ZeroDayCommission is a weekly, high signal security briefing by OrbitCurve, focused on niche offensive and research heavy domains: fault injection, MCU exploitation, µarch, hypervisors, compilers, and hardware reverse engineering. We curate for material you can use new primitives, reproducible PoCs, and techniques that transfer across targets. No fluff, just the week’s best links, what changed, and why it matters.

Byte Brief

• New England Hardware Security Day 2026
  Call for Contributions ->The 6th New England Hardware Security Day 2026 (NEHWS) will be held at Tufts Uni- versity on Friday, April 24, 2026. The organizers and program committee invite submission of proposals for talks, announcements, and posters

Reads and Resources

• [CB25]How to Hack Any Micro-controller with a Raspberry Pi Pico - Code Blue has released their set of talks, and this talk has caught my eye.
• COSIC seminar "Building Better Sledgehammers to Build Better Security" (Colin O'Flynn)
• Building a C compiler with a team of parallel Claudes - Anthropic has built a full C compiler where they tasked Opus 4.6 using agent teams to build a C Compiler.
• Understanding and Experimenting with Apple's PAC on iOS - The article covers understanding Pointer Authentication Codes on iOS through hands-on experiments.
• Bryan Cantrill: Andreessen’s Folly - The False Dichotomy of Software and Hardware - Bryan Cantrill pushes back on Marc Andreessen’s “Why Software Is Eating the World” by questioning the vagueness of “software” itself. He walks through its roots, from Euclid to early mainframes, then grounds the argument in reality with three brutal low level bugs his company Oxide hit while building systems from scratch. The through line is that abstractions only get you so far. Without understanding the hardware beneath them, you do not really understand software at all, echoing Alan Kay’s claim that people serious about software eventually have to do their own hardware.

Tooling and More

• The Benefits of Using a Rack to Keep Your Workbench Tidy
• A Higher-End Pico-Based Oscilloscope
• Applied Hardware Defences: Secure Boot and Encrypted Firmware - BlackHat Asia 2026 has an applied hardware defences training open

Until Next Time

Thanks for checking out our first newsletter issue. ZeroDayCommission is run by OrbitCurve, and if you have any feedback or anything you’d like to share, feel free to email hussein@orbitcurve.com. I’ll get back to you within 3 hours.