Alert! 🚨🚨🚨
A 0day has been discovered in the popular software that you all use! 😵😵 I can't tell you which software it is 🤫 but it was sent to me by a source to be trusted! 🧙‍♂️🧙‍♂️ So update your software right away! 🕑🕑 and share this with 10 friends or you will get hax0red

— Exploit Code Not People 🏴 (@cooperq) October 16, 2023

Here’s the thing.
1) 0day is an exploit for a vulnerability that is not patched
2) exploit developers are lazy
3) result: 0day tends to work best against the current patch level because that’s what it’s developed against

If there is 0day, being patched makes you vulnerable. 😁 https://t.co/zP8OOLZpHp

— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) October 17, 2023

Does this mean “don’t patch”? No, absolutely not. 0day is rare and exceptional. Exploits for known vulnerabilities are cheap and plentiful. Patching is to ensure that only 0days are a threat, because they’re a rare vector. If the adversary needs an 0day, you’re doing great!

— thaddeus e. grugq thegrugq@infosec.exchange (@thegrugq) October 17, 2023

I’m going to say this again. If you briefly turned off Signal “link previews” for a day or two in response to a possible vulnerability, you made the correct risk assessment and paid a minor cost for (maybe) being wrong. https://t.co/UjgZ2TJfJy

— Matthew Green (@matthew_d_green) October 17, 2023

Really disappointed with the amount of otherwise smart infosec people who shared the signal 0day copypasta this weekend without investigating at all or confirming it. We are not immune to disinformation attacks and this weekend was a stunning example of that.

— Exploit Code Not People 🏴 (@cooperq) October 16, 2023

This video of analysis of various bugs in Pokemon Red/Blue is very satisfying: https://t.co/hAfjdlTsGG

— Matt Suiche (@msuiche) October 17, 2023