My big concern with working in cybersecurity in the US right now is there is a massive push for deterring cyberespionage by responding with intentionally destructive cyberattacks. Since US military / intelligence is heavily reliant on private sector, everyone's eyes are turning into dollar signs 1/3

Worth noting that while Trump is definitely not consciously making good decisions, the NatSec officials who think you can "deter" state-sponsored espionage have literal rocks for brains.

This post from the President of Windows basically reads like someone trained an AI on those SF billboards that just say incomprehensible nonsense.

There's this woman doing an absolutely wild social experiment on TikTok. She calls random US churches with the sound of a baby crying in the background, explain the baby hasn't eaten in over 12 hours, and asks for 1 bottle of baby formula. She has a public spreadsheet of how each one responded. 1/3

I find it fascinating that typically whenever problems occur on social media, people can pinpoint the cause. Usually kids being kids, or poor media literacy + untrustworthy information. But when it comes to TikTok specifically, they always gravitate towards 'the platform somehow made them do it' 1/2

Just introduced a new category of reverse engineering labs: Multistage. Multistage labs simulate full malware attack chains based on real-world malware campaigns. These labs are designed to familiarize malware analysts with reversing complex infection chains, rather than just standalone malware.

I like how the options were: A) accept that Mamdani's proposals aren't radical, they're part of normal political discourse in lots of places. B) claim they are radical. But bro decided to come up with his own option: C) defend the status quo by writing weird fanfic cope about how Obama is left wing

I love that the Boston cop slide never got fixed and now people just willingly go down it in tribute. It’s basically a national landmark at this point

This perfectly encapsulates how I feel living in the US. The republican party is an insane death cult, the democratic party is 3 corporations in a trench coat, and the "socialists" are just the completely normal left-wing capitalists you'd find in any of 2 dozen European nations.

bruh

Check out my new interview with The Hacking Games! I discuss how I went from being arrested by the FBI to advising law enforcement on creating intervention programs, helping redirect young hackers before they end up in jail. www.youtube.com/watch?v=Qs2Q...

Chronically online weirdos have basically created the liberal equivalent of those nonsense mainstream media posts about how "millennials are killing the socks industry" that were like crack cocaine for boomers.

Good news, it turns out you actually don't have to settle for whatever diet republican corporate shill the Democratic party tries to force feed you.

Here's the whole paragraph. Genuinely, if you've got a way for this to make sense, let me know.

I was going to do a big wrap up thread after reading the entire report. But...hoo boy. NotPetya and Wannacry were not AI attacks.

Interesting. So apparently MIT Sloan can publish an article claiming "80% of ransomware attacks are AI powered", and Safe Security can do the same. A billion press releases can cite it. But the second actual experts push back, suddenly "it's just a working paper, why would anyone criticize it 😭" 1/3

lmao, Poland is so real for this

Whenever you mark your Uber Eats or Postmates order as not delivered, the "full refund" doesn't include the money you tipped the driver. They also removed the ability to edit the tip amount. So if you were wondering why so many drivers seem to put in zero effort all of a sudden, that's why.

Upgrading to 128 GB of RAM made my PC worse because hitting the memory limit was my only incentive to reboot. Now i just leave the system running until it becomes completely unusable.

My friend and I were going to do an exploit development livestream, and I'm so glad we didn't. We ended up spending 4 hours trying to install Windows. The ISO we used was so old that the root certificates had expired, so the system couldn't even connect to the internet to update itself.

One of the craziest examples of this is there was an extremely small transphobic account on Twitter. They kept repeatedly baiting the same journalist into giving them free coverage, amassed over 4.5 million followers, and became so influential that they got to have dinner with the president.

Some guy got in an argument with me about the impact of AI malware. He cited a MIT paper claiming "80% of ransomware attacks are AI powered". I glanced over it and burst out laughing, but couldn't be bothered to debunk it. My friend on the other hand, could. He roasted it so hard that MIT deleted it

There's a huge market for high-end counterfeit luxury goods targeted at people who want to appear wealthy but aren't. It's not money laundering. This is just how the kind of person who makes 6 figures but commits treason for only $1.3m spends their money.

Same country that thinks it's going to deter China through offensive cyber operations, btw. Maybe the plan is to bamboozle China by having so much insecure infrastructure that they can't decide what to hack.

Watch OpenAI go public and just follow Tesla's business model (convincing retail investors to shovel their money into a fire while announcing "AGI is coming next year" every year forever).

I’m curious: those of you who haven’t looked up the top 1% thresholds, what is your guess as to what income and net worth puts you in the top 1% of the US?

