the grugq's newsletter

Subscribe
Archives
October 6, 2025

October 5-6, 2025

October 5-6, 2025

GitHub - b1n4r1b01/n-days

Contribute to b1n4r1b01/n-days development by creating an account on GitHub.


GitHub - stealth/crash: crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX

crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX - stealth/crash


Crazy how the MIT License started as a open source project and popped off so hard they built a university about it ๐Ÿคฏ pic.twitter.com/Zsr44K32wz

โ€” Jane Manchun Wong (@wongmjane) October 3, 2025


truly terrifying to learn we walk amongst humans that hacked arbitrary kernel race conditions to last 19 minutes. pic.twitter.com/bQxKgeTrKA

โ€” Jโฉœโƒmie Williams (@jamieantisocial) October 4, 2025


This is a first

Regular people will now be emailing executives of breached companies harassing them to pay a ransom.

Scattered Lapsus Shiny Hunters is giving their Telegram viewers $10 in Bitcoin per email to harass executives of breached companies for their new leak site. pic.twitter.com/0PjkZMPS5O

โ€” Dominic Alvieri (@AlvieriD) October 4, 2025


not sure whatโ€™s funnier: the AI snooping gadget not having an off button OR the AI quarantine box https://t.co/khW7ko7Y8U

โ€” Internet of Shit (@internetofshit) October 4, 2025


Wrote a blogpost today about getting Lucid fuzzing on a "real" target, all of the work that it took and the changes we made along the way. Next, we'll take a more earnest bug-finding approach and conduct a serious fuzzing campaign with Lucid: https://t.co/fV9ACcem7F

โ€” h0mbre (@h0mbre_) October 4, 2025


๐Ÿšฉ Google Project Zero Details ASLR Bypass on Apple Deviceshttps://t.co/TkLGGjVY8W

A researcher from Project Zero has unveiled a clever serialization attack that leaks memory addresses on macOS and iOS, undermining Appleโ€™s ASLR.

The exploit leverages how NSDictionaryโ€ฆ

โ€” Hunt.io (@Huntio) October 4, 2025


Was just targeted by a clever (imo) scam. @RachelTobac @octal @krakenfx

>be me
>receive call from Calif number, pick up
>"hello, this is nicholas."
>hello nicholas, this is riley from kraken support
>*hang up*
>get legitimate email two seconds later from riley at krakenโ€ฆ

โ€” Nicholas De Leon (@nicholasadeleon) October 4, 2025


Introducing Gaslight Garage: a box where I put my phones and feed them AI-generated audio nonsense to make them think I want to buy stuff.

Practical AI for the people. ๐Ÿ‘Œ

I'll report back if my ads change in the next weeks. pic.twitter.com/Ce3zdFvylc

โ€” Karim Jedda (@KarimJDDA) August 20, 2025


''GitHub - Print3M/ByteCaster: Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays โ€“ all in a single command (14 output formats supported)! โ˜ข๏ธ''#infosec #pentest #redteam #blueteamhttps://t.co/hZweUBtsKF

โ€” Florian Hansemann (@CyberWarship) October 4, 2025


https://t.co/3MEEdF854m

Brilliant explanation of virtual memory. A bit like the cache, it's all so cleverly hidden away you'd be forgiven for thinking it doesn't exist, it's kind of the whole point!

โ€” Emilio Lรณpez (@redorav) October 4, 2025


This is one of the most impressive things Iโ€™ve seen in my career.

Built by a single dev in Warsaw, itโ€™s the missing UI for managing Claude Codeโ€™s context.

Itโ€™s got a great ui, itโ€™s built in rust so itโ€™s blazing fast and lightweight.

Totally bootstrapped, no funding, no flashyโ€ฆ https://t.co/kfmBNJ8OAH

โ€” Andrew Jefferson (@EastlondonDev) October 4, 2025


Why does the EU have such bad leaders? Scathing, honest and enlightening explanation from Luis Garicanohttps://t.co/rjUpqXsVlN pic.twitter.com/8TDXteKUzN

โ€” Finbarr Bermingham (@fbermingham) October 4, 2025


#SpyNews - week 40 (September 28-October 4):
A summary of 51 espionage-related stories from week 40 coming from ๐Ÿ‡ฎ๐Ÿ‡ท๐Ÿ‡ฎ๐Ÿ‡ฑ๐Ÿ‡ฌ๐Ÿ‡ง๐Ÿ‡น๐Ÿ‡ผ๐Ÿ‡จ๐Ÿ‡ณ๐Ÿ‡บ๐Ÿ‡ธ๐Ÿ‡ท๐Ÿ‡บ๐Ÿ‡บ๐Ÿ‡ฆ๐Ÿ‡ฐ๐Ÿ‡ท๐Ÿ‡ท๐Ÿ‡ธ๐Ÿ‡ซ๐Ÿ‡ท๐Ÿ‡ฉ๐Ÿ‡ช๐Ÿ‡ณ๐Ÿ‡ช๐Ÿ‡ฒ๐Ÿ‡ฑ๐Ÿ‡ง๐Ÿ‡ซ๐Ÿ‡ณ๐Ÿ‡ฌ๐Ÿ‡ธ๐Ÿ‡ด๐Ÿ‡ฏ๐Ÿ‡ต๐Ÿ‡น๐Ÿ‡ท๐Ÿ‡ฐ๐Ÿ‡ต๐Ÿ‡ง๐Ÿ‡ฌ๐Ÿ‡จ๐Ÿ‡ฟ๐Ÿ‡ฆ๐Ÿ‡น๐Ÿ‡ต๐Ÿ‡ธ๐Ÿ‡ณ๐Ÿ‡ฟ๐Ÿ‡ฎ๐Ÿ‡ณ๐Ÿ‡ต๐Ÿ‡ฐ๐Ÿ‡ธ๐Ÿ‡พ๐Ÿ‡ฑ๐Ÿ‡ง๐Ÿ‡ง๐Ÿ‡ช๐Ÿ‡จ๐Ÿ‡ฆ๐Ÿ‡ฆ๐Ÿ‡ฟ https://t.co/PdJzmLI7Y9#espionage #OSINT #HUMINT #SIGINT #spy

โ€” Spy Collection (@SpyCollection1) October 5, 2025


https://x.com/f_b_g/status/1974497595243241515


I'm so old I wrote that... the setup for MS-DOS 6.2 was the first Setup app I worked on.

The goal was get the update itself down a single floppy from three. The only way to do that was to use diffs against the files you already had installed.

But that meant doing binary deltaโ€ฆ https://t.co/zjMe9ZJztC

โ€” Dave W Plummer (@davepl1968) October 5, 2025


Silicon Graphics O2 workstation was introduced in October 1996. It used a single MIPS microprocessor, 32โ€ฏMB of base memory (expandable, at the time, to an eye-popping 1โ€ฏGB), and a 17โ€ CRT monitor supporting 1280ร—1024 at 75โ€ฏHz. Later processor options included the R5000,โ€ฆ pic.twitter.com/S1c5Luiajv

โ€” Understanding Linux: The Kernel Perspective (@unix_byte) October 5, 2025


Lessons from History about Russian Sabotagehttps://t.co/7IMgSO4Kl3

โ€” Dr. Dan Lomas (@Sandbagger_01) October 5, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X