went to @StanbicKE Chiromo... My God, how do you make employees & customers endure such... Loud construction noise all over. Place is a health hazard. I spend there less than 10 mins, can't imagine what your staff have to go through operating in such a hostile environment

🚨🇰🇪 A threat actor known as MrDarkRoot is selling a dataset allegedly containing citizen records from the Republic of Kenya, with a separate folder said to exist for each individual. The actor claims complete records for 10 million people are exposed, including full names, dates and places of birth, national ID and passport numbers, parents' names, addresses, phone numbers, emails, banking and tax records, property and vehicle records, medical and vaccination history, criminal and judicial records, educational records, and passport-style photos, alongside extensive business registration data. Claim is unverified. 💥 Stop guessing what's redacted. Paid subscribers see everything: darkwebinformer.com/pricing

‼️🚨 BREAKING: Yet another Instagram exploit exists due to Meta's AI chatbot having no proper guardrails. Sellers are now using it to grab premium one-letter usernames, by tricking the AI with hidden characters, then talking it into applying the change. Monitor bots show OG handles getting swapped.

Yap yap yap yap

📢 Final call to pre-register for UN Open Source Week 2026 📍 22–26 June | UN HQ Join panels, workshops, hackathons & community-led events on AI, DPI & OSPOs. Help shape the program, nominate speakers & connect globally. 🔗 Register: tinyurl.com/5fwhu8ma #UNOpenSourceWeek

some reflections of mine on the CTF i just helped run and AI in CTFs generally sylvie.fyi/posts/ritsec-2026…

Preach kaka... Same thing in cyber. I'll hire some of the best minds.... took me atleast 6 months of focused , intense on the job training for them to level up. At 8 - 9 months they were pretty on solid ground. 12 months in and you'll see them shiiiiine and do some amazing stuff

.... Heat, that you won't get.

In this commentary, Ahmad Salim ,Managing Partner at DISRUPTIVE MEDIA. challenges a growing trend across industries: where confidence is mistaken for competence, and visibility is rewarded more than real skill. Because when opinions carry the same weight as expertise, decision-making suffers and so does the quality of work, trust, and long-term growth. A timely reminder that while everyone can contribute to the conversation, not every voice should lead it. kenyanwallstreet.com/when-op…

New Executive Offense: "RSA 2026: Hot Takes on AI, Agents, and Offensive Security Reality Checks" (This one is more a an opinion piece but hope you enjoy it 🫶 ) executiveoffense.beehiiv.com…

North Korean intelligence agents built an entire fake company to compromise one JavaScript developer. And it worked. UNC1069 didn't hack Axios. They befriended its maintainer. They cloned a real company founder's identity, built a branded Slack workspace with fake employee profiles and LinkedIn post channels, then scheduled a Microsoft Teams call with what appeared to be a full team. During the call, a fake error message said his system needed an update. He installed it. That update was the RAT. From one developer's laptop, they had everything: npm credentials, publishing access, the keys to a package installed in 80% of cloud environments. Axios gets 100 million downloads per week. The attackers published two poisoned versions at 12:21 AM UTC on a Sunday night, tagging both the latest and legacy branches within 39 minutes. The malicious dependency had been pre-staged 18 hours earlier with a clean decoy version to build registry history. Three separate RAT payloads were pre-built for macOS, Windows, and Linux. The malware self-deleted after execution to erase forensic evidence. The poisoned versions were live for about three hours before npm pulled them. Huntress observed 135 endpoints across all operating systems calling the attacker's command-and-control server during that window. Wiz found the malicious versions in roughly 3% of environments scanned. Every affected machine needs full credential rotation: npm tokens, AWS keys, SSH keys, CI/CD secrets, everything in .env files. The part that keeps getting worse: this isn't isolated. The same threat cluster compromised Trivy (a security scanner), KICS, LiteLLM, and multiple GitHub Actions in the two weeks before Axios. Google estimates hundreds of thousands of stolen secrets are now circulating from these combined attacks. The maintainer had 2FA enabled. He said himself: "I have 2FA/MFA on practically everything." The exact method of token compromise is still undetermined. One person. One fake Teams call. 100 million weekly downloads weaponized in under three hours. The npm ecosystem runs on mass trust in individual maintainers who volunteer their time, and North Korean intelligence now has a repeatable playbook for turning that trust into a delivery mechanism.

Let’s meet tomorrow at the University of Nairobi for a Stargazing Night as we revisit and track both the Apollo missions and Artemis II on their journey to the Moon. Never looked through a telescope before? No worries, it’s completely FREE entry. 🌙🔭 linkedin.com/safety/go/?url=…

The FLARE team now freely distributes its quality reverse engineering and malware analysis educational content at github.com/mandiant/flare-le…. Launched with: - Malware Analysis Crash Course - Go Reversing Reference - Intro to TTD

There were a lot of nuggets of wisdom dropped by @Jhaddix in the latest episode of The Boring AppSec podcast (links are below), but one thing that continues to impress me about Jason is how he embodies being a great mentor and trainer. Every conversation I've had with him, I've learnt a thing or two. And, I am sure others can vouch for this. He is an excellent resource for anyone trying to get in the cybersecurity industry and if I were struggling to find a job or just getting started, I'd pay close attention to what Jason has to say regarding up-skilling using AI to stay relevant. In one of the clips below, Jason shares how he uses Claude Code and the Ralph loop to do deep research on topics that even he isn't necessarily up-to-date with. But, he understands what he needs to learn and knows a thing or two about getting the AI coding agents to work autonomously to get the context right where he is, instead of him spending hours on the web trying to do the same thing himself. I've been researching a ton of topics in a similar way myself and the 10x productivity gains are real. If you're interested in learning more about how Jason uses AI or how he has his OpenClaw deployed with prompt injection guardrails, listen in! cc: @JubbaOnJeans Substack - boringappsec.com/p/ep-37-the… YouTube - youtube.com/watch?v=U-bc74B7… Spotify - open.spotify.com/episode/1tk… Apple - podcasts.apple.com/us/podcas…

I wrote about how LLMs broke CTF competitions over on Mastodon. vt.social/deck/@lina/1161989…

For My dad 🕊️ Fellow riders, I invite you to join us this Friday for a final escort ride as we take my father to his resting place in Gatanga. Your presence on two wheels will mean a lot my family. 🙏🏾🏍️

A different aspect about the CTF AI issue: To me CTFs always showed peak technical skill. Challenges were harder than the average real world pentest engagement and it served as a “reality check”. But if AI can one-shot hard challenges. What does that mean for most pentest jobs?