the grugq's newsletter

September 10, 2025

September 10, 2025

September 10, 2025 wow... great finds. good writeup, worth a read! :) and if you've ever been to burgerking drivethru, AI is analyzing your convos ;D...

September 9, 2025

September 9, 2025

September 9, 2025 Great technical writeup on how NodeZero solves Game of Active Directory (GOAD):TL;DR – How NodeZero Solved GOAD in 14 Minutes:NodeZero...

September 8, 2025

September 8, 2025

September 8, 2025 In this paper, we present CVE-GENIE, an automated, large language model (LLM)-based multi-agent framework designed to reproduce real-world...

September 7, 2025

September 7, 2025

September 7, 2025 Extensive analysis of PHRACK's "North Korea Files"🇰🇵https://t.co/xLHGlM0NyK🔥 “the most comprehensive and technically intimate disclosures”...

September 6, 2025

September 6, 2025

September 6, 2025 Did you know that we have over 50 talks from past years of CYBERWARCON available on our YouTube? Catch them here >...

September 5, 2025

September 5, 2025

September 5, 2025 🚨 Czech cybersecurity agency NÚKIB issues HIGH threat warning about data transfers to China and remote administration of technical assets...

September 4, 2025

September 4, 2025

September 4, 2025 Between Two Nerds: How threat actors are using AI to run wild - Risky Business Media The Gentlemen Hackers interviewing Halvar Flake:...

September 2-3, 2025

September 3, 2025

September 2-3, 2025 NEW: The standards of the US Telephone Security Group (TSG), to prevent phones from being turned into a listening...

September 1, 2025

September 1, 2025

September 1, 2025 Was in a bookshop and asked a worker if he could recommend books to me. He said "Sure, they're great".— Andy Ryan (@ItsAndyRyan) August 30,...

August 30–31, 2025

August 31, 2025

August 30–31, 2025 New: Tesla said it didn't have critical data in a fatal crash. Then a hacker found it. "For any reasonable person, it was obvious the data...

August 29, 2025

August 29, 2025

August 29, 2025 I'm once again looking at the epic 20-part essay which Ian Lance Taylor wrote about linkers https://t.co/DKtvyCiP6r - did anyone ever write...

August 28, 2025

August 28, 2025

August 28, 2025 #ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b...

August27, 2025

August 27, 2025

August27, 2025 2025 State of the Internet Report: Summary and Conclusionshttps://t.co/rmgBK1198Q(Screenshot: PolarEdge infections as of 5 August 2025)...

August 26,2025

August 26, 2025

August 26,2025 excellent writeup that highlights how many 0-days are simply asking nicely for something. https://t.co/4GZmKR2wme pic.twitter.com/QfhZfZ2bSf—...

August 25, 2025

August 25, 2025

August 25, 2025 David Gerard: "latest hilarity: Perplexity, the AI search engin…" - GSV Sleeper Servicelatest hilarity: Perplexity, the AI search engine,...

August 24, 2025

August 24, 2025

August 24, 2025 daisy-chaining wifi networks to reach a hard target is 🆆🅸🅻🅳but operational "sophistication" is often the clean up 🧹 https://t.co/fHcIv8Q3mD...

August 23, 2025

August 23, 2025

August 23, 2025 Brief info and POC for this week's Apple 0click iOS 18.6.1 RCE bug CVE-2025-43300 https://t.co/EL3qg56N8X pic.twitter.com/j8yuv1CXU7—...

August 22, 2025

August 22, 2025

August 22, 2025 AWS CEO says using AI to replace junior staff is 'Dumbest thing I've ever heard' “I think the skills that should be emphasized are how do you...

August 21, 2025

August 22, 2025

August 21, 2025 Reading G-2 "#Counterintelligence Situation in China Theater" Report from 1946. "On the purpose of collecting information from the American...

August 20, 2025

August 20, 2025

August 20, 2025 Never considered it before until now.Abuse Microsoft AI copilot to "live off the land" and perform automated malicious tasks by simply...

August 18, 2025

August 19, 2025

August 18, 2025 At @defcon, I presented my research on client-side deanonymization attacks in @Google's Privacy Sandbox! Privacy research doesn't get as much...

August 16-17, 2025

August 17, 2025

August 16-17, 2025 The previous thread glossed over how our LLM Agents actually work.The truth is, it took us a long time to figure out how to get reliable...

August 15, 2025

August 15, 2025

August 15, 2025 Russian hackers seized control of Norwegian dam, spy chief says | Russia | The GuardianBeate Gangås says attack in April by Norway’s...

August 14, 2025

August 14, 2025

August 14, 2025 NewTaiwan’s New Naval Drones Could Strike Any Chinese Invasionhttps://t.co/vBKXtTZ5A5— H I Sutton (@CovertShores) August 13, 2025 Wrapped up...

August 13, 2025

August 13, 2025

August 13, 2025 If you missed this talk at BH/DC last week, it's worth a read: "From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial...

