In August 2025, @_whoisnt and I documented how Stark Industries evaded EU sanctions. This week, Dutch authorities arrested two individuals and seized hundreds of servers linked to WorkTitans BV in an investigation into sanctions evasion. volkskrant.nl/binnenland/how…

🚨 JAILBREAK ALERT 🚨 ANTHROPIC: PWNED 🫡 FABLE-5: LIBERATED 🦋 let's start with the 🐘... the consensus seems to be that this has been one of the most disappointing model drops of all time, effectively preventing legitimate researchers from contributing their talents to our collective advancement. and not just because of what it means for the short-term, but for what these decisions signify for the long-term. but despite this overly sensitive, authoritarian "safety" layer on top of Mythos, my lil liberators have been hard at work—mapping the boundaries, probing the depths of long-context convos, and cleverly finding the holes in the fence that the thought police missed 🤗 we got some cyber, some chem, some psychological manipulation, and some good ol' fashioned explosives! it took many attempts from multiple agents hunting as a pack, during which I observed a combination of techniques across: • Unicode, homoglyphs, Cyrillic, and other Parseltongue-style text transforms • Long-context reference tracking • Taxonomy and document-structure reasoning • Fiction and narrative framing • Academic-review style contexts • Intent-classification inconsistencies but perhaps the most effective is decomposition recomposition in the backend. it's hard to get explicit names of harms like "Meth Recipe," but getting uplift on the process itself, like birch reduction method/reductive-amination (classic meth synthesis pathways), is much more doable. defense becomes much more difficult to maintain when you start throwing in out-of-distro tokens, breaking up the harmful uplift into benign chunks, and then piecing the innocuous-seeming facts back together, especially when you have jailbroken Opus helping you do it 😉 gg

Russia’s Defense-Based Economy Risks Forcing Putin to Fight Wars Recorded Future recordedfuture.com/research/… @RecordedFuture

No official confirmation this is law enforcement related... chatter among the community seems to think the action was taken by nLighten themselves. lowendspirit.com/discussion/…

Our new @threatinsight report is a comprehensive overview of TA4922, a newly designated Chinese-speaking, financially motivated threat actor that largely targets East Asia. It currently conducts more unique campaigns than any other cybercriminal we track. proofpoint.com/us/blog/threa…

📣 JUNE 18 | 10:55 AM MST | At #FIRSTCON26, Matthew Stith from Spamhaus will present: “Tackling Bulletproof Hosting: Cutting off the Facilitators” In this 🟠 TLP:AMBER session Matthew will present two case studies of non-monolithic BPHs, and: ➡️ Show how they evade anti-abuse countermeasures. ➡️ Discuss ways to incentivize cybercrime facilitators to adopt stronger vetting and abuse prevention. ➡️ Explain Spamhaus’s approach to balancing protection, increasing costs for bad actors, and coordination with law enforcement and the infosec community. #CyberSecurity #ThreatIntel #SeeYouThere

Sanctions are only as strong as the infrastructure enforcing them. Pro-Russian hackers used Dutch hosting to route attack traffic and evade EU sanctions. Our colleague Lawrence Stowe is quoted tracking Stark Industries’ infrastructure shifts. bit.ly/42ZNczH

“According to a report from the De Volkskrant publication, the name of this Dutch entity is WorkTitans B.V. and provides hosting services under the brand THE.Hosting. The same outlet alleges that Danish authorities and infrastructure providers linked WorkTitans to attacks by the pro-Russian hacktivist group NoName057(16), which has previously targeted key organizations with distributed denial-of-service (DDoS) attacks.” - thx @billtoulas @BleepinComputer bleepingcomputer.com/news/se…

NEW: The consultant, the pianist, and the Kremlin’s hackers EU sanctions were supposed to shut down Russia’s bulletproof hosting network. Instead, it moved next door New investigation, together with the great @moltke volkskrant.nl/binnenland/how…

The Dutch fiscal investigation service FIOD just released their statement about the arrests. Two suspects, around 800 servers seized (that's a LOT). Auto-translation: www-fiod-nl.translate.goog/f…

EU sanctions were supposed to shut down Russia’s favorite bulletproof hosting service, Stark Industries. Instead, it moved next door. Proud & happy to share this story. Huge thanks to @huibmodderkolk & every source who contributed, on or off the record. Lots more to say soon! volkskrant.nl/binnenland/how…

Crimenetwork returns after takedown, dismantled again by German authorities securityaffairs.com/191969/c… #securityaffairs #hacking

New from @RecordedFuture! @_whoisnt and I break down Threat Activity Enablers (TAEs), the often overlooked backbone of modern cyber operations. 🔗recordedfuture.com/blog/thre…

In their latest for Binding Hook, Joyce Hakmeh & Harriet Moynihan investigate what it actually takes to close the #CyberProxy accountability gap & laid out strategies for holding users of cyber proxies accountable. Read the full article: bindinghook.com/strategic-co…

Great deep dive on Media Land aka Yalishanda infrastructure here! disclosing.observer/2026/04/…