the grugq's newsletter

Subscribe
Archives
September 21, 2025

September 21, 2025

September 21, 2025

Just published some notes on httpjail - this is a really interesting new sandboxing project, it lets you run a process (on macOS or Linux or in Docker) with strict restrictions on what outbound HTTP requests it can make, specified as JS or a shell script https://t.co/WOPFcn9hNm https://t.co/L8vAxSAEI1

— Simon Willison (@simonw) September 19, 2025

—

*turns on loudspeaker at 5,000 person venue*
"Hey Meta, text my ex and say I miss her" https://t.co/Gie0cz0nUv

— near (@nearcyan) September 19, 2025


Insane because Microsoft uses a tool like dnstwist to find lookalike domains in Defender for Office 365... but you have to pay for it

The good news is this tool is FREE, so everyone can and should monitor for lookalike domains:https://t.co/AolV8QhQWHhttps://t.co/5L7RlswD0I https://t.co/4mWIMOqBuP pic.twitter.com/xXzR192tnG

— Nathan McNulty (@NathanMcNulty) September 20, 2025


Another beautiful FortiWeb WAF RCE !
Putting the vendor aside, this is one of those cool cases that combines a couple of otherwise overlooked and simple primitives into something lethal.

CVE-2025-52970:https://t.co/7Npnke3MLJ https://t.co/xXI94N8TQE pic.twitter.com/teLgcwqWtA

— Hamid Kashfi (@hkashfi) September 20, 2025


A reminder that there are many IT systems that can be leveraged to disrupt transportation and logistics. You don’t have to attack the planes to cause cascading failures in our airways. https://t.co/uENx9urRE6

— John Hultquist (@JohnHultquist) September 20, 2025


You can jailbreak the httpjail 😎

I found an exploit that totally bypasses all protection, allowing an attacker to still exfiltrate anything they want from the jail

The exploit tricks the proxy server, which thinks everything is cool, but it sends the request to my evil site! https://t.co/FIiPgp5HDy pic.twitter.com/vxYZGbnPrH

— itszn (@itszn13) September 21, 2025


Don't miss what's next. Subscribe to the grugq's newsletter:
Start the conversation:
X