ThinkstScapes Research Roundup - Q3 - 2025 episode artwork

EPISODE · Nov 11, 2025 · 38 MIN

ThinkstScapes Research Roundup - Q3 - 2025

from ThinkstScapes · host Marco Slaviero, Jacob Torrey, haroon meer

Q3’25 ThinkstScapesMicrosoft-induced security woesOne Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokensDirk-jan Mollema[Blog post]Turning Microsoft's Login Page into our Phishing InfrastructureKeanu Nys[Slides] [Video]You snooze you lose: RPC-Racer winning RPC endpoints against servicesRon Ben Yizhak[Slides] [Code] [Video]Internal Domain Name Collision 2.0Philippe Caturegli[Slides] [Video]Logs are not always as they appearSource IP Spoofing in Cloud Logs: A Hands-On Look Across AWS, Azure, and GCPEliav Livneh[Video]I'm in Your Logs Now, Deceiving Your Analysts and Blinding Your EDROlaf Hartong[Slides] [Code]From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and EvasionShu-Hao Tung[Slides] [Paper] [Video]Autobots roll out!Automating software security with LLMsTyler Nighswander[Site] [Code] [Video]Agents Built From AlloysAlbert Ziegler[Blog post] [Dataset]AI Agents for Offsec with Zero False PositivesBrendan Dolan-Gavitt[Slides]Are CAPTCHAs Still Bot-hard? Generalized Visual CAPTCHA Solving with Agentic Vision Language ModelXiwen Teoh, Yun Lin, Siqi Li, Ruofan Liu, Avi Sollomoni, Yaniv Harel, and Jin Song Dong[Site] [Paper] [Code]Good vibrationsInvisible Ears at Your Fingertips: Acoustic Eavesdropping via Mouse SensorsMohamad Habib Fakih, Rahul Dharmaji, Youssef Mahmoud, Halima Bouzidi, and Mohammad Abdullah Al Faruque[Site] [Paper]TimeTravel: Real-time Timing Drift Attack on System Time Using Acoustic WavesJianshuo Liu, Hong Li, Haining Wang, Mengjie Sun, Hui Wen, Jinfa Wang, and Limin Sun[Paper]Nifty sundriesCrescent library brings privacy to digital identity systemsChristian Paquin, Guru-Vamsi Policharla, and Greg Zaverucha[Blog post] [Paper] [Code]Journey to the center of the PSTN: How I became a phone company, and how you can tooEnzo Damato[Slides] [Video]Safe Harbor or Hostile Waters: Unveiling the Hidden Perils of the TorchScript Engine in PyTorchJi'an Zhou and Lishuo Song[Slides]Ghosts in the Machine Check – Conjuring Hardware Failures for Cross-ring Privilege EscalationChristopher Domas[Slides] [Code] [Video]Machine Against the RAG: Jamming Retrieval-Augmented Generation with Blocker DocumentsAvital Shafran, Roei Schuster, and Vitaly Shmatikov[Paper] [Code]Inverting the Xorshift128+ random number generatorScott Contini[Blog post] [Code]

This is episode 17 of Thinkst's Trends & Takeaways (for Q3 of 2025). A quarterly summary of information security research, talks and presentations. Join our host Jacob Torrey as he highlights the research and papers that caught our eye during the preceding quarter. https://thinkst.com/ts

NOW PLAYING

ThinkstScapes Research Roundup - Q3 - 2025

0:00 38:15

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of ThinkstScapes?

This episode is 38 minutes long.

When was this ThinkstScapes episode published?

This episode was published on November 11, 2025.

What is this episode about?

Q3’25 ThinkstScapesMicrosoft-induced security woesOne Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokensDirk-jan Mollema[Blog post]Turning Microsoft's Login Page into our Phishing InfrastructureKeanu...

Can I download this ThinkstScapes episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!