October 27, 2025

                        October 27, 2025

            October 27, 2025

                    October 27, 2025

Spent some time on an old iOS WebKit bug to learn about browser exploitation https://t.co/CDySlTzGM6 pic.twitter.com/0a7maHBU8b
— Billy Ellis (@bellis1000) October 24, 2025

VMware Workstation guest-to-host escape (CVE-2023-20870/CVE-2023-34044 and CVE-2023-20869)https://t.co/DseNNxt7Ow

Credits Alexander Zaviyalov (@NCCGroupInfosec)#infosec pic.twitter.com/TVyvnLvR6q
— 0xor0ne (@0xor0ne) October 25, 2025

Employees use AI to generate fake expense receipts to deceive their employers, creating ultra-realistic documents in seconds. The goal is to claim reimbursement for expenses never incurred, exploiting how easily chatbots can now forge convincing receipts. Is it happening at your… pic.twitter.com/HgDPHOZAys
— Lukasz Olejnik (@lukOlejnik) October 26, 2025

If you have not implemented a detection for suspicious IIS worker (w3wp.exe) processes, now is your time to do it. 
The Windows server components rely on IIS, not only WSUS, the same was the case with the last SharePoint vulnerability. https://t.co/tRDJB3NBxc https://t.co/o9pVdEkKud
— Bert-Jan 🛡️ (@BertJanCyber) October 25, 2025

I ported Doom, the legendary first-person shooter, to render directly in terminals using the Kitty graphics protocol, featuring BASE64-encoded 4 KB chunks with SIMD optimization.https://t.co/FnumvGrQx9 pic.twitter.com/XpKo4sGkWz
— Jim Huang (@jserv) October 25, 2025

The cat's out of the bag - here's my take on the same hypervisor detection concept https://t.co/Msgykoey7L. https://t.co/cHMCK27JkU
— Justas Masiulis (@JustasMasiulis) October 25, 2025

https://popovicu.com/posts/linux-vm-without-vm-software-user-mode/

The Hacking Team is back/Operation ForumTroll

Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence.

Deploys Dante spyware (successor to RCS(Hacking
 Team), now Memento Labs) + custom LeetAgent for keylogging, file theft.

Exploits: 
Zero-days… pic.twitter.com/olR8RCEo1g
— blackorbird (@blackorbird) October 27, 2025

https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/

Honey wake up, a new alternative to userfaultfd / FUSE for lengthening race windows just dropped!!https://t.co/c7MpyDoEpc pic.twitter.com/7LObdffbGu
— Faith 🇧🇩🇦🇺 (@farazsth98) October 27, 2025

China’s Vulnerability Research: What’s Different Now? https://t.co/j4rZFmIqfS
— cje (@caseyjohnellis) October 27, 2025

Don't miss what's next. Subscribe to the grugq's newsletter:

Start the conversation: