The vast majority of hacking is just credentials. There are four basic ways to get creds:

STAB

Steal: using malware, etc.
Try: brute force, guessing, etc.
Ask: social engineering, etc.
Buy: infostealer logs, etc.

Steal. Try. Ask. Buy.

A collab with @UK_Daniel_Card

— thaddeus e. grugq (@thegrugq) September 20, 2025

pic.twitter.com/t1rYXf779N

— SwiftOnSecurity (@SwiftOnSecurity) September 19, 2025

“Once men turned their thinking over to machines in the hope that this would set them free. But that only permitted other men with machines to enslave them.” --- Frank Herbert, Dune, 1965

Love that quote in the intro of the study about Brains on LLMs.https://t.co/uy7a9YVFvG

— Marcel Böhme👨‍🔬 (@mboehme_) September 20, 2025

They pentested the no-fly list pic.twitter.com/eLDBtDbC2c

— SwiftOnSecurity (@SwiftOnSecurity) September 19, 2025

EU's Chat Control proposal is to effectively ban end to end encryption since it demands that governments can read all msgs.
I find this to be not only insane, but feasibly impossible. Breaking the whole internet. Yet it got voted on last week, and just narrowly stopped. Whew! https://t.co/9wo1wbWg6a pic.twitter.com/H0hRDbFbCS

— Jack Rhysider 🏴‍☠️ (@JackRhysider) September 19, 2025

Classic prompt injection attack here against Notion: hidden text (white on white) in a PDF which, when processed by Notion, causes their agent to gather confidential data from other pages and append it into a query string that gets passed to their functions_search() tool https://t.co/1VPZ3KzJqK

— Simon Willison (@simonw) September 19, 2025

tldr:
hostile take over happening of rubygems by the ruby central team for the sake "software supply chain security", which has caused core maintainers to quit on the spot.

core maintainers of 10+ years have lost access rights, no one will be restored, and at one point the org… https://t.co/V3nyrJ3WTD

— ali (@endingwithali) September 19, 2025