Advertisement · 728 × 90

Posts by Daniel Weber

StackWarp

For more details on the discovery process and our findings, we refer to our research paper, which is published at USENIX Security 2026.

paper: stackwarpattack.com
github: github.com/cispa/StackW...

\cc Tristan Hornetz, @d-we.bsky.social, Fabian Thomas, @misc0110.bsky.social

3 months ago 2 1 1 0
Video

Today we reveal StackWarp: a new CPU vulnerability exploiting a synchronization bug in AMD’s stack engine across Zen 1–5 CPUs. It enables deterministic manipulation of Confidential VM's stack pointer, allowing RCE and privilege escalation via both control- and data-flow hijacking.

3 months ago 31 13 1 0
Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting

for more info: s.roots.ec/spy-sheets

1 year ago 1 0 0 0
Post image

@ltrampert.bsky.social and I just gave a talk at Black Hat Asia showing how CSS can be abused to deanonymize you when opening an email!
cc: @blackhatevents.bsky.social #BHASIA25

1 year ago 4 0 1 0

Heading to Black Hat Asia now! @ltrampert.bsky.social and I will give a briefing about deanonymizing users not only on the web but also in their email clients! #bhasia

1 year ago 4 0 0 0
Post image

Just gave a keynote at #Ruhrsec about threat models, Side channels, fault attacks, how the evolve and how we should approach them...

1 year ago 15 4 0 0