The general manager of a US defense contractor selling sensitive stolen technology to Russia, then his seized assets being almost entire fake watches, is really something 😆 techcrunch.com/2025/10/29/f...

Great spot on the other place from @lukaszolejnik.bsky.social & h/t @shashj.bsky.social "An administration official proposed knocking a hydroelectric dam in Venezuela offline with a cyberattack" “The idea seemed half baked” 😂😂😂 @malwaretech.com @kikta.net @wylienewmark.bsky.social

Further investigation shows that he also does not have an uncle named Sam.

Just in: Zohran Mamdani caught calling someone "bro", but our investigation has unearthed the truth. This person was not, in fact, his biological brother. Why did he lie? Tune in tonight at 10 for this and more breaking news.

Got invited to speak at the conference of one of the richest companies on earth. I asked their budget, and they said it's zero. Their excuse was it's a free conference and they wanted to "give back to the community". Nothing really says giving back to the community like donating other people's time.

I’m convinced the Zohran Mamdani haters think ‘capitalism’ = ‘exchanging money for goods and services’. Half their arguments are essentially “he claims to be a socialist, but look at him here spending money”. Wat.

This would be extremely significant. China implemented a similar law in 2021 requiring security researchers to report zero day vulnerabilities to both the software vendor and the Chinese government. It was followed by an absolutely massive explosion in zero day use by CN state sponsored groups. 1/4

turning a big dial taht says "AI" on it and constantly looking back at the market for approval like a contestant on the price is right.

This is what announcing 30,000 layoffs does to your stock price in 2025. I fear AI mania has completely cooked investor’s brains

My toxic trait is I abuse the hell out of zero APR financing. If I buy an iPhone, it costs me $2k. If I finance and iPhone for 2 years and invest the $2k, it costs me like $1,300. It's just free money. I will literally take out a loan on a toothbrush, idgaf.

I feel like "we've made an app that gives people psychosis and here's how many people we've sent insane" is past late-stage capitalism. It's some new stage of previously unforeseen horrors beyond human imagination.

I'm convinced full fat milk is actually healthier when I take into account how much more 2% milk I have to consume to counter the fact it goes off within 10 seconds of opening

Hypothetically what would happen if a country twice elected a lunatic who changes trade policy on a whim, resulting in trade partners realizing it's illogical to have their supply chains be dependent on a country that keeps electing idiots, but said country's economy is contingent on infinite growth

All of US history is basically just: "what if we make all our laws extremely vague and open to interpretation by any of 2,000 federal judges" "oh no"

Bought some new art

I can attest that Kikta's meme skills are top tier and its a complete travesty that Cyber Command subjected his best memes to NPT.

It did not. The reporter took the date on my original email about the planned malware release and assumed that the graphic was begun at the same time. I sketched out a rough version of that with the PAO in like 15 minutes of brainstorming on a whiteboard. She then sent it to the graphic contractor.

The ChatGPT subreddit is absolutely hilarious. LLMs just output statistically likely responses, and a statistically likely response to being asked to do some work is "I'll have that done by...". So apparently in some cases ChatGPT had just been telling users it'll get back to them later. 1/2

I've had to explain to way too many Americans that LA isn't unwalkable because it's too big, it's too big because it's unwalkable. Half the city is parking lots or roads to get to parking lots. Rest is zoned for single family homes. The only problem that's unique to the US is hyperindividualism.

All you need to critically evaluate claim like this is the knowledge that anyone who calls it "pot" either grew up under Nixon or is a cop.

Absolutely incredible stuff coming out of Bozo The Clown School of Economics. 1. convince everyone you're going to fix the economy by slapping tariffs on everything. 2. Tell Americans that other countries will pay the tariffs, even though tariffs are paid by importers (you). 1/5

Did you know that you can passively download malicious payloads onto target systems? Lots of software caches images locally to save bandwidth, often without stripping metadata first. You can leverage this functionality to download payloads. malwaretech.com/2025/10/exif...

Attackers found a clever way to abuse legitimate, digitally signed software to load malware and it's working. Expel Intel’s Marcus Hutchins (@malwaretech.com) breaks down a campaign that weaponizes Greenshot, a legit screenshot tool, to evade detection at multiple layers. 🧵

There's this Karen who lives on a boat here and doesn't like the sea lions because they're noisy, so she scares them away by blasting an air horn at them (which is 100x louder and way more annoying than sea lions). I'm trying to be a good person, but 3am air horn drone raids would be extremely funny