Re: : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885)
嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”这样的开头。好的,我先看看这篇文章到底讲了什么。 这篇文章是Jan Schermer发的,他看了Joseph Goydish的一些GitHub仓库和帖子。看起来Goydish分享的漏洞信息很可疑,漏洞引用不明确,攻击链也不合理。还有些屏幕录制看起来不太真实,甚至提到了High Sierra系统,这可能有问题。 Schermer怀疑Goydish可能是为了混淆视听、博取关注或者其他目的。他还邀请大家自己去查看Goydish的GitHub仓库和提交历史,看看有没有什么问题。 所以,总结起来就是:Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 接下来我要把这些信息浓缩到100字以内。确保涵盖主要点:质疑漏洞的真实性、引用问题、攻击链不合理、动机怀疑。同时保持语言简洁明了。 可能的结构是:Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 检查一下字数:这句话大概有35个字左右,符合要求。这样用户就能快速了解文章的核心内容了。 </think> Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 2025-11-7 13:49:33 Author: seclists.org(查看原文) 阅读量:6 收藏
嗯,用户让我帮忙总结一下这篇文章的内容,控制在一百个字以内,而且不需要用“文章内容总结”这样的开头。好的,我先看看这篇文章到底讲了什么。 这篇文章是Jan Schermer发的,他看了Joseph Goydish的一些GitHub仓库和帖子。看起来Goydish分享的漏洞信息很可疑,漏洞引用不明确,攻击链也不合理。还有些屏幕录制看起来不太真实,甚至提到了High Sierra系统,这可能有问题。 Schermer怀疑Goydish可能是为了混淆视听、博取关注或者其他目的。他还邀请大家自己去查看Goydish的GitHub仓库和提交历史,看看有没有什么问题。 所以,总结起来就是:Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 接下来我要把这些信息浓缩到100字以内。确保涵盖主要点:质疑漏洞的真实性、引用问题、攻击链不合理、动机怀疑。同时保持语言简洁明了。 可能的结构是:Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 检查一下字数:这句话大概有35个字左右,符合要求。这样用户就能快速了解文章的核心内容了。 </think> Jan Schermer质疑Joseph Goydish发布的漏洞信息真实性,指出其漏洞引用不明确、攻击链不合理,并怀疑其动机不纯。 2025-11-7 13:49:33 Author: seclists.org(查看原文) 阅读量:6 收藏
Full Disclosure mailing list archives
From: Jan Schermer <jan () schermer cz>
Date: Thu, 30 Oct 2025 12:14:47 +0100
I looked at few repos and posts of "Joseph Goydish". It all seems to be thinly veiled AI slop and BS. Cited vulns are not attributed to him really and those chains don’t make a lot of sense. Screen recordings look suspicious, some versions reference High Sierra for some reason (but I can’t find those bits now). I invite anyone to look at his GH repos and scroll through commit history. Does this make any sense? https://github.com/JGoyd/Apple-Silicon-A17-Flaw I wonder if the purpose of this is to confuse HR somewhere, need for fame or something else. Jan
On 29. 10. 2025, at 12:15, josephgoyd via Fulldisclosure <fulldisclosure () seclists org> wrote: The exploit I caught in the wild and the flow of the attack chain are in this repo: https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201 The report was constructed via log analysis. -------- Original Message -------- On Wednesday, 10/29/25 at 01:44 Christoph Gruber <list () guru at> wrote: It seems, the whole account is down -- Christoph GruberAm 29.10.2025 um 03:37 schrieb Noor Christensen <kchr+fd () fripost org>: On Thu Oct 2, 2025 at 11:45 PM CEST, josephgoyd via Fulldisclosure wrote:---------------------------------------------------------------------- Full Technical Disclosure: [Glass Cage iOS Attack Chain](https://weareapartyof1.substack.com/p/glass-cage-zero-day-imessage-attack)Hi Joseph, Looks like your post with the technical details is down; I'm getting a 404 since yesterday. -- kchr _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
_______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- Re: : "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201, CNVD-2025-07885) Jan Schermer (Nov 07)
文章来源: https://seclists.org/fulldisclosure/2025/Nov/14
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh