buherator[RSS] From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow
https://osec.io/blog/2026-03-17-virtio-snd-qemu-hypervisor-escape
https://osec.io/blog/2026-03-17-virtio-snd-qemu-hypervisor-escape
Patch Gap to Mobile Renderer RCE: Pwning Samsung Internet's V8 on the Galaxy S25
Samsung Internet on the Galaxy S25 shipped a six-month-old version of V8, exposing it to publicly known bugs. Learn how we exploited a bytecode interpreter vulnerability to achieve renderer RCE and universal XSS in the browser.