0-Click RCE in Samsung's OpenAPV on Android 16

How a missing bounds check in Samsung's APV video codec leads to heap corruption on Android 16 — proved with OOB read/write PoCs, MP4 exploit on Android emulator, and 4 fuzzing approaches including AFL++.

0-Click RCE in Samsung's OpenAPV on Android 16

How a missing bounds check in Samsung's APV video codec leads to heap corruption on Android 16 — proved with OOB read/write PoCs, MP4 exploit on Android emulator, and 4 fuzzing approaches including AFL++.

Codex Hacked a Samsung TV

We gave Codex a foothold. It popped a root shell.

GitHub - Pouzor/homelable: Self-hosted homelab infrastructure visualizer — interactive network diagram with live status monitoring

Self-hosted homelab infrastructure visualizer — interactive network diagram with live status monitoring - Pouzor/homelable

ELF & Dynamic Linking (EN)

Compiling Android Kernel for my OnePlus Device

Compiling Android Kernel for my OnePlus Device

GitHub - mandiant/flare-learning-hub: Free educational content on reverse engineering and malware analysis from the FLARE team

Free educational content on reverse engineering and malware analysis from the FLARE team - mandiant/flare-learning-hub

Claude Code in Action

Integrate Claude Code into your development workflow

mcp-course (Hugging Face MCP Course)

Model Context Protocol, AI Agents, Python, Typescript

A Nerd's Life: Weeks of Firmware Teardown to Prove We Were Right - Quarkslab's blog

In a blog post published last December, we demonstrated how we managed to extract the firmware from a smartwatch by exploiting an out-of-bounds read vulnerability and spying on its screen interface. Follow us on our long and unexpected journey to figure out how this smartwatch can measure heart rate or blood pressure with no visible sensor, the problems we encountered while analyzing its firmware, and how we solved them to uncover The Truth about this device.