You

@[email protected]
144 Followers
954 Following
158 Posts
#YOLOL Information Security
You6h ago
Show threadYifan4d ago
🫠
YouMar 20
bunnieMar 20

One of my favorite features of the Baochip-1x is the BIO. It's an I/O coprocessor that is based on the PicoRV32, with custom register extensions to allow direct access to GPIOs from the ISA.

Read more about the BIO at this blog post: https://www.bunniestudios.com/blog/2026/bio-the-bao-i-o-coprocessor/ I go in-depth into the architecture and its trade-offs relative to the PIO, and conclude by working through a couple of coding examples.

YouMar 19
HackerWorkspaceMar 19

From virtio-snd 0-Day to Hypervisor Escape: Exploiting QEMU with an Uncontrolled Heap Overflow

https://osec.io/blog/2026-03-17-virtio-snd-qemu-hypervisor-escape/

Short summary: https://hackerworkspace.com/article/from-virtio-snd-0-day-to-hypervisor-escape-exploiting-qemu-with-an-uncontrolled-heap-overflow

#cybersecurity #vulnerability #exploit

Unfaithful Claims: Breaking 6 zkVMs

A zkVM verifier should be faithful to one thing above all else: its public claims. Yet we found six systems where this guarantee breaks. Learn how a subtle ordering bug lets an attacker bypass the cryptography entirely and prove mathematically impossible statements.

OtterSec
YouMar 19
Bypassing debug password protection on the RH850 family using fault injection - https://blog.quarkslab.com/bypassing-debug-password-protection-on-the-rh850-family-using-fault-injection.html
Bypassing debug password protection on the RH850 family using fault injection - Quarkslab's blog

This blogpost explains how we bypassed the 16-byte password protection of the debug on several variants of the RH850 family using voltage fault injection.

YouMar 17
/r/netsecMar 17
Now You See mi: Now You're Pwned https://labs.taszk.io/articles/post/nowyouseemi/
Now You See mi: Now You're Pwned

Exploiting and jailbreaking Xiaomi Home Security Smart Cameras

YouMar 10
bunnieMar 10
I built a microcontroller for high-assurance applications on TSMC 22nm. I call it the "Baochip-1x". Read more about what it is and how it came about at this blog post: https://www.bunniestudios.com/blog/2026/baochip-1x-a-mostly-open-22nm-soc-for-high-assurance-applications/
YouMar 7
Decentralized thoughts about decentralization - https://decentralizedthoughts.github.io/
Decentralized Thoughts

Decentralized thoughts about decentralization

Decentralized Thoughts
YouMar 5
Renaud Lifchitz Mar 4
UTOPEER (U2P): plateforme décentralisée de torrents construite sur le protocole Nostr
https://ygg.gratis/#/specification
U2P

YouMar 4
David Chisnall (*Now with 50% more sarcasm!*)Mar 4

First Post! Uh, I mean, First CHERIoT Silicon!

We have our first chips back! It is very exciting! Spatial and temporal memory safety, fine-grained compartmentalisation, and also a load of other big chips on a board, so you can play 'Where's ICENI?' on the board picture!

#CHERI #CHERIoT

First CHERIoT Silicon!

Welcome to the CHERIoT Platform, a hardware-software co-design project that provides game-changing security for embedded devices.

CHERIoT Platform
YouMar 4
Martin Boller     Mar 3

https://www.cyloq.se/en/research/cve-2026-0714-tpm-sniffing-luks-keys-on-an-embedded-device

#Moxa #TPM #SPI #LogicAnalyzer #Keys #Cleartext

[CVE-2026-0714] TPM-sniffing LUKS Keys on an Embedded Device

In October 2025, we performed a security assessment of the ARM-based Moxa UC-1222A Secure Edition industrial computer.