About

Hi! I’m Maddie Stone. 👋

From 2023-2024 I worked at Google’s Threat Analysis Group to lead the new Exploits Mission which expanded the in-the-wild 0-day work I began on Project Zero. We published a report about the spyware companies in 2024 called “Buying Spying: How the commercial surveillance industry works and what can be done about it”.

From 2019-2023 I worked as a Security Researcher at Google Project Zero where I focused on 0-day exploits used in the wild. I searched for them, analyzed them, learned from them, and wrote about them. You can find our team’s work on the Project Zero blog.

If you’re interested in learning more about me, Lily Hay Newman wrote a too nice profile of me for Wired: “The Unsinkable Maddie Stone, Google’s Bug-Hunting Badass”

Previously, I worked as a reverse engineer on the Android Security team at Google. I focused on hunting malware for Google Play Protect.

Before that I worked at the Johns Hopkins Applied Physics Lab where I focused on the security of embedded devices: all the layers from the chip to the firmware.

Through all of these endeavors, I’ve loved to speak at conferences and teach workshops to share all the fun. You can check out my different talks on the Speaking Engagements page. Workshops are linked on the Workshops & Tutorials page or on my YouTube.

I earned my Bachelors in Science with a double major in Computer Science and Russian and a minor in Applied Mathematics & Statistics from Johns Hopkins University. I also earned a Masters of Science in Computer Science from Johns Hopkins University.

Outside of computers, I spend my time hiking (I hiked Kilimanjaro in 2019!), weight lifting, reading (love me a good beach read), and telling dad jokes.