Berlin

“James Comey’s rights and liberties are not the only ones at risk today. So is your own right to participate in free and fair elections in order to render a verdict on Trump’s invasion of those rights and liberties.” From @davidfrum.bsky.social apple.news/AX8_ub4UHR0G...

🚨 #Shai-Hulud: Major npm supply chain attack.

100+ packages weaponized with stolen GitHub tokens, stealing secrets, hijacking repos, and auto-propagating like a worm.

Guidance + detections inside

www.wiz.io/blog/shai-hu...

New from 404 Media: airlines are selling *5 billion* ticketing records to the government for warrantless searching, per new docs we obtained. ARC is a data broker owned by United, American, Delta, etc. Then sells peoples' travel info to ICE, Secret Service, FBI etc www.404media.co/airlines-sel...

A private individual with power to get public servants fired, put them at physical risk, get them investigated, threaten their post government careers, go after their families and defame them with fantasies is an enormous threat to our national security and public well being. This can't stand.

A fun investigation from the team here at @wizsecurity.bsky.social www.wiz.io/blog/wiz-dis...

Showing how leaked/stolen AWS keys can be used to enable other financially motivated schemes. (s/o to our friends at Proofpoint who helped us get some context on the phishing emails)

Now up to 22 different Cinnamon Toast Crunch related products. The quest continues.

Cinnamon Toast Crunch with Strawberry. Doesn't seem like it would add much, but who knows.

I can't speculate on Trump's health in this new press conference but he just ribbed Alabama Senator Tommy Tuberville over Bama losing badly on Saturday. Tuberville coached Auburn, Bama's big in-state conference rival.

TL;DR I am launching my #startup and we are going to change how to evaluate,cluster and reason about #malware, delivering accurate,contextual intelligence on samples. Say Hi to RationalEdge
@rationaledge.bsky.social
rationaledge.io

#threatintel #threathunting #cti #reverseengineering #detection 1/9

The summer of 2025.

What we were promised

Vs

What we got

On the left: Nate Cavanagh, a 28-year-old DOGE staffer and college dropout.

On the right: Mohammad Halimi, a 53-year-old exiled Afghan scholar.

This is the story of how DOGE targeted Halimi on social media.

Then the Taliban took his family. 🧵

1/ We've just released a new report uncovering new infrastructure tied to multiple activity clusters linked to the Israeli spyware vendor #Candiru across several countries. Full report: www.recordedfuture.com/research/tra...

This one seems fairly straightforward:
Cinnamon Toast Crunch Hershey's Kisses.

⚡Meet our Lightning Talk speakers at #BindingHookLive: @euben.bsky.social, @melissakgriffith.bsky.social, @benread.bsky.social, @disclosing.observer, Lena Riecke and Selena Larson! Request your invite: bindinghooklive.com

🍎 machofile 🍏 first official release is finally live: github.com/pstirparo/ma...

It is a python module to parse #Mach-O binary files, with a focus on malware analysis and reverse engineering.
machofile is self-contained.

#macho #ios #reverseengineering #detection #threathunting #threatintel 1/3

This thread has somehow hit 20 different Cinnamon Toast Crunch-related products.

Now with Caffeine: Cinnamon Toast Crunch Iced Coffee. Featuring an amazing 30g of sugar. It was sandwiched between Twix and Snickers iced coffees.

@volexity.com is looking to grow our Threat Intelligence team. New job posting for Senior Analyst role is up here:

www.volexity.com/company/care...

If you have any questions, don't hesitate to ask.

The final interesting thing is that in the most recent incident, the releases were done by local police in Guangzhou.

The MSS was likely involved in the investigation, but having local officials lead the public communication suggests a pretty open mandate for public attribution to Taiwan.

This group (Green Spot, APT-C-01) has been linked to Taiwan since at least 2015 in industry reporting, so it's not a new claim, but the MSS seems content to coast on private sector credibility, as they offer no direct evidence of their own to support their attribution.

The MSS seems to be escalating this campaign. They're increasing the number (3, 4, then 20) of individuals and releasing more types of information. (just names in the first, then, dates of birth and ID numbers in later releases).

First, a shout out to @shakirov2036.bsky.social who had a great thread on this a few months ago

New from me: China has been ramping up its public attribution against Taiwan, likely in an attempt to shift the conversation on cyber intrusions and pressure the island and they're using their private sector cybersecurity companies to do it. Read the piece, but a few highlights, take aways in this 🧵