March 21, 2025
March 21, 2025
https://x.com/ethicalchaos/status/1902481711109214484People seem to fear vulnerability discovering and exploiting AI, but I worry more about a swarm of autonomous AI agents with tool use that automatically discover and exploit trust relationships on internal infra in parallel at machine speeds.
โ Dino A. Dai Zovi (@dinodaizovi) March 20, 2025
Thoughts:
You donโt actually need an AI for that. The morris worm did that back in the 80s, and NotPetya did the same. You can brute force your way through the shadow internet by just connecting to neighbours and systems that are configured as peers on the compromised host.
3 years earlier (ab)used by @x86matthew ๐คhttps://t.co/qK3oB34dDS
โ mgeeky | Mariusz Banach (@mariuszbit) March 19, 2025
L"%512S/c [...] https://t.co/MKKo2VgTd4
ZDI 0day discovery
1/7 Trend Zero Day Initiativeโข (ZDI) discovered ZDI-CAN-25373, a critical vulnerability in Windows shortcut files.
โ Trend Micro Research (@TrendMicroRSRCH) March 18, 2025
State-sponsored #APT groups are actively exploiting this #ZeroDay in targeted attacks, posing a serious risk to affected systems.
Read: https://t.co/3NbQ4gltJ9 pic.twitter.com/CnWPsyvg1m
Original discovery in 2022
https://web.archive.org/web/20240122163849/https://www.x86matthew.com/view_post?id=embed_exe_lnkAbusing .LNK
>.LNK shortcut ๐๐ซ๐ข๐ญ๐ข๐๐๐ฅ ๐๐ฎ๐ฅ๐ง๐๐ซ๐๐๐ข๐ฅ๐ข๐ญ๐ฒ
โ sixtyvividtails (@sixtyvividtails) March 19, 2025
>abused as ๐ญ๐ฒ๐ฟ๐ผ-๐๐ฎ๐
>look inside
>it's just lots of spaces and \r\n to hide command line string
๐ https://t.co/qimOArVa1M
Trend Micro on LNK exploitation in 2017
Releasing a blogpost about uncovering #ZDI-CAN-25373 - the malicious abuse of MAX_PATH for lnk files "Zero-Day in Widespread APT Campaigns". Here is the trendmicro blog post from ... *checks notes* ... 2017?
โ tmechen (@tmechen_) March 19, 2025
---https://t.co/KFeY0H8Sdf pic.twitter.com/DOhYVg75mn
Vultisig swaps have collected $200k in revenue so far!
โ JP (@jpthor) March 20, 2025
Look at them pile in here from the TC affiliate collector module.
We are finalising the staking contract - should be live for launch! Stake your $VULT - earn your share of the $200k.
No tricks - remember $VULT is a 100%โฆ pic.twitter.com/GcGdDiPqR5
JP I hope you realize a good chunk of that revenue is being generated from the Bybit hack.
โ ZachXBT (@zachxbt) March 20, 2025
DPRK has been doing BTC -> BNB or AVAX TC swaps via Vultisig for the past few days in size. pic.twitter.com/yy9S4JRdIm
"... Soviet illegal agents all over the world, when they want a meet with their principal, are under instruction to send a proper communication to 'K.S. Smirnov, Central Post Office, Vladimir, USSR'..." #KGB โฌ๏ธ pic.twitter.com/Y9Hbq17ceR
โ Filip Kovacevic (@ChekistMonitor) March 20, 2025
https://www.galois.com/articles/introducing-grease
NEW: North Korea is reportedly launching a new cybersecurity research unit called Research Center 227, which will be housed within the intelligence agency Reconnaissance General Bureau (RGB), and will focus on AI-based hacking and stealing digital assets.https://t.co/AMnKwPohBC
โ Lorenzo Franceschi-Bicchierai (@lorenzofb) March 20, 2025
CVE-2025-0927 details here!https://t.co/z9amcuNjKP
โ Attila Szasz (@4ttil4sz1a) March 18, 2025
nice Linux kernel pwn challenge write up by @terawhiz for LACTF 2025. exploiting a 3 byte OOB write primitive https://t.co/keuUUdwOCl
โ h0mbre (@h0mbre_) March 20, 2025
๐ฃ๐จ BAT SIGNAL: A law in France that would mandate a backdoor in end to end encrypted communications is set for a vote within the next day, after some start-stop skirmishes.ย
โ Meredith Whittaker (@mer__edith) March 19, 2025
The French Narcotraffic law would require encrypted communications providersโlike Signalโcreate aโฆ
CIA Covert Ops: Kennedy Assassination Records Lift Veil of Secrecyhttps://t.co/Q67MRB0wNM
โ Dr. Dan Lomas (@Sandbagger_01) March 19, 2025
No idea if its real but it sure is funny. Are we cooked? pic.twitter.com/izEd5SJM7s
โ Matt Johansen (@mattjay) March 20, 2025
New AI Red Team tool released! My team at Verizon just released a set of Burp Extensions to test and leverage GenAI during penetration tests: https://t.co/Q5gjhEtotI
โ Jorge Orchilles (@jorgeorchilles) March 19, 2025
Check it out!