December 4, 2025

        December 4, 2025

December 4, 2025

            December 4, 2025

Our office has automatic gates that use facial recognition and set off a loud alarm if you follow someone though (and security is sitting right there).

Then you have to go through a metal detector.

All bags and laptops have to x-rayed going in and out

Cameras must be stickered…
— Based Checker (@duncanstives) December 2, 2025

Battery factory.

JV partner is a Korean company.

SK has a "national core technologies" law that strictly controls the flow of information on technologies their government defines as strategic. The electrode formulation and a few other things are on this list.

They can share it…
— Based Checker (@duncanstives) December 2, 2025

https://netaskari.substack.com/p/train-to-kill-chinas-secret-training

A full iOS zero-day exploit chain used in the wild against targets in Egypt. #Intellexa #Predator

Stage 1: Initial RCE via JSKit Framework (Safari WebKit Exploitation)Entry Point: The chain starts with a zero-day RCE vulnerability in Safari's WebKit rendering engine, patched by… pic.twitter.com/lS20oVlc17
— blackorbird (@blackorbird) December 4, 2025

🎉New macOS sources are available. My script from a few years ago still works to fetch all their archives from Github. You can also use it to fetch anything new if you already downloaded what is available.https://t.co/1fCWeI6ot3 https://t.co/X9GNu700jF
— Csaba Fitzl (@theevilbit) December 4, 2025

Here's our initial analysis of CVE-2025-55182 and CVE-2025-66478, critical RCE vulnerabilities in React and Next.js - these bugs allow for unauthenticated RCE on default configurations - patch ASAP:https://t.co/EQaPopth22
— Amitai Cohen 🎗️🤟 (@AmitaiCo) December 3, 2025

''Adventures in Dynamic Evasion''#infosec #pentest #redteam #blueteamhttps://t.co/HFIzrXFcSk
— Florian Hansemann (@CyberWarship) December 4, 2025

After a few weeks of scanning VS Code extensions, PyPI, NPM, etc. one thing keeps showing up: a lot of code is heavily obfuscated. Some uploads are wide open and easy to analyze, but a big chunk hides behind layers meant for “IP protection”. That noise makes it much harder to… https://t.co/VLzdluFYN3
— Florian Roth ⚡️ (@cyb3rops) December 3, 2025

                            Don't miss what's next. Subscribe to the grugq's newsletter:

          Add a comment:

                Share this email:

                                Share on Twitter

                                Share on Hacker News

                                Share via email

                                Share on Mastodon

                                Share on Bluesky