May 24, 2025
May 24, 2025
GPT Honeypot: Finding the Needle in the Haystack / Coalition Research's Workspace | Observable
Over the past 9 months, the research team at Coalition has been developing a process to streamline our identification of vulnerabilities being exploited in the wild. This blog post will take you on a deeply technical journey exploring why and how we built this, how we use it, and the results we're seeing in our mission to protect the unprotected. Why? Over time as computers have gotten faster and internet speeds have skyrocketed, threat actors have changed their methods. Sending a single request...
[2406.01882] HoneyGPT: Breaking the Trilemma in Terminal Honeypots with Large Language Model
Honeypots, as a strategic cyber-deception mechanism designed to emulate authentic interactions and bait unauthorized entities, often struggle with balancing flexibility, interaction depth, and deception. They typically fail to adapt to evolving attacker tactics, with limited engagement and information gathering. Fortunately, the emergent capabilities of large language models and innovative prompt-based engineering offer a transformative shift in honeypot technologies. This paper introduces Honey...
The hacker ecosystem in Russia, more than perhaps anywhere else in the world, has long blurred the lines between cybercrime, state-sponsored cyberwarfare, and espionage. https://t.co/UeTMtRci7o @WIRED
— 780th Military Intelligence Brigade (Cyber) (@780thC) May 23, 2025
Eh…
🇲🇲 #Myanmar: A military Mi-17 helicopter belonging to the junta was struck by a drone operated by the Kachin Independence Army (KIA) near Bhamo, Kachin State, causing it to crash during a supply landing.
— POPULAR FRONT (@PopularFront_) May 23, 2025
Reports mention the drone used was an FPV kamikaze drone, a tactic widely… pic.twitter.com/WEn7SbERZd
Nice! New advisory on #APT28, with #YARA rules! Sadly though, the APT28_HEADLACE_SHORTCUT YARA rule FPs on clean files from Thunderbird, Firefox and MS Edge. Makes you wonder, don't people test their YARA rules for false positives before publishing?🧐 https://t.co/AhtH0WSVf0
— Costin Raiu (@craiu) May 22, 2025
In this post, Man Yue Mo(@mmolgtm) will look at CVE-2025-0072, a vulnerability in the Arm Mali GPU, and show how it can be exploited to gain kernel code execution even when MTE is enabled.https://t.co/jP8pH2XoqZ
— xvonfers (@xvonfers) May 24, 2025
Exploit for Pixel 8https://t.co/QJQDuzCHlT pic.twitter.com/Kl05WmnBIM