Calif
Subscribe
Sign in
Home
Visit Calif
MAD Bugs
Archive
About
MAD Bugs: Claude Wrote a Full FreeBSD Remote Kernel RCE with Root Shell (CVE-2026-4747)
To our knowledge, this is the first remote kernel exploit both discovered and exploited by an AI.
16 hrs ago
•
Calif
10
1
Latest
Top
Discussions
MAD Bugs: vim vs emacs vs Claude
We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an…
Mar 30
•
Calif
23
4
2
Reverse engineering Apple’s silent security fixes
I grabbed the latest iOS update, and diffed it with ipsw. The diff reveals at least two security-relevant changes that were shipped quietly.
Mar 27
5
Taking Apart iOS Apps: Anti-Debugging and Anti-Tampering in the Wild
Table Of Contents
Mar 17
•
Calif
16
A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets
A step-by-step guide to exploiting a 20-year-old bug in the Linux kernel to achieve full privilege escalation and container escape, plus a cool…
Mar 3
•
Calif
24
3
7
A history of device-bound cookies
The recent announcement from Google about Device Bound Session Credentials (DBSC) sent me down memory lane.
Aug 24, 2025
•
Thai Duong
7
“Vibe Hacking”: Abusing Developer Trust in Cursor and VS Code Remote Development
Update: Mauro Soria pointed out that this attack vector can be easily adapted for phishing scenarios:
Aug 18, 2025
19
1
Partnering with Google to Strengthen Open-Source Crypto: An Mbed TLS Security Audit
By Linh Le and Ngan Nguyen
Jul 5, 2025
6
See all
Calif
Subscribe
Calif
Subscribe
About
Archive
Sitemap
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
