October 26, 2025

                        October 27, 2025

            October 26, 2025

                    October 26, 2025

This week I had the pleasure of guest lecturing at both Georgetown University and Johns Hopkins SAIS on the intersection of AI, cyber and national security. You can find a brief overview of the topics I covered and my slides here.https://t.co/2bmRfKyFGc
— chrisrohlf (@chrisrohlf) October 25, 2025

https://secure.dev/ai_cyber_natsec_lecture.html

China releases 'UBIOS' standard to replace UEFI — Huawei-backed BIOS firmware replacement charges China's domestic computing goals  https://t.co/7VEXSreVxO
— Ryan Naraine (@ryanaraine) October 25, 2025

A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.

Microsoft told BleepingComputer they plan on fixing it in a future update.https://t.co/BeJY6YazJy
— BleepingComputer (@BleepinComputer) October 25, 2025

This might be useful for folks who use Ghidra on MacOS, installing via Brew doesn't give you a .app file so I put together a short guide to build the app file and put it in correct location https://t.co/OHvacp5WjD
— @zephrfish.yxz.red (@ZephrFish) October 25, 2025

Recent analysis reveals that APT-C-08, a South Asia-based APT group, has been executing phishing attacks via malicious application files, targeting government and military entities, and emphasizing the need for heightened security awareness. #CyberSecurity https://t.co/IAN52sdzO4
— Cyber_OSINT (@Cyber_O51NT) October 25, 2025

https://www.theregister.com/2025/10/24/exploitation_of_critical_windows_server/

#SpyNews - week 43 (October 19-25):
A summary of 67 espionage-related stories from week 43 coming from 🇨🇳🇺🇸🇺🇦🇷🇺🇵🇱🇲🇽🇮🇱🇮🇷🇬🇧🇵🇰🇳🇱🇰🇷🇨🇦🇷🇴🇱🇾🇻🇪🇩🇪🇫🇷🇳🇿🇮🇳🇹🇼🇸🇦🇩🇿🇰🇵🇧🇪🇫🇮🇨🇴🇰🇿🇰🇬🇨🇾🇵🇸🇪🇪🇸🇪🇹🇷🇧🇦🇭🇺🇾🇪🇯🇵🇨🇿🇬🇷🇳🇵🇧🇬 https://t.co/EodS3bgqBy#OSINT #HUMINT #SIGINT #spy #espionage
— Spy Collection (@SpyCollection1) October 26, 2025

More HW security goodness from Arm:https://t.co/Fmm8Xw8ask

vMTE (Virtual Memory Tagging) allows to use MTE in a more flexible way, consuming less RAM.

POE2 allows to build efficient in-process sandboxes and isolation. More-or-less improvement over x86 Memory Protection Keys. https://t.co/TPriWC1w9e
— Dmitry Vyukov (@dvyukov) October 24, 2025

Don't miss what's next. Subscribe to the grugq's newsletter:

Start the conversation: