Signalgate and ID management hiccups, PuzzleMaker and Chrome 0days, Lab Dookhtegan returns

Three Buddy Problem - Episode 40: On the show this week, we look at the technical deficiencies and opsec concerns around the use of Signal for ultra-sensitive communications. Plus, some speculation on who's behind Kaspersky’s ‘Operation Forum Troll’ report, Chinese discussion on NSA/CIA mobile networks exploitation, and the return of ‘Lab Dookhtegan’ hack-and-leak exposures. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) , Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine) . Links: • Transcript (unedited, AI-generated) (https://docs.google.com/document/d/1u3s6n977qAHCEIChdXeRTrbseZ_2ZFYofneh8a5BMTg/edit?usp=sharing) • The Atlantic: The Trump admin accidentally texted me its war plans (https://archive.ph/JEYep) • The Atlantic: Here are the attack plans shared on Signal (https://archive.ph/fNUm7) • Signal statement on SignalGate (https://x.com/signalapp/status/1904666111989166408) • Our experts separate Signal from noise in the Trump team group chat (https://www.atlanticcouncil.org/blogs/new-atlanticist/our-experts-separate-signal-from-noise-in-the-trump-teams-messages-about-bombing-the-houthis/) • Operation ForumTroll exploits zero-days in Google Chrome (https://securelist.com/operation-forumtroll/115989/) • PuzzleMaker attacks with Chrome zero-day exploit chain (https://securelist.com/puzzlemaker-chrome-zero-day-exploit-chain/102771/) • Ten most mysterious APT campaigns that remain unattributed (https://securelist.com/top-10-unattributed-apt-mysteries/107676/) • Operation FishMedley linked to i-SOON (https://www.welivesecurity.com/en/eset-research/operation-fishmedley/) • Chinese gov agency on mobile attacks by US intel agencies (http://www.news.cn/world/20250325/02ba448744ac4b75a81df613a88b4d26/2025032522b55fd15b244a5fac54e424c62be9b7_1616350dfed1c44ba786a82d574c86c30f.pdf) • LabDookhtegan Telegram channel (https://t.me/Lab_Dookhtegan_Channel/254) • Tornado Cash sanctions removed (https://home.treasury.gov/news/press-releases/sb0057) • Intrusion Truth (https://intrusiontruth.wordpress.com/) • Lab Dookhtegan archives on CyberScoop (https://cyberscoop.com/tag/lab-dookhtegan/)