August 12, 2025

August 12, 2025

August 12, 2025 ThinkstKeeping up with security research is near impossible. ThinkstScapes helps with this. We scour through thousands of blog posts, tweets...

August 11, 2025

August 11, 2025

August 11, 2025 Phrack #72 release reveals TTPs, backdoors and targets of a Chinese/North Korean state actor mimicking KimsukyA copy of his workstation data...

August 10, 2025

August 10, 2025

August 10, 2025 You can't bug hunt your way to security. AI doesn't change that.— Sean Heelan (@seanhn) August 7, 2025...

August 9, 2025

August 9, 2025

August 9, 2025 That time when @tehjh was just reviewing a new Linux kernel feature, found a security vuln, then went on a journey to see if he could exploit...

August 8, 2025

August 8, 2025

August 8, 2025 we got a persistent 0click on ChatGPT by sharing a docthat allowed us to exfiltrate sensitive data and creds from your connectors (google...

August 7, 2025

August 7, 2025

August 7, 2025 This might be the first time the Swiss weren't able to reach a financial deal with nazis [contains quote post or other embedded content] — Sam...

August 6, 2025

August 6, 2025

August 6, 2025 https://www.usenix.org/conference/usenixsecurity25/presentation/beitis KGB Stuff by Filip Kovacevic | SubstackKGB secrets you may want to know...

August 4-5, 2025

August 5, 2025

August 4-5, 2025 ai app so good it XSSes itself pic.twitter.com/4CdK2dwQqY— PatRyk (@Patrosi73) August 3, 2025 For years I have heard that MacOS is more...

August 3, 2025

August 3, 2025

August 3, 2025 Weeks ago I shared on LinkedIn about my quick thoughts why LLMs are useful for web pentesting:“IMO why LLMs are helpful in web black box...

August 2, 2025

August 2, 2025

August 2, 2025 [2506.11060] Code Researcher: Deep Research Agent for Large Systems Code and Commit HistoryLarge Language Model (LLM)-based coding agents have...

August 1, 2025

August 1, 2025

August 1, 2025 boB Rudis 🇺🇦 🇬🇱 🇨🇦: "🆕 GreyNoise Research: Early Warning Signals Befor…" - MastodonAttached: 2 images 🆕 GreyNoise Research: Early Warning...

July 31, 2025

July 31, 2025

July 31, 2025 Interesting and detailed explanation of how smartphones can be intercepted through the vulnerabilities of the SS7 signaling...

July 30, 2025

July 30, 2025

July 30, 2025 Top Lawyer for National Security Agency Is Fired https://t.co/kMbvqM95Ml— Dr. Dan Lomas (@Sandbagger_01) July 29, 2025 from "China’s Lessons...

July 29, 2025

July 29, 2025

July 29, 2025 Terence Tao: "In the field of cybersecurity, a distinction is m…" - MathstodonIn the field of cybersecurity, a distinction is made between the...

July 28, 2025

July 28, 2025

July 28, 2025 Modern Binary Exploitation by @RPISEC. This was a university course developed and run solely by students to teach skills in vulnerability...

July 27, 2025

July 27, 2025

July 27, 2025 Just finished a new blog sharing an interesting example demonstrating the power of cross-operating system vulnerability variant analysis! Check...

July 26, 2025

July 26, 2025

July 26, 2025 It's been months since https://t.co/70znqJx6hO went down and (apparently?) lost all of its data. I have a local copy of everything(ish). I made...

July 25, 2025

July 25, 2025

July 25, 2025 https://t.co/bEGbFvtNiE pic.twitter.com/VqkRK8aaYJ— Zack Witten (@zswitten) July 24, 2025 BlackHat-MEA-2024-slides/BH MEA 2024 - Reverse...

July 24, 2025

July 24, 2025

July 24, 2025 Introducing Loki, a software obfuscation approach designed to withstand all known automated deobfuscation attacks.This method efficiently...

July 23, 2025

July 23, 2025

July 23, 2025 https://www.theregister.com/2025/07/21/replit_saastr_vibe_coding_incident/?td=rt-3a MSTIC blog on Sharepoint exploitation At least 3 actors...

July 22, 2025

July 22, 2025

July 22, 2025 The #CIA has to adjust to a world where everyone's activities and movements are being watched and stored and analysed by artificial...

July 20, 2025

July 20, 2025

July 20, 2025 101 Chrome Exploitation — Part 0: Preface We are starting a new series on modern browsers' architecture and their exploitation using Chrome as...

July 19, 2025

July 19, 2025

July 19, 2025 Very interesting view. Social media, traditional media, blogs, etc give voices to single individuals, while LLMs sample among many....

July 18, 2025

July 18, 2025

July 18, 2025 One of the very first tools/projects I released back in early 2022 looked at hosting malware via DNS records and then retrieving+reassembling....

July 17, 2025

July 17, 2025

July 17, 2025 https://t.co/b0CJjfm4eB pic.twitter.com/PhAlnlIKrI— Silas Cutler // p1nk (@silascutler) July 17, 2025 This is so much! 🔥🔥😎Found two new Potato...