Pulling Gemini Secrets and Windows HVPT

Pulling Gemini Secrets and Windows HVPT

From Day[0] by dayzerosec

April 16, 2025 · 1h 33m · Season 1 · Episode 280

About this episode

This episode discusses vulnerabilities in Gemini's Python sandbox, misuse of private iOS APIs by banks, and Windows' new HVPT technology.

A long episode this week, featuring an attack that can leak secrets from Gemini's Python sandbox, banks abusing private iOS APIs, and Windows new Hypervisor-enforced Paging Translation (HVPT). Links and vulnerability summaries for this episode are available at: https://dayzerosec.com/podcast/280.html [00:00:00] Introduction [00:00:18] Doing the Due Diligence - Analyzing the Next.js Middleware Bypass [CVE-2025-29927] [00:29:20] We hacked Google’s A.I Gemini and leaked its source code (at least some part) [00:44:40] Improper Use of Private iOS APIs in some Vietnamese Banking Apps [00:55:03] Protecting linear address translations with Hypervisor-enforced Paging Translation (HVPT) [01:06:57] Code reuse in the age of kCET and HVCI [01:13:02] GhidraMCP: LLM Assisted RE [01:31:45] Emulating iOS 14 with qemu Podcast episodes are available on the usual podcast platforms: -- Apple Podcasts: https://podcasts.apple.com/us/podcast/id1484046063 -- Spotify: https://open.spotify.com/show/4NKCxk8aPEuEFuHsEQ9Tdt -- Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy9hMTIxYTI0L3BvZGNhc3QvcnNz -- Other audio platforms can be found at https://anchor.fm/dayzerosec You can…

Topics covered

  • cybersecurity
  • vulnerability analysis
  • iOS APIs
  • banking security
  • hypervisor technology
  • AI security

Keywords

  • Gemini
  • iOS
  • HVPT
  • Next.js
  • CVE-2025-29927
  • GhidraMCP
  • qemu
  • cybersecurity
  • vulnerabilities

Mentioned in this episode

Organizations: Gemini, iOS, Google, Vietnamese Banking Apps

Products: Hypervisor-enforced Paging Translation (HVPT), Next.js, GhidraMCP, qemu

More episodes of Day[0]

Explore listener stats, chart rankings, contacts and more on the Day[0] podcast page.