Diego Palacios
- Cybersecurity Engineer
- Low-Level Security
- Vulnerability Research
|=----------------------------=[ About ]=-----------------------------=||=----------------=[ About ]=-----------------=|
I’m Diego Palacios, currently working as a Cyber Risk & Security Engineer at WTW (Western Europe).
I specialize in low-level vulnerability research and exploit development, particularly targeting hypervisors.
I previously worked as an intern at Exodus Intelligence, conducting N-day vulnerability research focused on hypervisors.
I have discovered multiple CVEs, including vulnerabilities in Oracle VirtualBox (CVE-2026-35247, a guest-to-host information disclosure enabling ASLR bypass), and published N-day exploits for CVE-2023-22098 (VirtualBox VM escape, writeup featured in Exploits.club) and CVE-2023-4911 (Looney Tunables LPE).
I have also represented Team Spain at the European Cybersecurity Challenge (ECSC) 2022 and won the Guardia Civil CyberLeague, one of the largest cybersecurity competitions in Spain.
I graduated top of my class in Cybersecurity Engineering (9.25 GPA, 23 Honors) and hold an MSc in Cybersecurity.