Research
Security Research Blog
Research and analysis from LucidBit Labs on software security, reverse engineering, mobile application vulnerabilities, and complex systems.
-
Read: Remote Unauthenticated Memory Safety Flaw in Firedancer's Packet Path →
Remote Unauthenticated Memory Safety Flaw in Firedancer's Packet Path
LucidBit Labs discovered a remote unauthenticated memory safety flaw in Firedancer's XDP packet path, recovered a realistic GRE delivery path, and earned a $100,000 Immunefi bounty after demonstrating remote crash impact.
2026-04-09 -
Read: Strong Cryptography, Weak Assumptions: Breaking Trust in Mobile Crypto Wallets →
Strong Cryptography, Weak Assumptions: Breaking Trust in Mobile Crypto Wallets
LucidBit Labs vulnerability research reveals how application-level failures in a mobile crypto wallet bypassed strong cryptography, exposing users to real financial risk.
2026-02-25 -
Read: Bypassing Commercial RASP and Root Detection - A Reality Check →
Bypassing Commercial RASP and Root Detection - A Reality Check
We bypassed leading Android root-detection SDKs and show what that means for banking, government-ID and anti-fraud apps running on rooted devices.
2025-06-30