Archive • the grugq's newsletter

April 2, 2025 I got 14 new Apple CVEs in this release😎 https://t.co/kut6EI5xdE pic.twitter.com/e0U2Khf3hv— Mickey Jin (@patch1t) April 1, 2025 A while back...

April 1, 2025 Synthetics Implemented Right @leveragesir has been hacked for $355kThis is a clever attack. In the vulnerable contract Vault...

March 31, 2025 What would you do if you could spy on SMS messages? @theredguild and @opsek_io have identified SLOVENLY COMET, a threat actor which has been...

March 30, 2025 A good read: The Security Conversation – Adversary Fan Fiction Writers GuildIs Offensive Security just security testing? No. Offensive...

March 29, 2025 BlackLock Ransomware Exposed After Researchers Exploit Leak Site VulnerabilityBlackLock's misconfigured leak site exposed internal commands,...

March 28, 2025 Status update For those of you who reached out about the earthquake, I’m fine thank you. I spent a few hours sitting outside with my dog....

March 27, 2025 grugq on cyber in Europe I spoke to Sven at Interface yesterday about some cyber issues with Europe. The video is online already: EXCLUSIVE:...

March 26, 2025 THC's memexec now supports x86_64, aarch64, arm6/7 and mips64. The perl version is a 1-liner (cat /usr/bin/id | memexec) :> Helps to overcome...

March 25, 2025 Attackers love poking around SSO dashboards, so we gave them something to find! Drop a Fake SAML IdP App Canarytoken in your IdP -- if anyone...

March 24, 2025 https://t.co/1CH1WoMwKfImplemented arbitrary webkit code execution on iPhone (not PAC devices).You can chaining other exploits if you want for...

March 23, 2025 Landrun Run any Linux process in a secure, unprivileged sandbox using Landlock LSM. Think firejail, but lightweight, user-friendly, and baked...

March 22, 2025 Farewell to one of the most important spies of the Cold War. Oleg Gordievsky has died. A KGB officer who spied for MI6, he supplied vital...

March 21, 2025 https://x.com/ethicalchaos/status/1902481711109214484 People seem to fear vulnerability discovering and exploiting AI, but I worry more about...

March 20, 2025 This has the potential to be either horrible or not: https://t.co/3x859Lb4e6BLUF: Despite the rise of 32-bit devices, a large number of legacy...

March 19, 2025 Secure Annex - Enterprise Browser Extension Security & Management PlatformAn investigation into buying access to browsers through extensions...

March 18, 2025 Big day for Chinese threat intelMSS outs 4 alleged members of Taiwan's Information, Communications & Electronic Force Command, links them to...

March 17, 2025 For those interested in the browser cache smuggling attack I presented yesterday, you will find the full blogpost here...

March 16, 2025 #SpyNews - week 11 (March 9-15):A summary of 71 espionage-related stories from week 11 coming from...

March 15, 2025 $55000[382291459][wasm]Arbitrary Wasm type confusion is now openhttps://t.co/EbwB5VJeedPoC(exploits the hash collision + type confusion,...

March 14, 2025 Some exciting research to share from Binarly REsearchers @cci_forensics and @pagabuc -- a novel approach to UEFI bootkit detection. 🔥Read the...

March 13, 2025 Is this memory safety here in the room with us?@halvarflake posted slides for his keynote talk about the recent trends to resolve the problem...

March 12, 2025 In-Depth Technical Analysis of the Bybit Hack #Lazarushttps://t.co/chfR1uQ7Wg pic.twitter.com/dqMCJEBpiK— blackorbird (@blackorbird) March 11,...

March 11, 2025 In Russia’s cyber ecosystem, even FSB officers aren’t untouchable. CSI fellow @jshermcyber dives into the sentencing of an officer who took...

March 10, 2025 Here's RepoMan, a proof of concept surrounding git commit poisoning. The blog post dives a little deeper into how it all works and the...

March 9, 2025 Using RDP without leaving traces: the MSTSC public mode https://t.co/TMf3YP5JVS— Nicolas Krassas (@Dinosn) March 7, 2025 Sadly, too many...

March 8, 2025 When you struggle with first year linear algebra https://t.co/jF1XzxTBVg— Martin Bauer (@martinmbauer) March 6, 2025 Their task, as assigned by...

March 7, 2025 Multi-factor authentication works. From the indictment: 1 of the Chinese hacking teams was unsuccessful in breaking into email accounts of...

