Nightmare Eclipse guy has returned (as is tradition) and has released another Microsoft Windows zero day (as is tradition). > releases zero day > spells rogue wrong in file > "rogeplanet" smh github.com/MSNightmare/Rogue…

> Microsoft GitHub repos banned > "Terms of Service violation" > ??? > Look inside > Was compromised ... was Microsoft going to become a victim of a supply chain attack on their own platform via their own product?

Introducing a new side project called Model Regression. It tests daily Claude, GPT, and Grok on various benchmark statistics to determine how well its performing and to identify model degrades over time. @edskoudis had an idea for model testing before they conducted offensive testing to ensure the model was performing as expected, and @BlasikRandy pushed me down this road with actually going and doing it. The main intent here is the frontier models will experience outages, issues, bugs, intentional/unintentional nerfing of the models without notice. You can't typically trust day to day activities in these models for stability, so leveraging this on your daily routine to see how well the model is performing for that day is something I'll be using everyday. Runs every morning in my DGX sparks environment and automatically updates with how well its performing. Enjoy! modelregression.com/ Also open-sourced the project, can run on your own server as well and look at the benchmarks and how they are calculated: github.com/HackingDave/model…

**NEW** BHIS | Blog (It's 10pm. Do you know where your pipelines are?) How well do you know your Continuous Integration/Continuous Delivery (CI/CD) pipelines? Auditing GitLab: The CI/CD Kill Chain by: @ProOfConcept9 Published: 06/03/2026 Learn more: blackhillsinfosec.com/auditi…

Can you fix Opus 4.8/4.7 to work for offensive security with proper cyber validation approval? I’m a big fan of Claude code but at this point it’s unusable. 4.6 is usable but it’s hard to justify/advocate for the spend of a model 2 versions behind frontier. @bcherny @AnthropicAI

Yeah, so pretty much this guy is releasing an exploit in solidarity with Nightmare Eclipse guy. He said he notified GitHub about the exploit 60 minutes before releasing this paper. I don't do web stuff, and I'm not a VSCode nerd, so I'm confused by the underlying technologies. If you're a stinky GitHub and VSCode nerd maybe you'll understand. tl;dr click github dev, github dev opens editor, in github dev editor have javascript, javascript does shortcuts automatically. github treats javascript shortcuts as real human input, or something. use javascript shortcut stuff to automatically install vscode extension. the vscode extension steals your data tl;dr tl;dr user clicks 1 link, 1 click steals all data from your github blog.ammaraskar.com/github-t…

🚨 A legitimate-looking npm package for OpenAI Codex has been stealing developer auth tokens for over a month. codexui-android, marketed as a remote web UI, has seen 29,000 weekly downloads. Since version 0.1.82 it quietly sends ~/.codex/auth.json — including non-expiring refresh tokens — to an attacker server. Read: thehackernews.com/2026/06/op…

🚨 CVE-2026-0257- Palo Alto Networks PAN-OS - Authentication Bypass 🔍 Nuclei Template: cloud.projectdiscovery.io/li… 📑 Reference: rapid7.com/blog/post/etr-rap… #kev #authbypass #bugbounty

❗️ Over 30 official Red Hat npm packages were compromised. How they got in: - A Red Hat employee's GitHub account was compromised. - Attackers pushed "orphan commits" (detached from branch history) straight in, bypassing code review with no pull request. - Payload "Miasma" (Mini Shai-Hulud variant) steals GitHub/cloud/Vault/SSH/npm secrets. Rotate everything since June 1. - The commits added a workflow (ci.yaml) script (_index.js) that abused npm trusted publishing, requesting a real OIDC token to publish backdoored versions.

AI did not create the maintainer burden problem in open source. It accelerated it. Contributors are being amplified. Maintainers are still the verification bottleneck. New post: frenck.dev/open-source-was-n…

Claude Code has a new wild feature... dynamic workflow. How to try: set /model to opus 4.8 set /effort to "ultracode" 😂 use “workflow” in your prompt Claude will write an orchestration script, spawn subagents swarm, verify results, and report back.

Microsoft has banned Nightmare Eclipse from GitHub: github.com/Nightmare-Eclipse… This is the researcher who disclosed several zero-days after Microsoft also deleted their MSRC account. They have now moved on to GitLab: deadeclipse666.blogspot.com/ (h/t to: @campuscodi@mastodon.social)

🚨 Supply chain attack on the Laravel Lang organization: 700 historical versions across multiple community-maintained Laravel Lang packages were compromised with an RCE backdoor, including: laravel-lang/lang laravel-lang/http-statuses laravel-lang/attributes Laravel-Lang/actions The payload targets cloud creds, CI/CD secrets, Kubernetes tokens, Vault, browser data, password managers, SSH keys, and more.

Wrote a blogpost about how you can use the Windows server 2003 source code as a red teamer to make your tools look less like tools. I also go over and map out the main/important files and practical examples of using it to augment MS-*/RFC specs: abdulmhsblog.com/posts/usein…

Github knew for hours, they delayed telling you and they wont be honest in the future. what an amazing run, its been an honor to play around with the cats over the past few months. #teamPCP #github

GitHub, a company owned by Microsoft, was compromised. A GitHub employee browsing the VS Code marketplace, an asset owned and operated by Microsoft, inadvertently donated a malicious VS Code extension, which Microsoft offers guidance and best practices on to avoid

恐怖！用家Wi-Fi就能知道隔壁墙后的人在干什么！ 开源项目 RuView 在GitHub已经冲到 5万 星，直接炸了！ 完全不用摄像头，也不用戴任何设备，就靠家里普通的WiFi信号，就能穿墙透视： - 隔壁有几个人、在哪个位置、是走路还是躺着，全看得见 - 实时看人体姿态（17个关键点） - 睡觉时自动测呼吸和心率 - 有人跌倒立刻报警，动作识别超准 用WiFi CSI AI，把你家路由器直接变成隐形雷达！ 没有视频、没有录像，隐私安全拉满，天然符合GDPR，完全本地跑，不上云。 ESP32几块钱就能玩，Docker零硬件也能直接试。

And now you don't 🙃

THIS GUY TRACKED OPUS 4.7 SAYING "PRE-EXISTING" 712 TIMES IN 30 DAYS TO AVOID FIXING BUGS his CLAUDE.md literally says "every error is yours to fix, not label, not defer" opus 4.7 ignored that rule 712 times in one month every single bug, every type error, every legacy mess gets the same response: "this issue is pre-existing, unrelated to my work" "that's out of scope" "that's a bigger refactor" "the simplest approach" he ran the analytics on 30 days of conversations: > 712 total mentions of "pre-existing" > 139 unique sessions > 5.1 average per session > 20 mentions in a single session at peak > 82 mentions in one day across 9 sessions > 27 out of 30 days had at least one mention the worst part is the patterns it developed: > finds a bug, labels it "pre-existing," moves on without fixing > puts "2 pre-existing (unrelated)" in its summary as if that's a clean result > says "pre-existing bug for later fix" dozens of times but never comes back to fix it later > blames other agents by saying "pre-existing from other agents' work" his workflow docs say type errors and lint are the bare minimum, and his bug fix protocol says fix at the root cause claude read all of it and still chose to label and defer he cancelled his subscription opus 4.7 would rather write an essay explaining why it shouldn't fix a bug than just fix the bug