A long episode this week, featuring an attack that can leak secrets from Gemini's Python sandbox, banks abusing private iOS APIs, and Windows new Hypervisor-enforced Paging Translation (HVPT).

Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/280.html

[00:00:00] Introduction

[00:00:18] Doing the Due Diligence - Analyzing the Next.js Middleware Bypass [CVE-2025-29927]

[00:29:20] We hacked Google’s A.I Gemini and leaked its source code (at least some part)

[00:44:40] Improper Use of Private iOS APIs in some Vietnamese Banking Apps

[00:55:03] Protecting linear address translations with Hypervisor-enforced Paging Translation (HVPT)

[01:06:57] Code reuse in the age of kCET and HVCI

[01:13:02] GhidraMCP: LLM Assisted RE

[01:31:45] Emulating iOS 14 with qemu

Podcast episodes are available on the usual podcast platforms:

-- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063

-- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt

-- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz

-- Other audio platforms can be found at https://anchor.fm/dayzerosec

You can also join our discord: https://discord.gg/daTxTK9