the grugq's newsletter

Subscribe
Archives
May 18, 2025

May 18, 2025

May 18, 2025

There’s a lot of “VPN’s are snakeoil, just use HTTPS” discourse again, so here, I’ll sell the farm for the sake of demonstrating exactly how wrong this argument is for phones.

You Want a VPN for Your Phone, Because Apps. https://t.co/mZJBZp4OJO

— remy🐀 (@_mattata) May 16, 2025


CONTEXT-only injection

No VirtualAllocEx.
No WriteProcessMemory.

We show how pure register-/stack manipulation can:
Load a DLL with a pointer-only LoadLibrary call

Spin up a remote thread via NtCreateThread that self-allocates & self-writes inside the target

Chain APC-safe…

— Hai vaknin (@VakninHai) May 16, 2025

New Process Injection Class: The CONTEXT-Only Attack Surface – Security Friends' Research Blog

What happens when you skip memory allocation, skip writing, and weaponize thread context alone? This post explores a new class of process injection that lives entirely in the execution layer — no a…


https://x.com/ceruleanfi/status/1923708757910921660


#SpyNews - week 20 (May 11-17):
A summary of 76 espionage-related stories from week 20 coming from 🇨🇳🇷🇺🇺🇦🇬🇧🇦🇫🇪🇬🇹🇷🇵🇰🇰🇵🇰🇷🇧🇬🇩🇪🇺🇸🇫🇷🇷🇴🇮🇳🇸🇪🇬🇷🇱🇹🇨🇾🇲🇪🇬🇪🇮🇶🇮🇱🇹🇼🇩🇿🇸🇦🇯🇵🇨🇦🇵🇱🇻🇪🇶🇦🇮🇹🇱🇾🇧🇪🇨🇩🇦🇺🇸🇰🇨🇲🇪🇨🇷🇸🇱🇻🇲🇾🇮🇷🇹🇭🇱🇧 https://t.co/dx2i2kbgb2#OSINT #espionage #spy #SIGINT #HUMINT

— Spy Collection (@SpyCollection1) May 18, 2025


Props to the North Koreans who took all the “unfilled jobs in infosec” and turned it into an advantage..

Waiting for their “the obstacle is the way” best-seller to drop..

— haroon meer (@haroonmeer) May 18, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
X