May 18, 2025
May 18, 2025
There’s a lot of “VPN’s are snakeoil, just use HTTPS” discourse again, so here, I’ll sell the farm for the sake of demonstrating exactly how wrong this argument is for phones.
— remy🐀 (@_mattata) May 16, 2025
You Want a VPN for Your Phone, Because Apps. https://t.co/mZJBZp4OJO
CONTEXT-only injection
— Hai vaknin (@VakninHai) May 16, 2025
No VirtualAllocEx.
No WriteProcessMemory.
We show how pure register-/stack manipulation can:
Load a DLL with a pointer-only LoadLibrary call
Spin up a remote thread via NtCreateThread that self-allocates & self-writes inside the target
Chain APC-safe…

New Process Injection Class: The CONTEXT-Only Attack Surface – Security Friends' Research Blog
What happens when you skip memory allocation, skip writing, and weaponize thread context alone? This post explores a new class of process injection that lives entirely in the execution layer — no a…
https://x.com/ceruleanfi/status/1923708757910921660
#SpyNews - week 20 (May 11-17):
— Spy Collection (@SpyCollection1) May 18, 2025
A summary of 76 espionage-related stories from week 20 coming from 🇨🇳🇷🇺🇺🇦🇬🇧🇦🇫🇪🇬🇹🇷🇵🇰🇰🇵🇰🇷🇧🇬🇩🇪🇺🇸🇫🇷🇷🇴🇮🇳🇸🇪🇬🇷🇱🇹🇨🇾🇲🇪🇬🇪🇮🇶🇮🇱🇹🇼🇩🇿🇸🇦🇯🇵🇨🇦🇵🇱🇻🇪🇶🇦🇮🇹🇱🇾🇧🇪🇨🇩🇦🇺🇸🇰🇨🇲🇪🇨🇷🇸🇱🇻🇲🇾🇮🇷🇹🇭🇱🇧 https://t.co/dx2i2kbgb2#OSINT #espionage #spy #SIGINT #HUMINT
Props to the North Koreans who took all the “unfilled jobs in infosec” and turned it into an advantage..
— haroon meer (@haroonmeer) May 18, 2025
Waiting for their “the obstacle is the way” best-seller to drop..