Nowadays, memory corruption vulnerabilities are well understood, and various mitigation techniques have become state-of-the-art. Nevertheless, the underlying hardware can still contain bugs that can be exploited from the software domain. These hardware bugs often have devastating consequences as they allow attackers to take over entire systems without relying on a single software bug. In this talk, we explore the past and recent development of hardware bugs that allow full system takeovers. Specifically, we focus on software-mountable exploit techniques that attackers can abuse to alter a system's memory content to their liking — consequently hijacking systems. We briefly introduce architectural hardware bugs with the example of Rowhammer, a powerful but restricted fault-attack primitive. Then, we move on to recently discovered attacks and discuss how the CacheWarp vulnerability yields a primitive to drop memory writes of virtual machines (VMs) and use it to gain highest privileges in such a VM. Afterward, we focus on how researchers and defenders can build automatic tools to find such vulnerabilities. As an example, we demonstrate how we developed a hardware fuzzer that found the GhostWrite vulnerability, a recently discovered simple-to-exploit hardware vulnerability that bypasses all security isolations on affected CPUs. Finally, we look at future offensive and defensive trends in this research field.