Archive • the grugq's newsletter

July 11, 2025 Four UK arrests in Scattered Spider incidents. Suspects are 17 to 20 years old. https://t.co/sJhfry71Tk— John Hultquist (@JohnHultquist) July...

July 10, 2025 How can the Government best protect the UK against grey zone threats? We have published a report. Read our recommendations...

July 9, 2025 AI voice clones have hit the White House AGAIN, now impersonating the Secretary of State to other Gov officials to try to steal...

July 8, 2025 🇺🇸 #US: A Homeland Security operation took place at the MacArthur Park in Los Angeles, described in leaked Army documents as a "show of...

July 7, 2025 my weekend project to learn about bluetooth mesh networks, relays and store and forward models, message encryption models, and a few other...

July 6, 2025 #SpyNews - week 27 (June 29-July 5):A summary of 91 espionage-related stories from week 27 coming from...

June 5, 2025 🚨 New APT group “NightEagle” is hacking Microsoft Exchange with stealthy tools and unpatched exploits.Targets? China’s AI, military, and quantum...

July 4, 2025 Pro-Russian hacktivism: Shifting alliances, new groups… | Intel 471Pro-Russian hacktivism campaigns continued to be directed at countries and...

July 3, 2025 GitHub - VirtualBox/virtualbox: Source code for Oracle VirtualBoxSource code for Oracle VirtualBox. Contribute to VirtualBox/virtualbox...

July 2, 2025 Jesko is an excellent reverse engineer and Binary Refinery is a great tool to check out for malware triage: https://t.co/wjWZk3PU6G...

July 1, 2025 Proofpoint: TA829 is a unique actor... its behavior classifies it as a financially-motivated actor. Following the invasion of Ukraine, TA829...

June 30, 2025 Today, Microsoft Threat Intelligence Center is proud to announce the release of RIFT, an open-source tool designed to assist malware analysts...

June 29, 2025 AI and Secure Code Generation AI and Secure Code Generation | Lawfare AI is reshaping code security—shifting metrics, unknown bugs, and...

June 28, 2025 “On 12 June 2025, dozens of anonymous X (formerly Twitter) accounts advocating Scottish independence abruptly went silent…Their sudden...

June 27, 2025 I'm excited to announce our "Out-of-Band" series; focused on the security risks of management devices like BMCs, serial servers, and KVMs....

June 25, 2025 doing surveillance to the surveillance state https://www.404media.co/fucklapd-com-lets-anyone-use-facial-recognition-to-instantly-identify-...

June 24, 2025 RUSI Experts react to US strikes on Iran's nuclear facilities - click below for analysis from @BurcuAOzcelik, @MTSavill, and @DDolzikova....

June 23, 2025 Stacca Stacca! This is an amazing film. Part of an italian TV documentary it shows two hackers doing some hacking via X.25 into a US military...

June 22, 2025 https://t.co/kZuTtTS9dVPretty cool experimentation work from the Infoblox team to speed up the boring work of web searches for open source...

June 21, 2025 Your average non-state APT doesn't use browser exploits for initial access. They don't give a shit about the kernel or the EDR, they don't...

June 20, 2025 Package Hallucinations: How LLMs Can Invent Vulnerabilities | USENIX I’ve started joining every Google Meet 30 seconds early.When you join...

June 19, 2025 Hacking with AI - Atlantic CouncilCan generative AI help hackers? By deconstructing the question into attack phases and actor profiles, this...

June 18, 2024 🚗🔌 We reverse engineered the Tesla Wall Connector and uncovered a previously undocumented attack surface via the charging cable. From protocol...

June 17, 2025 Predatory Sparrows are back Predatory Sparrow’s past cyber attacks on Iranian steel plants and gas stations have demonstrated tangible effects...

June 16, 2025 News: The Washington Post has suffered a cyber intrusion that compromised the emails of at least several reporters at the paper, including...

June 15, 2025 #SpyNews - week 24 (June 8-14):A summary of 67 espionage-related stories from week 24 coming from...

June 14, 2025 “Finally, Copilot hides the source of the instructions, so the user can’t trace what happened”Fun times ahead! https://t.co/fTi9P6A42k...

June 13, 2025 today i learned.https://t.co/zNcUATyhEo pic.twitter.com/QIfHEdYqcN— J⩜⃝mie Williams (@jamieantisocial) June 11, 2025 Every time I read...

June 12, 2025 "We have been able to do that through the use of AI tools far more quickly than what was done previously—which was to have humans go through".I...

June 11, 2025 GitHub - autoscrape-labs/pydoll: Pydoll is a library for automating chromium-based browsers without a WebDriver, offering realistic...

June 10 I've always said self-driving technology would save lives. Had there been humans driving those cars, the death toll would be devastating....

June 9, 2025 If one knows the input language of the system to be tested, one can generate inputs in a very efficient manner.In GDBMiner, the GNU debugger...

June 8, 2025 I left a server online with VNC wide open to see how it would be interacted with. This is one of the more interesting interactions:...

June 7, 2025 The DIA employee apparently offered US classified information to the German foreign intelligence service BND: https://t.co/qKYqcTMDeZ...

June 6, 2025 Happy D Day! My short impulse talk from Cycon has been published: https://t.co/a94l2zpw7N— Halvar Flake (@halvarflake) June 5, 2025 We released...

June 5, 2025 We’re sharing more about how we report vulnerabilities we discover in third-party software—through research or automated means. Our new...

June 4, 2025 guy who thinks crossing the rubicon was a big deal because it was physically difficult to move from one side to the other...

June 3, 2025 You're gonna allocate memory? On the heap? In this economy?— David Adrian (@davidcadrian) June 2, 2025 New: Trump's proposed CISA budget would...

June 2, 2025 https://t.co/3YQhgVGYuR— UwU-Underground (@uwu_underground) May 31, 2025 There are a lot of misconceptions about the Snowden revelations -...

June 1, 2025 Hidden Bear: The GRU hackers of Russia’s most notorious kill squadRussian GRU Unit 29155 is best known for its long list of murder and sabotage...

May 31, 2025 Looks like @BlueHatIL talks are online now, so here’s my talk for anyone who wanted to learn about the latest episode of KASLR and couldn’t make...

May 29, 30 2025

May 29, 30 2025 you know, i can think of a few reasons why "in the intelligence world" you might want it to be difficult to transfer data off a computer...

May 28, 2025 Recent attacks on institutions in the Netherlands were the work of a previously unknown Russian hacking group that Dutch intelligence agencies...

May 27, 2025 This post from @s1guza should be mandatory reading for seceng. Playing whack-a-mole with first-order primitives or just patching vulnerabilities...

May 26, 2025 Since the discussion is going around again on the topic of disclosure i keep coming back to this blog post by @halvarflake...

May 25, 2025 NEW: More than a decade ago, Kaspersky discovered a mysterious "elite" hacking group it called Careto (“The Mask”), which then vanished and only...

May 24, 2025 GPT Honeypot: Finding the Needle in the Haystack / Coalition Research's Workspace | ObservableOver the past 9 months, the research team at...

May 23, 2025 Here’s the collection of the most significant exploits that I’ve published in the past three decades or so. Enjoy!https://t.co/FDPo4ydHTc—...

May 22, 2025 This is a wild story. SCOOP: In Feb, federal agencies "lost" many #FOIA requests but you probably had no idea. It turns out that the FOIAs...

May 21, 2025 My keynote at @offensive_con 2025, "How Offensive Security Made Me Better at Defense":Video: https://t.co/WM9GuW19cZSlides:...