About
I am a security researcher working at the intersection of AI and security: AI agent security, LLM attack & defense, and AI-driven threat detection at scale. A multiple-time Pwn2Own champion and Pwnie Award winner with hundreds of critical CVEs, I now focus on bringing two decades of top-tier offensive security into the AI era. I built OpenCyvis, an open-source AI phone and a working exercise in security design for AI agent systems: the agent stack and model choice are fully open — users can audit the code, run local models on-device, and control where their data goes — a blueprint for controllable, auditable AI-native systems. On the industry side, I lead AI-based large-scale fraud fighting and anomaly detection (AI for Security), applying LLMs and multi-modal detection to real-world abuse in advertising and marketing.
I am Senior Director and Chief Security Researcher at JD.com Group, where I founded Xiezhi Security Lab (also known as Dawn Security Lab), covering advanced security research, threat intelligence, and strategic security infrastructure. I also serve as a doctoral management trainee mentor and TGT (Tech Genius Team) mentor at JD.com, supervising multiple PhDs and top technical talents.
More recently, my research has expanded into device-side Trusted Execution Environments (TEE) and trusted computing — leveraging hardware-rooted isolation such as ARM TrustZone, secure enclaves, and confidential computing to protect on-device AI models, cryptographic keys, and sensitive user data, and to establish verifiable, remotely-attestable trust for AI-native systems running at the edge.
Previously, I led Pinduoduo's security team and built its security infrastructure from the ground up. Before that, I was at the Keen Security Lab of Tencent, focusing on cutting-edge vulnerability research and mobile security. I am the winner of Pwn2Own 2016, Mobile Pwn2Own 2016 and 2017, having successfully pwned the newest macOS and Android systems and earning the Master of Pwn title. I was an early founding member of Blue Lotus, Asia's first CTF team to reach the DEF CON Finals, and a founding member of Zhejiang University's AAA CTF Team and Cybersecurity Association.
My research has been presented at Black Hat, DEF CON, and CanSecWest. I am a multiple-time Pwn2Own champion and the recipient of the 2022 Pwnie Award for Best Privilege Escalation Bug. I have been credited by Google, Samsung, Apple, and Huawei for discovering hundreds of critical CVEs, and have published at ACM ISSTA, USENIX, and other leading venues. I am a committee member and judge of the international hacking competition GeekPwn, and an Executive Committee Member of the China Computer Federation (CCF) Technical Committee on Security and Privacy.
Recent Highlights
- 2026 — ARKDecompiler, the decompiler for HarmonyOS Next, accepted at Black Hat USA Arsenal
- 2026 — Served as judge of China's first Agent Security Attack-Defense Championship, with 610 competing teams · covered by China Daily
- 2025 — Open-source AI phone OpenCyvis released, featured on XDA
- 2025 — Talks at DEF CON 33 and CanSecWest: resurrecting LaunchAnywhere privilege escalation on Android
- 2024 — Black Hat USA talk on Mac security reached the front page of Hacker News; AI × security papers published at ISSTA 2024 (CCF-A) and Data Intelligence
Projects & Open Source
- OpenCyvis — open-source AI phone: an auditable, user-controlled AI agent system with virtual display and on-device local LLM support
- ARKDecompiler — decompiler for HarmonyOS Next (Ark bytecode) · Black Hat USA Arsenal 2026
- RIDE — highly-precise systematic automatic bug hunting framework for Android systems · Black Hat USA Arsenal 2022
- PMDET — fuzzing-based detection tool for Android Parcel Mismatch bugs · Black Hat Asia Arsenal / SANER 2024
Publications & Talks
AI × Security
- Uncovering and Mitigating the Impact of Code Obfuscation on Dataset Annotation with Antivirus Engines. ISSTA 2024, Vienna. 2024. CCF-A
- Detecting Novel Malware Classes with a Foundational Multi-Modality Data Analysis Model. Data Intelligence. 2024.
Systems & Mobile Security
- From Breakthrough to Completeness: ARKDecompiler — The Decompiler for HarmonyOS Next. Black Hat USA Arsenal, Las Vegas. 2026. BH Arsenal
- BadResolve: Bypassing Android's Intent Checks to Resurrect LaunchAnywhere Privilege Escalations. CanSecWest, Vancouver. 2025.
- Dead Made Alive Again: Bypassing Intent Destination Checks and Reintroducing LaunchAnyWhere Privilege Escalation. DEF CON 33, Las Vegas. 2025. DEF CON
- Unveiling Mac Security: A Comprehensive Exploration of Sandboxing and AppData TCC. Black Hat USA, Las Vegas. 2024. BH USA
- PMDET: A new fuzzing-based detection tool for Android Parcel Mismatch bugs. SANER 2024, Finland. 2024. CCF-B
- PMDET: A new fuzzing-based detection tool for Android Parcel Mismatch bugs. Black Hat Asia Arsenal, Singapore. 2024. BH Arsenal
- RIDE: Efficient Highly-Precise Systematic Automatic Bug Hunting in Android Systems. Black Hat USA Arsenal, Las Vegas. 2022. BH Arsenal
- Mystique in the House: The Droid Vulnerability Chain that Owns All Your Applications. CanSecWest, Vancouver. 2022.
