101 Chrome Exploitation — Part 0: Preface

We are starting a new series on modern browsers' architecture and their exploitation using Chrome as an example. Readers will learn how browser subsystems are implemented, how their security is ensured and how it is violated with…

— Operation Zero (@opzero_en) July 18, 2025

Published a blog/repo inspired by one of @MDSecLabs's research on VSCode extensions.

In this repo, we put Rust and Javascript together and backdoor a popular microsoft extension while preserving the blue checkmark and all. Read more here: https://t.co/vGR0T4ByDB https://t.co/zoulB17nsq

— db (@whokilleddb) July 19, 2025

While I do believe that deep fake vishing is happening, I’m skeptical of some of these incidents. In many cases the only evidence we have is the word of the person who was just deceived and who has the greatest incentive to lean on this explanation. Proceed with caution.

— John Hultquist (@JohnHultquist) July 19, 2025

#x33fcon 2025 talks: @domchell - Hiding in Plain Sight > https://t.co/cZHTLXUXdO pic.twitter.com/ujJCaumfZJ

— /ˈziːf-kɒn/ (@x33fcon) July 19, 2025

A toolkit to turn Chromium vulnerabilities into full-chain exploitshttps://t.co/fyEDALMqmW

From BSidesLuxembourg 2025
"Browser Exploitation: From N-Days to Real-World Exploit Chains in Google Chrome"https://t.co/HQcVIz9kqd

— xvonfers (@xvonfers) June 18, 2025

1. In a review essay this week, I looked at Tim Weiner's (fascinating) new book on the CIA. It describes how CIA's "Russia House" doubled in size after 2016 & how agent recruitment grew. It quotes a CIA dep director calling Ukraine a “triumph of HUMINT” https://t.co/QA4IMcfHND

— Shashank Joshi (@shashj) July 18, 2025

Whoa! Turns out a new Microsoft SharePoint zero-day attack is being actively exploited in the wild! It's a new variant of a previously-patched SharePoint bug.

Of course it always happens on weekends.https://t.co/sYNyaxQaq0

— Haifei Li (@HaifeiLi) July 20, 2025

https://t.co/atsJbm0CB0 pic.twitter.com/C7hai8cvuy

— Dr. Dan Lomas (@Sandbagger_01) July 19, 2025

#x33fcon 2025 talks: @kevin0x90 - Beyond PsExec - Stealthy Lateral Movement Techniques > https://t.co/lrq6s0bxaN pic.twitter.com/9GBEeCXrE1

— /ˈziːf-kɒn/ (@x33fcon) July 20, 2025

"Post paid pentester" that's brilliant. https://t.co/EmTU1zq9P7 pic.twitter.com/Huvp74hTC7

— Silas Cutler // p1nk (@silascutler) July 19, 2025

“The arc of history is long, and it bends toward”

*flips through history book*

Oh. Oh no. Oh no no no pic.twitter.com/MzILccZ4NN

— Spencer A. Klavan (@SpencerKlavan) July 18, 2025

NGL, using drones armed with heat cameras in order to find grow houses in order to rob them, wasn’t on my 2025 “oh shit really?”list

Omar flying…. https://t.co/4SguRSlYni

— Daniel Cuthbert (@dcuthbert) July 19, 2025

#SpyNews - week 29 (July 13-19):
A summary of 86 espionage-related stories from week 29 coming from 🇮🇷🇩🇪🇹🇷🇺🇦🇷🇺🇦🇺🇨🇳🇺🇸🇯🇵🇮🇱🇫🇷🇦🇲🇲🇩🇳🇴🇮🇹🇬🇧🇨🇦🇰🇵🇮🇳🇵🇰🇵🇸🇨🇭🇬🇷🇹🇼🇧🇷🇨🇾🇰🇷🇩🇰🇪🇸🇳🇱🇦🇿🇽🇰🇷🇸🇸🇪🇦🇫🇬🇾🇸🇬🇸🇾🇵🇱 https://t.co/R0Sb83h8oR#OSINT #SIGINT #HUMINT #espionage #spy

— Spy Collection (@SpyCollection1) July 20, 2025