Since the app exploiting it was leaked, I’m leaking the function they used. Don’t know if it’s exploitable on latest or not. https://t.co/Nf7fVROlOI pic.twitter.com/nltMtPwpky

— Duy Tran (@TranKha50277352) March 27, 2025

When Good Kernel Defences Go Bad: Reliable and Stable Kernel Exploits via Defense-Amplified TLB Side-Channel Leaks

Awesome paper by Lukas Maar et al. about leaking exploitation-relevant kernel addresses via a TLB side-channel attack.https://t.co/JTxXhX4CtB pic.twitter.com/mbO0w7d6Gc

— Linux Kernel Security (@linkersec) March 27, 2025

Three bypasses of Ubuntu's unprivileged user namespace restrictionshttps://t.co/nWf0FZFglo

— Anderson Nascimento (@andersonc0d3) March 27, 2025

Another super cool blog post by @u1f383

The Evolution of Dirty COW (1) https://t.co/CV36sHSBRR

— Meysam (@R00tkitSMM) March 27, 2025

New findings show threat actors from Iran, China, North Korea, and Russia are experimenting with AI for reconnaissance, phishing, malware development, and more.

See how Google Threat Intelligence Group is tracking misuse by government-backed attackers: https://t.co/wR0GKfL6NJ pic.twitter.com/TXt07k8gGP

— Mandiant (part of Google Cloud) (@Mandiant) March 27, 2025

We have subsistence farming at home. https://t.co/Uk1hOc8yHe

— Pinboard (@Pinboard) March 27, 2025

In-Depth Technical Analysis of the Bybit Hack by Mario Rivashttps://t.co/y5PpIjYQ2w pic.twitter.com/FJOIlNToWR

— Alex Plaskett (@alexjplaskett) March 27, 2025

My idalib-based "vulnerability divination" tool suite is finally available in the official Hex-Rays Plugins & Apps repository! 🦀https://t.co/F2ilFPlxzO#idapro #idalib #vulnerabilityresearch#reverseengineering

— raptor@infosec.exchange (@0xdea) March 27, 2025

Derestricted this bug too...an LPE attack surface one remote bug away from being touchable. It's a pretty nice UAF actually...https://t.co/I9RxUunfX5

— Seth Jenkins (@__sethJenkins) March 28, 2025

Making a Japanese style AI image for a film which destroys Japan. Life comes a full circle. https://t.co/zvjggg9xdI

— cyanide kuppi (@arjunvish7) March 27, 2025

New publication: Interpreting India's 🇮🇳 Cyber Statecraft, co-written with @APB_Laudrain for @CEIPTechProgram @warstudies @KCL_CSRG | We explore the different aspects of India's approach to cyber statecraft, including its cyber diplomacy, in the context of its national strategy.

— Joe Devanny (@josephdevanny) March 28, 2025

We get probably 2 or 3 messages about this scam e-mail a month. We've also been informed by some people they've actually paid the 'ransom'. pic.twitter.com/tZRNzWgDiO

— vx-underground (@vxunderground) March 27, 2025

Interestingly, a majority of people who have told us they've paid the 'ransom' are people who we believe to be mentally ill. The people have suggested the government is tracking them, the former (or current) presidential administration is targeting them, or they have some sort of…

— vx-underground (@vxunderground) March 27, 2025

More interestingly (maybe?), we've also witnessed people who are exhibitionists seem excited by the prospect of being extorted and having their genitals exposed to people they know.

The internet is a cool place

— vx-underground (@vxunderground) March 27, 2025

The root cause of the Chrome 0-day vulnerability CVE-2025-2783, which we discovered used in attacks with sophisticated malware, also affects the Firefox! New CVE-2025-2857 has just been fixed in Firefox 136.0.4, and you can read about what led to its discovery at the link below. pic.twitter.com/zFXt27rQPK

— Boris Larin (@oct0xor) March 28, 2025

A professor friend of mine recently got a paper submission whose first sentence was “Gladly! Here’s a version rewritten with some spelling errors.” We are soooo cooked it’s not even funny https://t.co/NQSYilLojG

— smug prescriptivist douchebag (@CHRISF0GLE) March 26, 2025