- The Hidden RCE Surfaces That Control the Droids. Black Hat Asia, Singapore. 2022. BH Asia
- La La Land: Theory and Practice on Large-Scale Static Bug Hunting for Android Systems. MOSEC, Shanghai. 2022.
- DroidCorn: A Practical New Framework for Blackbox Android Binary Fuzzing. MOSEC, Shanghai. 2020.
- Pwning the Nexus of Every Pixel. CanSecWest, Vancouver. 2017.
- Subverting Apple Graphics: Practical Approaches to Remotely Gaining Root. Black Hat USA, Las Vegas. 2016. BH USA
- Escaping the Sandbox by Not Breaking it. DEF CON, Las Vegas. 2016. DEF CON
- Don't trust your eyes — Apple Graphics is compromised! CanSecWest, Vancouver. 2016.
- Hey Your Parcel Looks Bad — Fuzzing and Exploiting Parcel-ization Vulnerabilities in Android. Black Hat Asia, Singapore. 2016. BH Asia
- Shooting the OSX El Capitan Kernel Like a Sniper. REcon, Montreal. 2016.
- Hacking Phones from 2013 to 2016. Seoul, Korea. 2016.
- Vulnerabilities in the third-party SDKs of Android applications. HITCON, Taipei. 2015.
Honors & Awards
- Pwnie Award — Best Privilege Escalation, Black Hat USA, Las Vegas. 2022.
- Pwn2Own Champion & Master of Pwn, Tokyo and Vancouver. 2016, 2017.
- Pwnie Award Nominee, Black Hat USA, Las Vegas. 2017.
- Multiple top internal technical honors at JD.com and Tencent, including Tencent's company-level Technical Breakthrough Award and JD Group Hackathon 1st Prize (2025).
- Google Security Hall of Fame — Top 10 in Android Category.
- Samsung Security Hall of Fame — Ranked #6 (2021, 2022).
- Huawei Security Hall of Fame — Ranked #3 (2020).
Professional Service
- Judge, China's first Agent Security Attack-Defense Championship. 2026.
- Competition Judge, GeekPwn & GeekCon (international top security competition)
- Executive Committee Member, China Computer Federation (CCF) Technical Committee on Security and Privacy
- Mentor, JD.com TGT (Tech Genius Team) — Top Global Talent Program
- Cyber Security Committee Member, Beijing 2022 Winter Olympics
- Tencent Cloud TVP (Most Valuable Professional). 2025.
- Judge, Tencent Cloud Hackathon
Education
- Zhejiang University — B.Eng. in Computer Science and Technology
- Hong Kong University of Science and Technology — Visiting Scholar, Department of Software Engineering. Advisor: Prof. Shing Chi Cheung.
Selected Coverage
- 610 Teams Compete in China's First Agent Security Attack-Defense Championship — China Daily, 2026
- OpenCyvis — open-source AI phone agent with Virtual Display + local LLM support — XDA Forums, 2025
- Unveiling Mac Security: Comprehensive Exploration of Sandboxing and AppData TCC — Hacker News, 2024
- Highlights of the 2022 Pwnie Awards — Dark Reading, 2022
- Interview with Flanker: A Decade of Hardship, Yet Passion Remains Unquenched — KanXue Security Forum, 2020
- Nexus 6P, iPhone 6S Hacked at Mobile Pwn2Own 2016 — SecurityWeek, 2016
- ZJU Student Wins Top Hacking Competition, Breaks Google Nexus in 10 Seconds — Qianjiang Evening News (via ZJU), 2016
- ZJU Hacker Team Wins Pwn2Own World Championship — Huanqiu, 2017
- Pwn2Own 2016 — Tencent Keen Security Lab Wins — Security Affairs, 2016
- Pwn2Own 2016: Chrome, Edge, and Safari hacked, $460K awarded — VentureBeat, 2016
- Chinese Hackers won $215,000 for Hacking iPhone and Nexus at Mobile Pwn2Own — The Hacker News, 2016
- People's Daily: Tencent and 360 Security Nominated for Pwnie Award — People's Daily, 2017
- Interview: How to Make Wearable Devices More Secure? — 21st Century Business Herald, 2015
CVE Research
Credited by Google, Apple, Samsung, Huawei, Oppo, and others for discovering hundreds of critical vulnerabilities across Android, iOS, macOS, Chrome, and major vendor ecosystems.
Show full CVE list
Patents
- Methods, Devices, Systems and Equipment for Vulnerability Detection in Application Installation Packages · CN121479793A · 2026