Interesting links of the week:

Strategy:

* https://assets.publishing.service.gov.uk/media/69411a3eadb5707d9f33d7e8/E03512978_-_Un-Act_The_National_Security_Act_in_2024_Accessible.pdf - the UK tries to define what a state threat is (and includes everyone from professional spies to someone who may not even know they pose a risk)

Standards:

* https://csrc.nist.gov/pubs/sp/800/82/r3/final - courtesy of @Secure_ICS_OT

Threats:

* https://www.microsoft.com/en-us/security/security-insider/threat-landscape/microsoft-digital-defense-report-2025 - MSFT's take on the landscape

Detection:

* https://ip.thc.org/ - @thc don't do things by half... here's a very large IP/DNS database
* https://www.fortinet.com/blog/threat-research/uncovering-hidden-forensic-evidence-in-windows-mystery-of-autologger - Fortinet look at alternate DFIR sources for Windows
* https://troopers.de/downloads/troopers19/TROOPERS19_DM_Threat_Modelling_Cisco_ACI.pdf - surprisingly, I have my own take on ACI, but here's one from @ERNW

Bugs:

* https://kqx.io/post/qemu-nday/ - popping Qemu like it was 13 years ago
* https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc - FreeBSD AV:A oopsie
* https://projectzero.google/2025/12/android-itw-dng.html - GOOG discuss a nasty image

Exploitation:

* https://hackers-arise.com/sdr-signals-intelligence-for-hackers-building-a-low-cost-private-4g-lte-network/ - ever wanted your own 4G LTE playground?
* https://podalirius.net/en/mainframe/as400-forensics-retrieving-your-licence-keys-from-disk-images/ - getting the keys to the museum
* https://caido.io/ - another alternative to Burp, with a focus on multi-stage attacks
* https://arxiv.org/pdf/2512.09882 - AI vs flesh face off

Hard hacks:

* https://blog.quarkslab.com/modern-tale-blinkenlights.html - @quarkslab pays €12 for a good time

Hardening:

* https://ariadne.space/2025/12/12/rethinking-sudo-with-object-capabilities.html - @ariadne discusses their sudo alternative
* https://lpc.events/event/19/contributions/2159/attachments/1833/3929/BpfJailer%20LPC%202025.pdf - building jails with eBPF
* https://pages.nist.gov/OSCAL/ - an as-code approach to standardised standards

#security, #research

"Bavarian pensioner lays trap to catch phone fraudster who was out for his gold":

https://www.theguardian.com/world/2025/dec/18/german-pensioner-lays-trap-catch-fraudsters-after-gold

Any of the @offsec folks on here?

This is my experience with LLMs. To paraphrase @apps3c “sometimes you just need to ask nicely”

https://hnsecurity.it/blog/attacking-genai-applications-and-llms-sometimes-all-it-takes-is-to-ask-nicely/
https://mastodon.cloud/@slashdot/115742100395423331

It's done. I can't believe it's finally done. I've been working on this in mostly secret for so long, and I'm so excited to share it with y'all!

https://taggart-tech.com/ringspace/

https://ringspace.net

We wrote a little bit on FortiCloud SSO login bypass CVE-2025-59718 (and 59719). Both the known PoCs for the former are fake / invalid. There does appear to be real exploitation evidence, but detections based on fake PoCs ain't it (and it seems like that's where a lot of chatter is coming from)

https://www.vulncheck.com/blog/forticloud-sso-login-bypass

Perfect 10 in HPE OneView with no description and the advisory behind a login? Must be good. Go hack that shit please. 🥳

https://www.cve.org/CVERecord?id=CVE-2025-37164

French authorities said they arrested the man who hacked their Ministry of Interior email servers.

He's a known hacker who was already convicted this year. Anyone has any ideas who this could be?

https://www.rfi.fr/en/france/20251218-france-detains-suspect-over-interior-ministry-cyberattack-as-probe-widens

Update on the iOS emulator 🔥

We’ve been deep into acceleration work lately, and the performance is already very promising for an emulated iOS18.

Still cooking, but we’re getting close to sharing it with you. And more is coming with iOS26...

#ios #emulation #devsecops

The Amphora of Great Intelligence (AGI)

#webcomic #krita #miniFantasyTheater

ORM Leaking More Than You Joined For - Part 3/3 on ORM Leak Vulnerabilities https://www.elttam.com/blog/leaking-more-than-you-joined-for/