The Dustin Childs
@dustinchilds.bsky.social
Just a simple information security gnome trying to make his way through the universe. Part-time patch wrangler. Tweets are just my opinion and such. Got questions about patches or bug bounties? My DMs are open. Signal: DustinChilds.17
Reposted by The Dustin Childs
NEW: Apple and Google have rolled out security updates to fix a series of flaws used in an active hacking campaign.
Google updated Chrome; Apple issued fixes for iPhones, Macs, and more. Apple and Google's TAG were credited with the find. TAG usually tracks goverment-backed threats, like spyware.
Google updated Chrome; Apple issued fixes for iPhones, Macs, and more. Apple and Google's TAG were credited with the find. TAG usually tracks goverment-backed threats, like spyware.
Google and Apple roll out emergency security updates after zero-day attacks | TechCrunch
Apple released patches for all of its flagship devices to fix security flaws under attack. Google also updated Chrome to remediate one vulnerabilty exploited in the attacks.
techcrunch.com
December 12, 2025 at 8:38 PM
NEW: Apple and Google have rolled out security updates to fix a series of flaws used in an active hacking campaign.
Google updated Chrome; Apple issued fixes for iPhones, Macs, and more. Apple and Google's TAG were credited with the find. TAG usually tracks goverment-backed threats, like spyware.
Google updated Chrome; Apple issued fixes for iPhones, Macs, and more. Apple and Google's TAG were credited with the find. TAG usually tracks goverment-backed threats, like spyware.
A small release from Microsoft and Adobe for our final Patch Tuesday of the year, but we do have Microsoft 0-days in the wild. I'll have my thoughts about the release out soon.
December 9, 2025 at 6:06 PM
A small release from Microsoft and Adobe for our final Patch Tuesday of the year, but we do have Microsoft 0-days in the wild. I'll have my thoughts about the release out soon.
Silent patches make Zed sad :-[
It's a small release from #Microsoft and #Adobe, but there's one CVE in the wild and plently to discuss - including silent patches from October. @dustinchilds.bsky.social has his full roundup at www.zerodayinitiative.com/blog/2025/11...
Zero Day Initiative — The November 2025 Security Update Review
I’ve made it through Pwn2Own Ireland , and while many are celebrated those who served their country in the armed services, patch Tuesday stops for no one. So affix your poppy accordingly, and let’s...
www.zerodayinitiative.com
November 11, 2025 at 6:37 PM
Silent patches make Zed sad :-[
Wow - a small(ish) Patch Tuesday! Just 64 new CVEs from #Microsoft and 29 from #Adobe. One Msft CVE under active attack. I'll have my full thoughts out shortly.
November 11, 2025 at 6:05 PM
Wow - a small(ish) Patch Tuesday! Just 64 new CVEs from #Microsoft and 29 from #Adobe. One Msft CVE under active attack. I'll have my full thoughts out shortly.
Reposted by The Dustin Childs
I attended Pwn2Own in Cork ☘️ last week. I shared a review of the event on this week's episode of my podcast.
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
October 30, 2025 at 8:40 PM
I attended Pwn2Own in Cork ☘️ last week. I shared a review of the event on this week's episode of my podcast.
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
But I thought Microsoft said it wasn't worth fixing? "Microsoft classified this as low severity and this will not be patched in the immediate future." arcticwolf.com/resources/bl...
UNC6384 Weaponizes ZDI-CAN-25373 Vulnerability to Deploy PlugX Against Hungarian and Belgian Diplomatic Entities - Arctic Wolf
Arctic Wolf Labs has identified an active cyber espionage campaign by Chinese-affiliated threat actor UNC6384 targeting European diplomatic entities in Hungary, Belgium, and additional European nation...
arcticwolf.com
October 30, 2025 at 7:42 PM
But I thought Microsoft said it wasn't worth fixing? "Microsoft classified this as low severity and this will not be patched in the immediate future." arcticwolf.com/resources/bl...
Not to brag or anything, but I did predict this. I didn't predict the patch would be bypassed. *sigh* Patch kwality continues to be an issue. Go update your WSUS - again. msrc.microsoft.com/update-guide...
October 24, 2025 at 2:32 PM
Not to brag or anything, but I did predict this. I didn't predict the patch would be bypassed. *sigh* Patch kwality continues to be an issue. Go update your WSUS - again. msrc.microsoft.com/update-guide...
For the record, Maude and I are just friends. Any other rumors you may have heard are just tabloid trash. ;-]
What was bug if the day for #Pwn2Own Ireland day 3? Check it out youtube.com/shorts/PjpvU...
The Bug of Day! Pwn2Own Ireland Day 3 #pwn2own
YouTube video by Trend Zero Day Initiative
youtube.com
October 24, 2025 at 2:29 PM
For the record, Maude and I are just friends. Any other rumors you may have heard are just tabloid trash. ;-]
Reposted by The Dustin Childs
For all results of Day Three of #Pwn2Own Ireland 2025, check out the blog at www.zerodayinitiative.com/blog/2025/10... We'll be updating this with live results throughout the day.
Zero Day Initiative — Pwn2Own Ireland 2025: Day Three and Master of Pwn
Welcome to the third and final day of Pwn2Own Ireland 2025. So far, we’ve awarded $792,750 for 56 unique 0-day bugs, and we still have 17 attempts to go! We’ll be updating this blog with live results ...
www.zerodayinitiative.com
October 23, 2025 at 9:58 AM
For all results of Day Three of #Pwn2Own Ireland 2025, check out the blog at www.zerodayinitiative.com/blog/2025/10... We'll be updating this with live results throughout the day.
