I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: https://t.co/jD6EaGtsn3

— Dirk-jan (@_dirkjan) September 17, 2025

AI allows unprecedented content manufacturing mechanisation. The mechanised persona agents may remember context, adapt tone, coordinate across platforms, and simulate consensus. LINK to FP piece: https://t.co/caTEdl54SJ

— Lukasz Olejnik (@lukOlejnik) September 18, 2025

How to write an self-mutating malware. Aka build your own polymorphic engine, and a bit on metamorphic code. https://t.co/zHrt3yS3B8 pic.twitter.com/QnKfJATRvp

— Smukx.E (@5mukx) September 17, 2025

What Makes System Calls Expensive: A Linux Internals Deep Dive.https://t.co/fQNnIBCdrS

Another great post by @abhi9u. I learned a lot, including vDSO.

— Teiva Harsanyi (@teivah) September 16, 2025

...there's a 🇰🇵 dev out there reading thishttps://t.co/x6wRWi0EQ9 pic.twitter.com/vwdpcTIl1A

— J⩜⃝mie Williams (@jamieantisocial) September 17, 2025

Google Dork - APIs Endpoints ⚙️
site:example[.]com inurl:api | site:*/rest | site:*/v1 | site:*/v2 | site:*/v3

Find hidden APIs, try techniques 👨‍💻 pic.twitter.com/YFCUw77aWG

— Mike Takahashi (@TakSec) September 17, 2025

"A 41-year-old man and a 35-year-old woman were arrested at an address in Grays, Essex, the force said. A 46-year-old man was arrested at a separate address in the same area". https://t.co/f1pTFjvuE6

— Dr. Dan Lomas (@Sandbagger_01) September 18, 2025

Recorded Future: Insikt Group has observed CopyCop, a Russian covert influence network, creating at least 200 new fictional media websites targeting the United States (US), France, and Canada https://t.co/WKYpDnTrM4 @RecordedFuture

— 780th Military Intelligence Brigade (Cyber) (@780thC) September 18, 2025

DOJ press release: "Jubair went to great and sophisticated lengths to keep himself anonymous"

Meanwhile, the "great and sophisticated lengths" https://t.co/ZfEkwXELAD pic.twitter.com/kiW48gOXnn

— nc 🌐🕸️🐱 (@thoughtfault) September 18, 2025

At least Mitnick had the foresight to search “itni” when he did similar https://t.co/UOO5DuH1ka

— Dr. Wesley McGrew (@McGrewSecurity) September 19, 2025

> Scattered Spider ransoms company for 964BTC
> wtf_thats_alot.jpeg
> Document says "Cost of BTC at time was $36M"
> $36M / 964BTC = $37.5K
> BTC value was $37.5K in November, 2023
> Google "Ransomware, November, 2023"
> omfg.exe pic.twitter.com/uv2EzbL5HT

— vx-underground (@vxunderground) September 18, 2025

Company 2 = Caesars

I froze $12M total of Scattered Spider funds at three different services in Jan 2024.

277 BTC, 6086 AVAX, 1.1K XMR were the assets I froze.

Due to the crypto price appreciation since the ransom payment they actually profited (worth ~$33M at current… https://t.co/ztuiaZymKD pic.twitter.com/DsGrXAs6rg

— ZachXBT (@zachxbt) September 19, 2025

I published a blog post with more data on how the Shai-Hulud attack unfolded. Evidence pointing to the fact that most packages were uploaded by the attackers, rather than being organically infected. And the mistakes the attackers made. https://t.co/ahXcEISmbd

— Charlie Eriksen (@CharlieEriksen) September 18, 2025

#ESETresearch has discovered the first known cases of collaboration between Gamaredon and Turla, in Ukraine. Both groups are affiliated with the FSB, Russia’s main domestic intelligence and security agency. https://t.co/1cADq5kf7p
1/3

— ESET Research (@ESETresearch) September 19, 2025

I spent the last few weeks digging into hundreds of enterprise-built Vibe Coded applications.

When I found a security flaw, it was almost always one of the same 4 simple mistakes. Here they are 🧵 pic.twitter.com/BnW9st6OKr

— Nagli (@galnagli) September 19, 2025