People seem to fear vulnerability discovering and exploiting AI, but I worry more about a swarm of autonomous AI agents with tool use that automatically discover and exploit trust relationships on internal infra in parallel at machine speeds.

— Dino A. Dai Zovi (@dinodaizovi) March 20, 2025

3 years earlier (ab)used by @x86matthew 🤐https://t.co/qK3oB34dDS

L"%512S/c [...] https://t.co/MKKo2VgTd4

— mgeeky | Mariusz Banach (@mariuszbit) March 19, 2025

1/7 Trend Zero Day Initiative™ (ZDI) discovered ZDI-CAN-25373, a critical vulnerability in Windows shortcut files.

State-sponsored #APT groups are actively exploiting this #ZeroDay in targeted attacks, posing a serious risk to affected systems.

Read: https://t.co/3NbQ4gltJ9 pic.twitter.com/CnWPsyvg1m

— Trend Micro Research (@TrendMicroRSRCH) March 18, 2025

>.LNK shortcut 𝐂𝐫𝐢𝐭𝐢𝐜𝐚𝐥 𝐕𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐲
>abused as 𝗭𝗲𝗿𝗼-𝗗𝗮𝘆
>look inside
>it's just lots of spaces and \r\n to hide command line string

🙄 https://t.co/qimOArVa1M

— sixtyvividtails (@sixtyvividtails) March 19, 2025

Releasing a blogpost about uncovering #ZDI-CAN-25373 - the malicious abuse of MAX_PATH for lnk files "Zero-Day in Widespread APT Campaigns". Here is the trendmicro blog post from ... *checks notes* ... 2017?
---https://t.co/KFeY0H8Sdf pic.twitter.com/DOhYVg75mn

— tmechen (@tmechen_) March 19, 2025

Vultisig swaps have collected $200k in revenue so far!
Look at them pile in here from the TC affiliate collector module.

We are finalising the staking contract - should be live for launch! Stake your $VULT - earn your share of the $200k.

No tricks - remember $VULT is a 100%… pic.twitter.com/GcGdDiPqR5

— JP (@jpthor) March 20, 2025

JP I hope you realize a good chunk of that revenue is being generated from the Bybit hack.

DPRK has been doing BTC -> BNB or AVAX TC swaps via Vultisig for the past few days in size. pic.twitter.com/yy9S4JRdIm

— ZachXBT (@zachxbt) March 20, 2025

"... Soviet illegal agents all over the world, when they want a meet with their principal, are under instruction to send a proper communication to 'K.S. Smirnov, Central Post Office, Vladimir, USSR'..." #KGB ⬇️ pic.twitter.com/Y9Hbq17ceR

— Filip Kovacevic (@ChekistMonitor) March 20, 2025

NEW: North Korea is reportedly launching a new cybersecurity research unit called Research Center 227, which will be housed within the intelligence agency Reconnaissance General Bureau (RGB), and will focus on AI-based hacking and stealing digital assets.https://t.co/AMnKwPohBC

— Lorenzo Franceschi-Bicchierai (@lorenzofb) March 20, 2025

CVE-2025-0927 details here!https://t.co/z9amcuNjKP

— Attila Szasz (@4ttil4sz1a) March 18, 2025

nice Linux kernel pwn challenge write up by @terawhiz for LACTF 2025. exploiting a 3 byte OOB write primitive https://t.co/keuUUdwOCl

— h0mbre (@h0mbre_) March 20, 2025

📣🚨 BAT SIGNAL: A law in France that would mandate a backdoor in end to end encrypted communications is set for a vote within the next day, after some start-stop skirmishes. 

The French Narcotraffic law would require encrypted communications providers—like Signal—create a…

— Meredith Whittaker (@mer__edith) March 19, 2025

CIA Covert Ops: Kennedy Assassination Records Lift Veil of Secrecyhttps://t.co/Q67MRB0wNM

— Dr. Dan Lomas (@Sandbagger_01) March 19, 2025

No idea if its real but it sure is funny. Are we cooked? pic.twitter.com/izEd5SJM7s

— Matt Johansen (@mattjay) March 20, 2025

New AI Red Team tool released! My team at Verizon just released a set of Burp Extensions to test and leverage GenAI during penetration tests: https://t.co/Q5gjhEtotI

Check it out!

— Jorge Orchilles (@jorgeorchilles) March 19, 2025