Pinned Loading

1. Project-Olympic Project-Olympic Public

   Forensic disclosure of "Project Olympic": manufacturer-integrated surveillance architecture, covert Shadow OS, persistent spatial telemetry, and anti-forensic measures discovered in Broadcom BCM438…

   Python 2

2. iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 iOS-Attack-Chain-CVE-2025-31200-CVE-2025-31201 Public

   CVE-2025-31200 is a zero-day, zero-click RCE in iOS CoreAudio’s AudioConverterService, triggered by a malicious audio file via iMessage/SMS. Exploitation bypassed Blastdoor, enabled kernel escalati…

   139 21

3. CS35L27-Covert-Channel-Analysis CS35L27-Covert-Channel-Analysis Public

   Comprehensive security analysis of Cirrus Logic CS35L27 audio firmware, revealing indicators of covert channels and privileged command operations. Includes evidence and methodology to empower teams…

4. Apple-Silicon-A17-Flaw Apple-Silicon-A17-Flaw Public

   The Secure Enclave and digitizer controller share I2C4. Electrical faults on this bus halt SPU init and break input. A silicon-level flaw with no redundancy or recovery.

   12 3

5. Unauthorized-Signer Unauthorized-Signer Public

   A standard iPhone was compromised with Apple’s internal certificate, enabling full surveillance: voice, messages, calls, apps, system activity... everything. Total Apple-level access, impossible th…

   6

6. 0day-GigaCage-Webkit 0day-GigaCage-Webkit Public

   Impact analysis and evidence for a zero-day integer overflow in WebKit’s Gigacage affecting iOS 26.2. Includes technical summary, PoC, crash logs, and recommendations for vendor triage and mitigati…

   1