the grugq's newsletter

Subscribe
Archives
October 2, 2025

October 2, 2025

October 2, 2025

Most #CyberSecurity classes focus on Western technology stacks, fueling #APT groups with TTPs to ravage our own networks. We are flipping the script, and training those who desire to have an impact through offensive means in a more "direct" manner. Follow for future in-person and… pic.twitter.com/rU1uyjvXSb

— Steve Borosh (@rvrsh3ll) October 1, 2025

Can you share what you think are some of the important distinctions between western and non-western infrastructure?

— Tyler Fitch (@RegalNole) October 1, 2025

In my slides at https://t.co/NyOzRVQ2Lx

— Steve Borosh (@rvrsh3ll) October 1, 2025


Eternal-Tux: Crafting a Linux Kernel KSMBD 0-Click RCE Exploit from N-Days

William Liu @cor_ctf posted an article about exploiting a slab object overflow (CVE-2023-52440) and remote infoleak (CVE-2023-4130) in the kernel SMB3 daemon to gain RCEhttps://t.co/kqvwX9NbSK pic.twitter.com/EKrpCIETcb

— Linux Kernel Security (@linkersec) October 1, 2025


babe are you ok? it’s already q4 and you’ve barely touched your “2025 roadmap”

— alli (@sonofalli) October 1, 2025


Blog post is out! Come learn about how I analyzed the latest kernelCTF 1-day submission.

This was a vulnerability in the Kernel TLS subsystem. I didn't write a full exploit yet, but @u1f383 already gave me some ideas that I will try to implement soon😅https://t.co/jFcVrwm9NF

— Faith 🇧🇩🇦🇺 (@farazsth98) October 1, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X