I asked 30 seconds or 30 minutes. They told me 30 seconds. They lied.
October 22, 2025 at 4:29 PM
I asked 30 seconds or 30 minutes. They told me 30 seconds. They lied.
Reposted by The Dustin Childs
On Day One of #Pwn2Own Ireland, we awarded $522,500 for 34 unique 0-days. Day Two is shaping up to be even better. Get ready - pwnage is coming....
youtube.com/shorts/49s0O...
youtube.com/shorts/49s0O...
Kicking Off Pwn2Own Ireland 2025 Day Two #shorts
YouTube video by Trend Zero Day Initiative
youtube.com
October 22, 2025 at 7:52 AM
On Day One of #Pwn2Own Ireland, we awarded $522,500 for 34 unique 0-days. Day Two is shaping up to be even better. Get ready - pwnage is coming....
youtube.com/shorts/49s0O...
youtube.com/shorts/49s0O...
Ya love to see it. I smell a melon party in our future...
October 21, 2025 at 12:36 PM
Ya love to see it. I smell a melon party in our future...
So great to see - and 8 bugs??!?
October 21, 2025 at 10:52 AM
So great to see - and 8 bugs??!?
Getting closer to a melon party!
October 21, 2025 at 9:16 AM
Getting closer to a melon party!
Maude and I will be up to no good this whole week.
Get ready for Day One of #Pwn2Own Ireland 2025. We have 17 entries today, including a SOHO Smashup and a Sonos Era 300 exploit. It should bee spooktackular! #P2OIreland
youtube.com/shorts/twm8d...
youtube.com/shorts/twm8d...
P2O ZDI DAY 1 Kickoff
YouTube video by Trend Zero Day Initiative
youtube.com
October 21, 2025 at 7:59 AM
Maude and I will be up to no good this whole week.
Reposted by The Dustin Childs
Day One of #Pwn2Own Ireland starts with four attempts at once - including a SOHO Smashup! #P2OIreland
October 21, 2025 at 7:50 AM
Day One of #Pwn2Own Ireland starts with four attempts at once - including a SOHO Smashup! #P2OIreland
Reposted by The Dustin Childs
We're 30 minutes out from the live stream where we draw for the order of events for #Pwn2Own Ireland. You can watch it on LInkedIn or on YouTube at youtube.com/live/IzFsuXx...
Pwn2Own Ireland 2025: Drawing for Order
YouTube video by Trend Zero Day Initiative
youtube.com
October 20, 2025 at 1:27 PM
We're 30 minutes out from the live stream where we draw for the order of events for #Pwn2Own Ireland. You can watch it on LInkedIn or on YouTube at youtube.com/live/IzFsuXx...
Reposted by The Dustin Childs
It’s always DNS.
> Based on our investigation, the issue appears to be related to DNS resolution of the DynamoDB API endpoint in US-EAST-1.
there it is
there it is
October 20, 2025 at 9:36 AM
It’s always DNS.
The Cliffs of Insanity! Er…. I mean Moher.
October 19, 2025 at 12:36 PM
The Cliffs of Insanity! Er…. I mean Moher.
It looks even better in real life. Who will claim it?
October 16, 2025 at 4:48 PM
It looks even better in real life. Who will claim it?
Reposted by The Dustin Childs
Announcing #Pwn2Own Automotive 2026! We're heading back to Tokyo and we're adding new targets Level 3 charging thanks to #Aplitronic & the OCTT thanks to the @openchargealliance.org. Tesla is back, too. Check out the details at www.zerodayinitiative.com/blog/2025/10...
Zero Day Initiative — Pwn2Own Automotive Returns to Tokyo with Expanded Chargers and More!
If you just want to read the rules, click here . Now entering its third year, Pwn2Own Automotive returns to Automotive World in Tokyo on January 21 – 23, 2026. Over the last two years, ...
www.zerodayinitiative.com
October 16, 2025 at 3:07 PM
Announcing #Pwn2Own Automotive 2026! We're heading back to Tokyo and we're adding new targets Level 3 charging thanks to #Aplitronic & the OCTT thanks to the @openchargealliance.org. Tesla is back, too. Check out the details at www.zerodayinitiative.com/blog/2025/10...
Reposted by The Dustin Childs
It's #Microsoft's biggest monthly release ever with more than 170 CVEs addressed - including 3 0-days being exploited in the wild. #Adobe had a small release, with a few interesting items. Join Dustin Childs as he breaks down a spooky patch Tuesday www.zerodayinitiative.com/blog/2025/10...
Zero Day Initiative — The October 2025 Security Update Review
I’m currently in Cork, Ireland as we prepare for Pwn2Own Ireland, but that doesn’t stop patch Tuesday from coming. Take a break from your scheduled activities and let’s take a look at the latest secur...
www.zerodayinitiative.com
October 14, 2025 at 6:43 PM
It's #Microsoft's biggest monthly release ever with more than 170 CVEs addressed - including 3 0-days being exploited in the wild. #Adobe had a small release, with a few interesting items. Join Dustin Childs as he breaks down a spooky patch Tuesday www.zerodayinitiative.com/blog/2025/10...
Come on @adobe.com - why are your security updates so late these days??!? I know I'm being impatient, but I gots blogs to publish and such! #PatchTuesday
October 14, 2025 at 5:56 PM
Come on @adobe.com - why are your security updates so late these days??!? I know I'm being impatient, but I gots blogs to publish and such! #PatchTuesday