March 6, 2025 Chinese Great Firewall (website access blockade and. content filter for internet traffic) was leaking data! It's a fascinating discovery of...

March 5, 2025 LAZARUS HAS NOW FULLY LAUNDERED THE PROCEEDS OF THE BYBIT HACKThey have transferred 500,000 ETH mainly to native BTC.Thorchain has processed...

March 4, 2025 My presentation slides "UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior" @REverseConf are available online...

March 3, 2025 I've just published a new blog post detailing how I developed a deterministic kernel exploit for iOS. Enjoy!https://t.co/ah8qtW0CG5— Alfie...

March 2, 2025 🚨 - The @RecordedFuture 2024 Malicious Infrastructure Report is here! I know many of you have been looking forward to this! Insikt Group...

March 1, 2025 ‼️ CISA employees have been told to stop tracking Russian cyber threats, according to The Guardian. A recent agency priorities memo "did not...

February 28, 2025

February 28, 2025

February 28, 2025 Overcoming State: Finding Baseband Vulnerabilities by Fuzzing Layer-2https://t.co/v69u7amI7Qhttps://t.co/fuNHl52m60Dyon Goos & Marius...

February 27, 2025

February 27, 2025

February 27, 2025 My slides from out of the box con https://strapi.ootb.net/uploads/28_months_later_final_1357291282.pdf All presentation slides from #OOTB...

February 26, 2025

February 26, 2025

February 26, 2025 PSA #BinDiff for IDA 9.1+ will happen: https://t.co/dIqw27h0is— Christian Blichmann 🇺🇦 (on bksy and Mastodon) (@AdmVonSchneider) February...

February 25, 2025

February 25, 2025

February 25, 2025 A Ukrainian company has developed an electronic module that uses time of flight (ToF) for navigation independent of GPS.Their system...

February 24, 2025

February 24, 2025

February 24, 2025 Looks like BlackHat have added the talks from USA 2024 to YouTube.Here's @robHerrera_ and my talk on Listen Up: Sonos Over-The-Air Remote...

February 23, 2025

February 23, 2025

February 23, 2025 Spyware as a service: Challenges in applying export controls to cloud-based cyber-surveillance software (17 February 2025)...

February 22, 2025

February 22, 2025

February 22, 2025 Spice86 - A PC emulator for real mode reverse engineering : https://t.co/otjFdgCCjo— Binni Shah (@binitamshah) February 21, 2025...

February 21, 2025

February 21, 2025

February 21, 2025 recommended reading: OK so I've been reading through the transcripts of the cases where the LLM apparently cheats and wins and, you're not...

February 20, 2025

February 20, 2025

February 20, 2025 Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog Signals of Trouble:...

February 19, 2025

February 19, 2025

February 19, 2025 Reviewing the Cryptography Used by Signal - Dhole MomentsLast year, I urged furries to stop using Telegram because it doesn’t actually...

February 18, 2025

February 18, 2025

February 18, 2025 If you are an APT using CloudFlare as CDN and you see your beacons disappearing every weekend in Spain, it's because football. ISPs are...

February 17, 2025

February 17, 2025

February 17, 2025 Another pointless weekend project - a playable version of the old 3DMaze screensaver from Windows 9x.I reverse-engineered the original...

February 16, 2025

February 16, 2025

February 16, 2025 Hackers rejoice!We are releasing the Phrack 71 PDF for you today!Don't forget this year is Phrack's 40th anniversary release! Send in your...

February 15, 2024

February 15, 2025

February 15, 2024 https://vault.fbi.gov/kevin-mitnick/kevin-mitnick-part-01-final/view When I heard Musk say this on Tuesday, my assumption was that it was a...

February 14, 2025

February 14, 2025

February 14, 2025 Grab a ☕️ and enjoy this weeks EC #59 OUT NOW Steam Deck fun from @quarkslab @retr0reg exploits Llamma.cpp heap bugGorgeous PhysPuppet...

February 13, 2025

February 13, 2025

February 13, 2025 https://t.co/uDClBBH1DA is awesome! that is all! carry on cybering! :) pic.twitter.com/I87jnm5Dx2— mRr3b00t (@UK_Daniel_Card) February 12,...

February 12, 2025

February 12, 2025

February 12, 2025 Cyberpunk future is weird Russian criminal organizations have begun using FPV drones to kill their business rivals, the first recorded...