Emory@emory@soc.kvet.ch
RE: https://hachyderm.io/@evacide/115900663566563599
Vulnerability introduced by AI-enhanced media processing.
• Attackers can leverage tiny memory corruption windows
• Media decoder memory layouts present consistent security vulnerabilities
thank you 🙇🏻
@evacide@hachyderm.io for this high-quality explainer with references:
1. CVE-2025-49415
2. CVE-2025-54957
3. CVE-2025-36934
4. Dolby Digital (DD) and Dolby Digital Plus (DD+) audio formats
5. ETSI audio format specification
this isn't over imo. #infosec
evacide@evacide@hachyderm.io
Project Zero releases a 0-click exploit chain for the Pixel 9. This one targets the Pixel, but the 0-click bug and exploit techniques used also apply to most other Android devices.
https://projectzero.google/2026/01/pixel-0-click-part-1.html