the grugq's newsletter

Subscribe
Archives
September 20, 2025

September 20, 2025

September 20, 2025

The vast majority of hacking is just credentials. There are four basic ways to get creds:

STAB

Steal: using malware, etc.
Try: brute force, guessing, etc.
Ask: social engineering, etc.
Buy: infostealer logs, etc.

Steal. Try. Ask. Buy.

A collab with @UK_Daniel_Card

— thaddeus e. grugq (@thegrugq) September 20, 2025

To expand on this slightly.

Steal: to collect from the system Try: from something unrelated to the system (e.g. guessing) Ask: to get from someone in/part of/with access to the system Buy: to get from a third party

Still working on it a bit, suggestions welcome :)


pic.twitter.com/t1rYXf779N

— SwiftOnSecurity (@SwiftOnSecurity) September 19, 2025


“Once men turned their thinking over to machines in the hope that this would set them free. But that only permitted other men with machines to enslave them.” --- Frank Herbert, Dune, 1965

Love that quote in the intro of the study about Brains on LLMs.https://t.co/uy7a9YVFvG

— Marcel Böhme👨‍🔬 (@mboehme_) September 20, 2025


They pentested the no-fly list pic.twitter.com/eLDBtDbC2c

— SwiftOnSecurity (@SwiftOnSecurity) September 19, 2025


EU's Chat Control proposal is to effectively ban end to end encryption since it demands that governments can read all msgs.
I find this to be not only insane, but feasibly impossible. Breaking the whole internet. Yet it got voted on last week, and just narrowly stopped. Whew! https://t.co/9wo1wbWg6a pic.twitter.com/H0hRDbFbCS

— Jack Rhysider 🏴‍☠️ (@JackRhysider) September 19, 2025


Classic prompt injection attack here against Notion: hidden text (white on white) in a PDF which, when processed by Notion, causes their agent to gather confidential data from other pages and append it into a query string that gets passed to their functions_search() tool https://t.co/1VPZ3KzJqK

— Simon Willison (@simonw) September 19, 2025


Did the NPM hack kill Ruby?

tldr:
hostile take over happening of rubygems by the ruby central team for the sake "software supply chain security", which has caused core maintainers to quit on the spot.

core maintainers of 10+ years have lost access rights, no one will be restored, and at one point the org… https://t.co/V3nyrJ3WTD

— ali (@endingwithali) September 19, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X