| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <4312F4AF-FDE8-4D90-BB0C-01BA7713ABFF@schermer.cz> Date: Thu, 30 Oct 2025 12:14:47 +0100 From: Jan Schermer <jan@...ermer.cz> To: fulldisclosure@...lists.org Cc: Noor Christensen <kchr+fd@...post.org> Subject: Re: [FD] : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) I looked at few repos and posts of "Joseph Goydish". It all seems to be thinly veiled AI slop and BS. Cited vulns are not attributed to him really and those chains don’t make a lot of sense. Screen recordings look suspicious, some versions reference High Sierra for some reason (but I can’t find those bits now). I invite anyone to look at his GH repos and scroll through commit history. Does this make any sense? https://github.com/JGoyd/Apple-Silicon-A17-Flaw I wonder if the purpose of this is to confuse HR somewhere, need for fame or something else. Jan > On 29. 10. 2025, at 12:15, josephgoyd via Fulldisclosure <fulldisclosure@...lists.org> wrote: > > The exploit I caught in the wild and the flow of the attack chain are in this repo: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 > > The report was constructed via log analysis. > > -------- Original Message -------- > On Wednesday, 10/29/25 at 01:44 Christoph Gruber <list@...u.at> wrote: > It seems, the whole account is down > -- > Christoph Gruber > >> Am 29.10.2025 um 03:37 schrieb Noor Christensen <kchr+fd@...post.org>: >> >> On Thu Oct 2, 2025 at 11:45 PM CEST, josephgoyd via Fulldisclosure wrote: >>>> ---------------------------------------------------------------------- >>>> >>>> Full Technical Disclosure: >>>> >>>> [Glass Cage iOS Attack Chain](https://weareapartyof1.substack.com/p/glass-cage-zero-day-imessage-attack) >> >> Hi Joseph, >> >> Looks like your post with the technical details is down; I'm getting a 404 since >> yesterday. >> >> -- kchr >> _______________________________________________ >> Sent through the Full Disclosure mailing list >> https://nmap.org/mailman/listinfo/fulldisclosure >> Web Archives & RSS: https://seclists.org/fulldisclosure/ > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: https://seclists.org/fulldisclosure/ _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Powered by blists - more mailing lists