what a time to be alive.

Lumen’s Black Lotus Labs has uncovered a longstanding campaign orchestrated by the Russian-based threat actor known as “Secret Blizzard” (also referred to as Turla) | blog.lumen.com/snowblind-the-… Lumen

Anyone that works with LLMs knows this is complete crap. Someone tuned a model to behave like this. The disabling mechanism "discovery" is none sense so os the move to another server. These were staged at best fabricated at worst.

Our latest video kicks off with "Pwned by Sophos," a comedic animated short parodying a fictional podcast debate about the very real Sophos Pacific Rim Report. The report details how Sophos X-Ops hacked Chinese nation-state threat actors with kernel implants—sparking ethical

Juan-Andres on China's attempts to expose US intelligence cyber operations J. A. Guerrero-Saade #threebuddyproblem

Blurring the Lines: How Nation-States and Organized Cybercriminals Are Becoming Alike trellix.com/blogs/research… Trellix

Juanito has a lot to say about the nonstop network appliance 0day exploitation. Complete with Daily Dave shoutout 😂 Dave Aitel Costin Raiu J. A. Guerrero-Saade

BSidesHBG is thrilled to announce Ryan English (English, Ryan, 1ea) and Danny Adamitis as our tag-team of Opening Keynote Speakers this year! 🗓️Friday, APR 25 2025! Tickets: eventzilla.net/e/bsides-harri… #BSidesHBG #BSides #infosec

We start our speaker shout outs this year with the Opening Keynote presented by Ryan English (English, Ryan, 1ea) and Danny Adamitis! Come watch an awesome talk on the evolution and current state of the threat landscape. 🗓️Friday April 25, 2025 Get tickets: eventzilla.net/e/bsides-harri…

Some thoughts on edge devices, especially after reading Rapid7’s write-up on Ivanti: 1. The more features these boxes have, the more attack surface they expose. 2. A locked-down OS and restricted shell make compromise assessment nearly impossible. 3. Foreign actors have the

🛑 New Cisco flaw scores a perfect 10.0 CVSS. A hardcoded token. Root access. No login needed. If you run Catalyst 9800 wireless controllers, you’ll want to check this fast. 👉 Read more about CVE-2025-20188 here: thehackernews.com/2025/05/cisco-…

Hard-coded tokens. In 2025. Seriously? If humans want to compete with AI that writes and reviews code 24/7, they can’t keep shipping stuff like this. This isn’t just a bad look - it’s fuel for the “AI is more secure” argument. It’s almost like they wanted to get popped.

BLOG POST: We are once again proud to have been involved in #OperationEndgame, this time helping to disrupt #DanaBot. We also got to collaborate closely with our buddies at Black Lotus Labs. You can read about our shared input in our co-authored blog! team-cymru.com/post/inside-da…

We just released our findings on long-term activity clusters attributed to China-nexus actors. We discuss a relatively underreported, yet critical, aspect of the threat landscape: the targeting of cybersecurity vendors. Big shout out to Black Lotus Labs for their support! [1/2]

As a security researcher it is hard to remember to share work publicly because I am use to everything being a secret. Here is a list of all the projects I've built using AI that aren't a secret since GPT3. gist.github.com/dmaynor/cb5e6c… #ai #vibecode

Marine I deployed with three times named Kevin Lloyd is currently in the Hospital with a diagnosis of Stage 4 Colorectal Cancer that has spread to his brain and started eating away at his vision. The cancer is connected to toxic exposure to open-air burn pits, and the

homefield advantage applies to everything really

Security researcher trying to get a CVE assigned