Grab a ☕️ and enjoy this weeks EC #59 OUT NOW

Steam Deck fun from @quarkslab @retr0reg exploits Llamma.cpp heap bug

Gorgeous PhysPuppet animations and commentary from @bellis1000

Fortinet hasn't patched in...25 years

+ Jobs and more 👇https://t.co/2Ep0jcm96y

— exploits.club (@exploitsclub) February 13, 2025

wanna see something cool:
API Support with https://t.co/uDClBBHzt8 is FREEE

so we can do cool shit like this:

curl -X 'GET' \
'https://t.co/ufgPr7QehV' \
-H 'accept: application/json' | jq https://t.co/oB9Ic8ZfbO

— mRr3b00t (@UK_Daniel_Card) February 13, 2025

A former CIA officer revealed that the most attractive incentive you can give to someone to get them to betray their country and become an informant:

Give their children admission to an elite U.S. college https://t.co/l6rDz5PYbX pic.twitter.com/8AVyRNFZtt

— Alexei Arora (@AlexeiArora) February 12, 2025

Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Storm-2372’s targets include governments, NGOs, IT services and technology, defense, telecoms, health, higher education, and energy/oil…

— Microsoft Threat Intelligence (@MsftSecIntel) February 14, 2025

emploleaks: OSINT tool that helps detect members of a company with leaked credentials https://t.co/Xl2BwdzfQr

— Nicolas Krassas (@Dinosn) February 13, 2025

Cybercrime: A Multifaceted National Security Threat. Amazing work by Google Threat Intelligence here. (Mandiant/TAG). https://t.co/K0AjS4E6wl pic.twitter.com/8Qy2hlEXl0

— Phil Venables (@philvenables) February 12, 2025

here's something I've knocked up to show some of the areas I see org go wrong with: they focus too much on:

I NEED A RISK ASSESSMENT

vs

I need to DEFEND my organisation based on a risk aligned approach (based on intelligence!) pic.twitter.com/QPCCarVTPw

— mRr3b00t (@UK_Daniel_Card) February 13, 2025

New from 404 Media: anyone can push updates to the https://t.co/kMH4ihnpGw site. Two sources independently found the issue, one made their own decision to deface the site. "THESE 'EXPERTS' LEFT THEIR DATABASE OPEN."https://t.co/u0iPU0GEmW pic.twitter.com/Tk81I1qk9E

— Joseph Cox (@josephfcox) February 14, 2025

The Oort cloud. Where the solar system ends. pic.twitter.com/gPM9Jc5NPP

— Curiosity (@MAstronomers) February 13, 2025

RedMike (Salt Typhoon) Exploits Vulnerable Cisco Devices of Global Telecommunications Providers | Insikt Group attributes this activity to a Chinese state-sponsored threat activity group https://t.co/VCaDuBWep6 @RecordedFuture pic.twitter.com/FsqVToBUuT

— 780th Military Intelligence Brigade (Cyber) (@780thC) February 13, 2025