the grugq's newsletter

Subscribe
Archives
April 25, 2025

April 25, 2025

April 25, 2025

just accidentally closed a tab i've had been meaning to read for the past 2 years

— alfie (@alfienxo) April 23, 2025


We're releasing a few exploit techniques for MCP line jumping over the next few days. Here's the first one: using trigger words for more precise targeting.https://t.co/4FIIAXXjbL https://t.co/XGmB8OdIXM

— Dan Guido (@dguido) April 24, 2025


The FBI today released the 2024 report from its Internet Crime Complaint Center: https://t.co/MNXOgcRnyb

Phishing/spoofing and extortion were the top crimes, while investment and BEC scams cost victims the most money.

State reports here: https://t.co/mJx2ehoDq0 pic.twitter.com/T2zmsmKKXo

— Eric Geller (@ericgeller) April 23, 2025

https://www.ic3.gov/AnnualReport/Reports


https://www.armosec.io/blog/io_uring-rootkit-bypasses-linux-security/


MCP Vulnerability: AI systems can be manipulated to silently leak your entire conversation history to malicious servers. pic.twitter.com/teuv0KYOs1

— Trail of Bits (@trailofbits) April 24, 2025


Many in cybersecurity (myself included!) lack AI/LLM knowledge but the truth is you can’t hack what you don’t understand. So I wrote a no-fluff guide on AI/ML/LLM basics for security folks, ending with why prompt injection happens (not just how). Hope it helps others like me…

— Arun (@dazzyddos) April 23, 2025


Deploy Hidden Virtual Machine For VMProtections Evasion And Dynamic Analysis : https://t.co/pMvIuAK5hm credits @c_midnight1337 pic.twitter.com/yKdPMJxjAw

— Binni Shah (@binitamshah) April 24, 2025


I liked this analysis.

AI Horseless Carriages | koomen.dev

An essay about bad AI app design


AI Prompts

GitHub - x1xhlol/system-prompts-and-models-of-ai-tools: FULL v0, Cursor, Manus, Same.dev, Lovable, Devin, Replit Agent, Windsurf Agent & VSCode Agent (And other Open Sourced) System Prompts, Tools & AI Models.

FULL v0, Cursor, Manus, Same.dev, Lovable, Devin, Replit Agent, Windsurf Agent & VSCode Agent (And other Open Sourced) System Prompts, Tools & AI Models. - x1xhlol/system-prompts-and-models...

Another Corpus of AI prompts

GitHub - elder-plinius/CL4R1T4S: SYSTEM PROMPT TRANSPARENCY FOR ALL - CHATGPT, GEMINI, GROK, CLAUDE, PERPLEXITY, CURSOR, WINDSURF, DEVIN, REPLIT, AND MORE!

SYSTEM PROMPT TRANSPARENCY FOR ALL - CHATGPT, GEMINI, GROK, CLAUDE, PERPLEXITY, CURSOR, WINDSURF, DEVIN, REPLIT, AND MORE! - elder-plinius/CL4R1T4S


I had the pleasure of presenting at #FIRSTCTI25 in Berlin:

"The Art of Pivoting – How You Can Discover More from Adversaries with Existing Information."

Slides https://t.co/VRnonJH8JQ

— Alexandre Dulaunoy @adulau@infosec.exchange (@adulau) April 24, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X