OK so I've been reading through the transcripts of the cases where the LLM apparently cheats and wins and, you're not going to believe this, but I think that these findings are not being presented accurately. I can't find a single example where it actually successfully cheats. https://t.co/U1n9H5wH7h

— Colin Fraser (@colin_fraser) February 20, 2025

Great report from @TalosSecurity on telco and other infrastructure hacks. The report centers on Cisco gear, but there are useful tips here for all Linux systems:https://t.co/B6ddlBS088

— Craig Rowland - Agentless Linux Security (@CraigHRowland) February 20, 2025

If you want to analyze the leak, my full process from the Conti leaks is documented here, so you can adapt my code. The structure of the BlackBasta chat is similar. 👇👇https://t.co/CHmVjRkJvC https://t.co/HV5JBMYW2F

— Thomas Roccia 🤘 (@fr0gger_) February 20, 2025

It's EXPLOIT CLUB DAY 📰

Linux kernel goodies from @h0mbre_ @patch1t spends another week showing you no patch is safe@vv474172261 makes Microsoft re-think their bounty program

USB Restricted Mode Bypass RCA from @quarkslab

+ Jobs and MORE 👇https://t.co/3crbReYkIS

— exploits.club (@exploitsclub) February 20, 2025

As a pentester the report is what you're being paid for. All of the time you spend having fun (and stressing) hacking is a bonus. A great report will showcase all the hard work you do while also providing your client a guide to make their environment safer!

Resources:
Hack for… pic.twitter.com/njWIbdVLJ5

— Black Hills Information Security (@BHinfoSecurity) February 19, 2025

Our latest issue of ThinkstScapes is now available for download.

For this issue (covering the last quarter of 2024) we tracked over over 1400 talks and scoured content from almost 1100 blog posts.

As always, PDF, ePUB and an audio summary are available free (with no reg-wall) pic.twitter.com/tUakNWDks4

— Thinkst Canary (@ThinkstCanary) February 20, 2025

I just fell for one of the best scams I've seen on X.

Here's what you need to know (and how to avoid it): pic.twitter.com/bagWZHVVVD

— Alex Banks (@thealexbanks) February 19, 2025

1) the URL they actually sent you is this:

https://authorization-x. xyz/calendar

2) which redirects to twitter's api access request:

https://api.twitter. com/oauth/authorize?oauth_token=90KHpQAAAAABzPqXAAABlSOYQO4

3) they can easily be tracked down by authorities at some…

— Eduardo Borges (@duborges) February 20, 2025

Today, the follow-up from PDF basics:
What you need to know to edit any PDF.https://t.co/4YYFkVm2Vj

— Ange (@angealbertini) February 20, 2025

Stately Taurus Activity in Southeast Asia Links to Bookworm Malware https://t.co/6bq1OLUr5V @Unit42_Intel

— 780th Military Intelligence Brigade (Cyber) (@780thC) February 20, 2025

New findings from the mobile device security company iVerify show that powerful zero-click spyware is more widely used than has been previously understood and is impacting business executives in addition to members of civil society. https://t.co/EfazxLPQUV

— The Record From Recorded Future News (@TheRecord_Media) February 19, 2025

New 0 day dropped:https://t.co/r8R2eYrUR5
Conclusion:
1. Don’t trust @thezdi , they are too late to handle our reports. One of my reports was submitted in 2024 Jan, but it is still not disclosed to the vendor. No reply from the ZDI yet!
2. Don’t trust the Parallels security!

— Mickey Jin (@patch1t) February 20, 2025