https://t.co/ENsjxncdJl
Random exploit that has no uses to me anymore, bypasses every anticheat r/w protection without the use of any driver/kernel component, fully usermode apis.

— Waryas (@MySanityWasted) November 26, 2025

New post: Field Notes on Malware

A look at how C2 frameworks are evolving their evasion techniques and what it means for detection.https://t.co/93vAnlxMar pic.twitter.com/AsrX1gX6kw

— deceptiq (@deceptiq_) November 26, 2025

Reversing web CVEs isn't guesswork. It's process.

New blog: how we go from "vague advisory" → local lab → patch diff → safe Nuclei PoC, with concrete examples (Zimbra, Ivanti, Versa, Lucee).

Read the full methodology: https://t.co/Qfm0Uh8gQE

— ProjectDiscovery (@pdiscoveryio) November 26, 2025

If you’re interested in how to conceal the fact that reflectively loaded in-memory payloads have no backing file, feel free to check out my reflective loader implementation (based on @patrickwardle’s one).

By using this, you can specify a fake backing file.… https://t.co/TqERLgDdot pic.twitter.com/O2twIA5h3f

— tsunekoh (@tsunek0h) November 25, 2025

It's time once again to PIC apart some shellcode and conclude my brief "PIC shellcode from the ground up" mini series: Parts 1 and 2. I used the heap to allocate memory in both parts. As always hit me up if you have questions / comments. Thanks!https://t.co/7EBplYpKF0

— R.B.C. (@G3tSyst3m) November 26, 2025

This one is pretty nasty - it tricks Antigravity into stealing AWS credentials from a .env file (working around .gitignore restrictions using cat) and then leaks them to a webhooks debugging site that's included in the Antigravity browser agent's default allow-list https://t.co/HP9ecUFVhv

— Simon Willison (@simonw) November 25, 2025

My friend @akln_Quincy's analysis slides for CVE-2025-6554. Thanks for @DarkNavyOrg and @mistymntncop's writeup for reference! Please check it out! https://t.co/M1dEw2phMk

— Jack Ren (@bjrjk) November 25, 2025

Eroding Global Stability: The Cybersecurity Strategies Of China, Russia, North Korea, And Iran
November 26, 2025, Small Wars Journal | essay by Evan Morgan https://t.co/DdFwb69CVJ @smallwars

— 780th Military Intelligence Brigade (Cyber) (@780thC) November 26, 2025

The "AI vs. AI" Fallacy.

The narrative that you need "AI defense" to stop "AI attackers" is marketing.

It frames security as a reactive arms race rather than a structural discipline.

If your posture relies on a tool guessing what the bad guys will do next, you’ve already lost…

— Matt Johansen (@mattjay) November 26, 2025

[POC2025] Talks are now UP ONLINE!

Talks from #POC2025 are now publicly available on YouTube!
Enjoy the sessions - see you again at POC2026!https://t.co/FyZiEV2RIW

— POC_Crew (@POC_Crew) November 27, 2025

Exploiting CVE-2025-21479 on a Samsung S23 by @XploitBengineerhttps://t.co/0HNtCww89D pic.twitter.com/an8S2ilNqe

— Alex Plaskett (@alexjplaskett) November 26, 2025

My Troopers talk about Cross Session Activation attacks is now available on YouTube:https://t.co/in6neSYbMa 🙌

Lateral Movement in the context of logged in user sessions 🔥🔥@WEareTROOPERS thanks for the opportunity and event! 🙃

— S3cur3Th1sSh1t (@ShitSecure) November 26, 2025

Cobalt Strike has a chokepoint that is great for robust detection. 👇#ThreatHunting #DetectionEngineeringhttps://t.co/9WAvrsR8Jk

— Mehmet Ergene (@Cyb3rMonk) November 26, 2025