March 25, 2025

                March 25, 2025

            March 25, 2025

            March 25, 2025

Attackers love poking around SSO dashboards, so we gave them something to find! 

Drop a Fake SAML IdP App Canarytoken in your IdP -- if anyone opens it, you get an alert. 

Read more about it at https://t.co/VtSZTy7YMC pic.twitter.com/wYiD3mEw53
— Thinkst Canary (@ThinkstCanary) March 24, 2025

BBC News - Two women who spied for Russia tracked down and named by BBChttps://t.co/bxH4KWU8TI
— Dr. Dan Lomas (@Sandbagger_01) March 24, 2025

Very serious administration pic.twitter.com/37YrkX3S1V
— Karina Vinnikova (@KarinaVinnikova) March 24, 2025

   New phone, Houthis
             — Christian Schneider  (@christianschneider.bsky.social)            2025-03-24T18:01:05.861Z 

pic.twitter.com/6MWQolRDUS
— Bill Geerhart (@CONELRAD6401240) March 24, 2025

Honestly I thought it was a mistake to put a raging non-functioning alcoholic in charge of the world's largest death machine but I didn't realize how funny it would be. My bad.
— Jeet Heer (@HeerJeet) March 24, 2025

🤣 stolen from a secure chat pic.twitter.com/QHCa2GGj27
— mRr3b00t (@UK_Daniel_Card) March 24, 2025

This is really great talk from @REverseConf by Markus Gaasedelen on Full-stack Reverse Engineering of the Original Microsoft Xbox, well worth a watch!https://t.co/zxMMRz7iEg
— Alex Plaskett (@alexjplaskett) March 24, 2025

Hold on, so Steve Witkoff was participating in the Signal group discussing war plans against Houthis while being physically in Moscow, perhaps even in the Kremlin? He met Putin late on March 13.
— Yaroslav Trofimov (@yarotrof) March 25, 2025

CimFS: Crashing in memory, Finding SYSTEM!  @cplearns2h4ck  dug into Microsoft CimFS, found a sneaky 0-day, and guess what? The fix by Microsoft was just locking the door 🔐on unprivileged users. 😂 
Dive into the adventure with us: https://t.co/7g30HpmFzG
— starlabs (@starlabs_sg) March 25, 2025

I would have stayed in the group chat and then link the article when it came out.
— Egg Price Sufferer (@agraybee) March 24, 2025

pic.twitter.com/Rb7jN08DJZ
— Max Burns (@themaxburns) March 25, 2025

A story in four acts: pic.twitter.com/YobB6x9RKd
— Costin Raiu (@craiu) March 25, 2025

dance like no one is watching 

text like the editor of the Atlantic was accidentally added to the group chat and is reading everything
— Matt Margolis (@ItsMattsLaw) March 24, 2025

Instead of using #Signal, Trump's national security team should have used their secure landline phones, or at least the NSA approved mobile solutions for classified communications:https://t.co/hqU4wOnavd pic.twitter.com/mraNPQnGdN
— Electrospaces (@electrospaces) March 25, 2025

Much more about the communications equipment of the US military can be read in my earlier blog post about the US Central Command headquarters: https://t.co/FgwXOSmUaV
— Electrospaces (@electrospaces) March 25, 2025

I'm out of cave again and just learned about the "lnav" log review tool, waaaaay too late. I used to grep and multitail for basic quick needs, but this thing makes life SO MUCH easier. https://t.co/xQmhVElAxi
— Hamid Kashfi (@hkashfi) March 25, 2025

Don't miss what's next. Subscribe to the grugq's newsletter: