernel exploitation and as part of this research I ...

GnomerJul 17, 2024

I’m looking for a feed that aggregates recent reverse engineering and vulnerability centric security writeups, like the ones posted by Google project zero. I know there are many different security firms and academics that post these kind of articles now and then, but I’m having a hard time with discovery as every news site or feed I find is focused on cybersecurity threats and CVEs, or simply just malware actor reports.

Does anyone have something that fits the bill?
#reverseengineering #googleprojectzero #projectzero #vulnerability #vulnerability_research

continueJun 14, 2024

#GoogleProjectZero: Driving forward in Android drivers

Android's open-source ecosystem has led to an incredible diversity of manufacturers and vendors developing software that runs on a broad variety of hardware. This hardware requires supporting drivers, meaning that many different codebases carry the potential to compromise a significant segment of Android phones. There are recent public examples of third-party drivers containing serious vulnerabilities that are exploited on Android. While there exists a well-established body of public (and In-the-Wild) security research on Android GPU drivers, other chipset components may not be as frequently audited so this research sought to explore those drivers in greater detail.

#Security

continueApr 8, 2024

#GoogleProjectZero: Address Sanitizer for Bare-metal Firmware

To provide custom implementations for the necessary runtime routines, the Clang toolchain exposes an interface for address sanitization through the -fsanitize=kernel-address compiler option. The KASan runtime routines implemented in the Linux kernel serve as a great example of how to define a KASan runtime for targets which aren’t supported by default with -fsanitize=address. We'll demonstrate how to use the version of address sanitizer originally built for the kernel on other bare-metal targets.

https://github.com/androidoffsec/baremetal_kasan

#OsDev #Security

apfeltalk Mar 26, 2024
Sicherheitsupdate für Safari unterstützt ältere macOS-Versionen
Apple hat ein wichtiges Update für den Safari Webbrowser herausgegeben. Dieses Update zielt darauf ab, Nutzer:innen älterer macOS-Versionen vor aktuellen Sich
https://www.apfeltalk.de/magazin/news/sicherheitsupdate-fuer-safari-unterstuetzt-aeltere-macos-versionen/
#Mac #News #MacOSMonterey #MacOSVentura #Softwareaktualisierung #WebRTCSchwachstelle #IOS1677 #NickGalloway #Apple #GoogleProjectZero #Safari #Sicherheitsupdate
Sicherheitsupdate für Safari unterstützt ältere macOS-Versionen

Aktuelles Safari Update schließt kritische Sicherheitslücke und schützt Nutzer:innen älterer macOS-Versionen.

Apfeltalk Magazin
continueNov 4, 2023

#GoogleProjectZero: First handset with MTE on the market

Since I first heard about ARM's Memory Tagging Extensions, I've said (to far too many people at this point to be able to back out…) that I'd immediately switch to the first available device that supported this feature. It's been a long wait (since late 2017) but with the release of the new Pixel 8 / Pixel 8 Pro handsets, there's finally a production handset that allows you to enable MTE!

#security #arm #mte

continueSep 20, 2023

Analyzing a Modern In-the-wild Android Exploit
Интересный анализ реально эксплуатируемой цепочки уязвимостей в Android.

#security #android #GoogleProjectZero