the grugq's newsletter

Subscribe
Archives
October 7, 2025

October 7, 2025

October 7, 2025

This was an interesting read, but to their credit, I was expecting a bit wider coverage. The coverage of IO in sync with kinetic strikes is well captured and studied here, such as the case of mistake in timing of posting the AI generated Evin strike while the bombing was still in… https://t.co/F8rqz232Ek pic.twitter.com/lBeqW9HSyK

β€” Hamid Kashfi (@hkashfi) October 7, 2025


Creating a company that sells a little box that tells all your other voice-activated smart home devices malicious half-truths when it detects you have left the house

β€” Andrew Dice Bitcoin (@fleshsimulator) October 6, 2025


After reading Lui's blog post: https://t.co/qwTxHt1Dj0 I decided to give it a go and create an exploit for it. After spending a few days I was able to re-produce it and spawn a SYSTEM shell, published the working code here: https://t.co/ef1BHq6T7d there's no ASLR bypass though!

β€” symeon (@symeonp) October 6, 2025


An interesting paper regarding #UAV πŸ‘‰ Cybersecurity and Artificial Intelligence in Unmanned Aerial Vehicles: Emerging Challenges and Advanced Countermeasures https://t.co/fP8G5VGwa4

β€” LAB52 (@LAB52io) October 6, 2025


Are you new to OS internals or want to start learning about them? πŸ“² Check out my post on control flow integrity in the user- vs kernel- space!

This blog is much shorter and simpler than my recent posts, so I am hoping it can help beginners.

Hope you enjoy!… pic.twitter.com/9LKJOsGDrd

β€” Olivia Gallucci ✨ (@OliviaGalluccii) October 6, 2025


Interesting idea: embed the decoding kernel for the file format as WASM in the file header. https://t.co/CtKNmgzBNk

β€” Dino A. Dai Zovi (@dinodaizovi) October 6, 2025


πŸ’₯ Wiz Research has uncovered a critical Redis vulnerability that's been hiding for 13 years

We found RediShell (CVE-2025-49844): an RCE bug in Redis that affects every version of Redis out there. It's rated CVSS 10 - the highest severity possible.

The vulnerability lets… pic.twitter.com/axNK2hJQcr

β€” Wiz (@wiz_io) October 6, 2025


What Every Programmer Should Know About Memory. I haven't finished it yet but I'm loving the in depth explanations about RAM design, latencies, excruciating detail on the internal workings of caches. A long but worthwhile readhttps://t.co/wL3ISl29Ri

β€” Emilio LΓ³pez (@redorav) October 6, 2025


Remote code execution exploit targeting the Synology TC500 smart camera by @infosectcbrhttps://t.co/aUtOYcb2ex#infosec #embedded pic.twitter.com/gRs9DlpDDP

β€” 0xor0ne (@0xor0ne) October 7, 2025


Devin is dropping fucking GAS for free out here. πŸ”₯πŸ”₯πŸ”₯ https://t.co/b7SUhqfDo5 pic.twitter.com/LEDPBtZ4lX

β€” Dakota Cary (@DakotaInDC) October 6, 2025


Weird stuff going on. This is a CRAZY anime arc. I beg you to read this post. This shit is crazy.

Check this shit out

June 16th, 2025: @phrack reports suspected offensive state-sponsored activity from China and/or North Korea targeting South Korea. They notify KR-CERT (Defense… pic.twitter.com/bsg74OSnU6

β€” vx-underground (@vxunderground) October 6, 2025


My oldest kid is 12.

Active Directory is 25.

One of them still wakes me up in the middle of the night screaming.

β€” spencer (@techspence) October 6, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X