the grugq's newsletter

Subscribe
Archives
March 18, 2025

March 18, 2025

March 18, 2025

Big day for Chinese threat intel

MSS outs 4 alleged members of Taiwan's Information, Communications & Electronic Force Command, links them to cyber attacks

QiAnXin & Antiy release 2 separate reports on Taiwan-linked APT-Q-20/APT-C-01/GreenSpot/PoisonVine

🧵w/ links & details

— Oleg Shakirov (@shakirov2036) March 17, 2025


guys, i'm under attack

ever since I started to share how I built my SaaS using Cursor

random thing are happening, maxed out usage on api keys, people bypassing the subscription, creating random shit on db

as you know, I'm not technical so this is taking me longer that usual to…

— leo (@leojr94_) March 17, 2025

fml, I should have just kept it quiet

anyways thanks everyone who has been trying to help or at least not throw me under the bus

i'll learn from my mistakes pic.twitter.com/IX3JzUrOls

— leo (@leojr94_) March 17, 2025


my new AI powered lamp is trained on millions of lamp interactions so it understands that 50% of chain pulls are to turn it on and the other 50% are to turn it off. and honestly, it's a little spooky how it knows exactly what i want almost half of the time

— more mr. nice guy (@juniorhoncho.bsky.social) 2025-03-17T22:59:24.359Z

oh and the best part? my first hundred chain pulls are free, just for allowing unlimited use of all recorded audio

— more mr. nice guy (@juniorhoncho.bsky.social) 2025-03-18T00:12:18.159Z


I've written another article, this time on the fundamental reason why we have all these XSSes/SQLIs/etc. At least that's the way I explain it ;)https://t.co/HgRGiGL97e

There's also a CTF challenge for this article (misc60):https://t.co/BcOYPYJCgD

Enjoy!

— Gynvael Coldwind (@gynvael.bsky.social) (@gynvael) March 17, 2025


dynamic user prompts is a 🆕 malware trick for me https://t.co/QrNx0536zM pic.twitter.com/dcoNiKRXsZ

— J⩜⃝mie Williams (@jamieantisocial) March 17, 2025


🚨 New Report Alert 🚨

For over two years, we’ve lived among cybercriminals, studied their tactics, and uncovered the inner workings of Ruthless Mantis—one of the most structured and dangerous #ransomware groups.

Key findings from our deep-dive investigation: 🧵👇 pic.twitter.com/NeGbPTLPLf

— PRODAFT (@PRODAFT) March 17, 2025

Thread

Thread by @PRODAFT on Thread Reader App – Thread Reader App

@PRODAFT: 🚨 New Report Alert 🚨 For over two years, we’ve lived among cybercriminals, studied their tactics, and uncovered the inner workings of Ruthless Mantis—one of the most structured and dangerous #ransomware gro...…

Report

https://catalyst.prodaft.com/public/report/modus-operandi-of-ruthless-mantis/overview


But how to get to that European cloud? - Bert Hubert's writings

The very short version: It has now become clear that European governments can no longer rely on American clouds, and that we lack good and comprehensive alternatives. Market forces have failed to deliver a truly European cloud, and businesses won’t naturally buy as yet unproven cloud services, even when adorned with a beautiful European 🇪🇺 flag, so for now nothing will happen. This means it’s time for industrial policy, which requires politics to be proficient in “industry.


Bad news, my friends: my polymorphic reverse shell generator’s a legal no-no. 😭

Gooder news: I’ve unleashed this PowerShell Obfuscator to "protect" your scripts! 🎉

Check it out: https://t.co/6NaLOOx1nj

Oh, and totally unrelated, there’s a new payload example on my… pic.twitter.com/4FhVMnR0om

— I am Jakoby (@I_Am_Jakoby) March 17, 2025


https://ericdraken.com/pfsense-decrypt-ad-traffic/


Just watched this AWSOME talk by @martinhaller_IT ! Its about supply chain attacks in Entra, and i feel like no one talks about it! but its happening all the time! I would be happy to see the code of the POC he presented! Really, you should watch it. https://t.co/UAKxWwfCr5 pic.twitter.com/I0SzLt7XTg

— sapir federovsky (@sapirxfed) March 18, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X