Just wrapped up my talk on AI assisted phishing at @BSidesSATX and will make my slides available when the talk gets uploaded to the interwebs. Shout out to @FullMetalHackIT for helping me with the dry runs of the call which made all this possible. #cyber #phishing #hackers

The wait is over. 🍕🐢 The first-ever official TMNT Pizzeria is opening in Los Angeles on June 20th, 2026 at 11AM — and the Turtles will be there in person to celebrate with us! 📍 TMNT Pizzeria Los Angeles 1444 3rd Street, Santa Monica, CA

rate my take off

NSA is releasing security design considerations for AI-driven automation leveraging MCP which, while simplifying the integration of diverse capabilities into powerful agent workflows, requires caution. Learn more: nsa.gov/Portals/75/documents…

28 years ago today, 7 members of the hacking group @L0phtHeavyInd told the U.S. Senate they could "shut down the internet in 30 minutes."

At this rate, with how well AI codes, it makes zero sense to use public libraries/packages when you can just have AI build your own versions.

‼️🚨 This is wild. OpenAI just confirmed it got hit in the TanStack npm supply chain attack, and the attackers were close to being able to ship malicious code inside official OpenAI software, signed and trusted, if their incident response had not caught it in time. The campaign is the work of TeamPCP, the same crew running the Mini Shai-Hulud wave. Two employee devices in OpenAI's corporate environment were compromised through the malicious TanStack packages. The attackers used that foothold to reach a limited subset of internal source code repositories. OpenAI says only "limited credential material" was successfully exfiltrated, with no customer data, production systems, intellectual property or deployed software impacted. Here is the part that should grab your attention. OpenAI is rotating its code-signing certificates and forcing every macOS user to update their OpenAI apps. You do not rotate signing certs for "limited credential material." You rotate signing certs when the attacker was close enough to signing malicious binaries as OpenAI. The "we contained it in time" framing is doing serious heavy lifting here. For wider context, the same TeamPCP wave also hit Mistral AI, UiPath, Guardrails AI, OpenSearch and SAP npm packages. The TanStack compromise is tracked as CVE-2026-45321 at CVSS 9.6, and Mistral AI source code is already being advertised for sale by the group.

Got my first speaking engagement, BSides SATX.

Usage limits are up, effective today we're: 1) Doubling Claude Code's 5-hour limits for Pro, Max, Team and seat-based Enterprise plans 2) Removing peak hours limit reduction on Claude Code for Pro and Max plans 3) Substantially raising our API rate limits for Opus models

Homeboy just lost his man card hitting the throttle while trying to turn his bike around rofl

"Eat at a local restaurant tonight. Get the cream sauce. Have a cold pint at 4 o’clock in a mostly empty bar. Go somewhere you’ve never been. Listen to someone you think may have nothing in common with you. Order the steak rare. Eat an oyster. Have a negroni. Have two. Be open to a world where you may not understand or agree with the person next to you, but have a drink with them anyways. Eat slowly. Tip your server. Check in on your friends. Check in on yourself. Enjoy the ride." Anthony Bourdain

United States 🇺🇸 - LexisNexis has allegedly been breached, exposing 400,000 user profiles, federal judge and DOJ accounts, plaintext AWS secrets, customer passwords, and internal IT infrastructure maps. dailydarkweb.net/lexisnexis-…

Random internet autists, schizos, and ADHDers will monitor the situation so hard that their analysis is either on par with or eclipses that of the government.

600 > 900 got me. Pretty cool to learn I can read that fast though.

🤣🤣🤣🤣🤣🤣🤣🤣🤣

I'm Mike Vining, SGM USA (Retired). Welcome to my official X account. In the next several months, I'll share EOD and Delta Force memories. And I'll offer info on moral injury and PTSD. I'm calling this account "Blasting Through," because that's the title of my book, a memoir, due for release in August 2026.

🚨🦑 Kraken cryptocurrency exchange panel access being sold on a dark web forum - read-only account with user profiles and transaction history. Access details: ▪️ View only - user profiles and transaction history ▪️ Generate support tickets to phish or extract more data ▪️ No IP restrictions (proxied through their system) ▪️ Pulling full KYC docs (ID, selfie, proof of address, source of funds) ▪️ Access good for at least 1-2 months before rotation ▪️ TOTP expires in FEB Price: Negotiable, from $1

so i had to remove my car stereo so it wouldn't get stolen, which was the style at the time