the grugq's newsletter
Archives
Search...
Subscribe
December 4, 2025
December 4, 2025
December 4, 2025 Our office has automatic gates that use facial recognition and set off a loud alarm if you follow someone though (and security is sitting...
December 2-3, 2025
December 3, 2025
December 2-3, 2025 Rest In Peace, Stealth Stealth died 😢 A member of Team-Teso, Phrack staff, and many other groups. A true hacker—perhaps as true as a...
December 1, 2025
December 1, 2025
December 1, 2025 📻 Really enjoyed listening to this BBC show on modern espionage ⏬️https://t.co/0FO5eqUHqT pic.twitter.com/kybTkBVDoO— Dr. Dan Lomas...
November 30, 2025
November 30, 2025
November 30, 2025 Israel’s IDF Bans Android Phones—iPhones Now ‘Mandatory’ via @forbes https://t.co/hR0ZS0rr7D— Dr. Dan Lomas (@Sandbagger_01) November 30,...
November 29, 2025
November 29, 2025
November 29, 2025 btw: Kerberoasting in VBA is described (with POC) in the article "Hacking in an epistolary way: implementing kerberoast in pure VBA" from...
November 28, 2025
November 28, 2025
November 28, 2025 💻 macOS Red Teaming Comprehensive Guide Guide: https://t.co/PdZSvYaJI6 pic.twitter.com/0UtM3qrjUP— Muqsit 𝕏 (@mqst_) November 26, 2025...
November 26-27, 2025
November 27, 2025
November 26-27, 2025 https://t.co/ENsjxncdJlRandom exploit that has no uses to me anymore, bypasses every anticheat r/w protection without the use of any...
November 25, 2025
November 25, 2025
November 25, 2025 A ton of great info here about what Apple does for their secure boot chain: “A Reverse Engineer’s Anatomy of the macOS Boot Chain &...
November 24, 2025
November 24, 2025
November 24, 2025 🚀 open-sourced santamon — a lightweight macOS detection sidecar that reads Santa's ES telemetry, runs CEL detection rules locally, and only...
November 23, 2025
November 23, 2025
November 23, 2025 CVE-2025-49752 is a critical authentication bypass vulnerability in Azure Bastion that could allow remote privilege escalation, directly...
November 22, 2025
November 22, 2025
November 22, 2025 Random Friday news: CrowdStrike says it caught an insider sharing screenshots with ShinyHunters and fired them last month. Allegedly,...
November 21, 2025
November 21, 2025
November 21, 2025 Today I sent the first daily digest of https://t.co/Rat6IbxJtD :) I hyperfocused for a few days and got it 80% working. I feel like one of...
November 20, 2025
November 20, 2025
November 20, 2025 https://risky.biz/BTN145/ The https://t.co/OpFfwtJCLm post by @xoreipeip shows how prepared statements can be exploited in NodeJS using...
November 19, 2025
November 19, 2025
November 19, 2025 This new 0day found by Google Big Sleep if not via fuzzing harness but purely by reasoning would be super cool! Coincidence with the Gemini...
November 18, 2025
November 18, 2025
November 18, 2025 The @ThinkstCanary ThinkstScapes Q3 report is out. A great quarterly overview of interesting research shared in the security community. It...
November 17, 2025
November 17, 2025
November 17, 2025 https://djnn.sh/posts/anthropic-s-paper-smells-like-bullshit/ Some in cybersec were debating how much VPNs protect your privacy while on...
November 16, 2025
November 16, 2025
November 16, 2025 #SpyNews - week 46 (November 9-15):A summary of 66 espionage-related stories from week 46 coming from...
November 15, 2025
November 15, 2025
November 15, 2025 On Monday, I’ll present a case that goes beyond the Anthropic espionage report, which in my view is far from comprehensive, showcasing one...
November 14, 2025
November 14, 2025
November 14, 2025 WSJ just dropped another strong investigation on how China is exploiting loopholes in U.S. export controls. To summarize what is happening...
November 13, 2025
November 13, 2025
November 13, 2025 A repo is for learning various heap exploitation techniques by @shellphishhttps://t.co/MDbkqR41jq pic.twitter.com/IhGrIoeIEQ— Alex Plaskett...
Newer archives
Older archives
