A penetration tester got root access to our Kubernetes cluster in 15 minutes. Here's what they exploited.

The attack chain:
- Found exposed Kubernetes dashboard (our bad)
- Dashboard had view-only service account (we thought this was safe)
- Service account could list secrets…

— Branko (@brankopetric00) October 30, 2025

Finally out and officially open! Still behind with practical testing of Claude's equivalent, but Aarvark, based on early results, sounds more interesting. I gave up on Claude a while back and stopped using it in my code-audit LLM based pipeline, mostly because I got tired of… https://t.co/UwySDYlQGY

— Hamid Kashfi (@hkashfi) October 30, 2025

‼️ The Iranian state actor is releasing more footage

We can see they’re developing parts for what seems to be weapon systems.

We can also see they expanded their operation this year by adding multiple Bambu Lab X1C printers to their arsenal. https://t.co/FYI7XxizYf pic.twitter.com/UHeRb6DA9y

— International Cyber Digest (@IntCyberDigest) October 30, 2025

New Blog 👀

This blog discusses the topic of cybercrime counterintelligence to highlight the growing threat toward the cyber threat intelligence (CTI) and law enforcement (LE) communities ⚠️

🔗 https://t.co/e7XVviZHMm pic.twitter.com/THKMZBTemU

— Will (@BushidoToken) October 30, 2025

The first history of the French foreign intelligence service #DGSE to be published in English: https://t.co/Z9iW2roIWS

— Electrospaces (@electrospaces) October 30, 2025

This Williams story is crazy. The documents only leave more questions. How did L3Harris (company 1) learn about the sales to Operation Zero (company 3)?

Were they able to attribute their own exploit (item 3) by looking at the rop chain or did he legit leave the headers in? pic.twitter.com/6JTdcwtrt5

— Scott Bauer (@ScottyBauer1) October 31, 2025

Such a cool project.https://t.co/9VKup6FyPU

— Sunny Bains @TiDB (@sunbains) October 29, 2025

A historic breach has leaked over 500GB of China’s censorship data, revealing internal documents, operational logs, and vulnerabilities in the Great Firewall’s structure, exposing the fragility of its enforcement mechanisms. #GreatFirewall #CensorshipBre… https://t.co/Z36o8RP7s3

— Cyber_OSINT (@Cyber_O51NT) October 31, 2025

BlackRock’s private-credit arm was defrauded of over $500 million by an Indian named Bankim Brahmbhatt.

Brahmbhatt ran a telecom-financing firm named Carriox Capital and fabricated customer contracts and invoices from major telecom companies such as T-Mobile, Telstra, and… pic.twitter.com/RaCcXkSB9p

— AF Post (@AFpost) October 30, 2025

I am surprised how impressed I am by https://t.co/I6YWjWv73K. I am still testing it out, but so far it looks very useful for code reviews! Just put a "0" in front of any pull request URL on GitHub. pic.twitter.com/V8MPmGdpd9

— 🧗‍♂️ Matt Holt (@mholt6) October 30, 2025