This has the potential to be either horrible or not: https://t.co/3x859Lb4e6

BLUF: Despite the rise of 32-bit devices, a large number of legacy embedded products in industrial, automotive, and consumer electronics still run on 8/16-bit architectures.

— Daniel Cuthbert (@dcuthbert) March 19, 2025

vibe coders when the vibe is off pic.twitter.com/Sg54ppwBTw

— ️ (@crackticker) March 18, 2025

One truth I've always stood by: attackers win by knowing your infrastructure better than you do. AI-enabled coding will bring amazing productivity, but the undiscovered cracks and seams built by vibe coding will be a massive attack surface for a while... https://t.co/jAcPBiacxW

— Rob Joyce (@RGB_Lights) March 18, 2025

There have been great women in malware writing and the VX scene:

First and foremost: Gigabyte, she was a pioneer for many other women to get into VX. She was my best friend for many years, I owe so much of my VX years and introduction into cyber security because of her. She… https://t.co/lYzNOxqdov

— Greg Linares (Laughing Mantis) (@Laughing_Mantis) March 19, 2025

New video in our archived content/footage playlist. This time about the lesser known MEK from the German BKA. A domestic law enforcement unit specialising in covert surveillance (among others).https://t.co/iDHcAOzhVK#German #surveillance #BKA #intelligence

— Spy Collection (@SpyCollection1) March 19, 2025

Using frida-trace to hook thousands of methods in one go and get clean, readable output for large, obfuscated mobile apps 📲. Another post from Reino’s to level up your dynamic analysis: https://t.co/fyfjNAeaLh pic.twitter.com/9TzHirarWY

— Orange Cyberdefense's SensePost Team (@sensepost) March 19, 2025

Not entirely sure why the “JFK files” include bulk disclosure of Operations policies, e.g. https://t.co/yvq6sEWRB6
but I suspect people will be generally interested in who was exempt from recruitment/training & why pic.twitter.com/zMa8VxEuse

— Nick Carr (@ItsReallyNick) March 19, 2025

I’m excited to introduce Namespace Confusion, a novel attack discovered during Gareth's and mySAML Roulette: The Hacker Always Wins research. We uncovered a brutal attack on XML signature validation that destroys authentication in Ruby-SAML! https://t.co/qgOHYjJZri pic.twitter.com/AJyEfzGGF8

— d4d (@d4d89704243) March 18, 2025

I don’t think astronauts should be allowed to come back. You made your choice.

— dog poisoner (@mrnastynodrama) March 20, 2025

CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers

Attack combines 2D barcodes (QR) and Bluetooth interception, allowing you to phishing passkeys.https://t.co/rTxP5nG8YK

— remy🐀 (@_mattata) March 20, 2025

Pentagon denies that the F-35 has a “remote kill-switch”. That issued this message openly shows the gravity of the communication crisis. Still, it is clear that F-35 relies heavily on data, sensors and software. Software that almost no country controls. https://t.co/1qXUCX0Zb9 pic.twitter.com/C4coJis3pR

— Lukasz Olejnik (@lukOlejnik) March 20, 2025

Good Mandiant report on UNC3886 🇨🇳 to check out. The use "Operational Relay Boxes" (ORBs) is easy to demo here too. One of the C2 servers appears to be a popped a Plex Media Server via @shodanhq

1. https://t.co/5mLCU2GtTC
2. https://t.co/pSeuh3FCdB
3. https://t.co/FBFr6JLrQV pic.twitter.com/zVWs5NBd7q

— Will (@BushidoToken) March 13, 2025