Rey Bango
@reybango.bsky.social
Advocate for AI & Security | I hack into things sometimes. Opinions are mine. Fortis fortuna adiuvat. It's a good time to cause a little chaos.
I feel like @benjedwards.com has written one of the best explanations of how AI coding agents work. The article breaks it down into easy to understand terms that developers new to agents can really grok.
arstechnica.com/information-...
arstechnica.com/information-...
How AI coding agents work—and what to remember if you use them
From compression tricks to multi-agent teamwork, here's what makes them tick.
arstechnica.com
December 29, 2025 at 9:43 PM
I feel like @benjedwards.com has written one of the best explanations of how AI coding agents work. The article breaks it down into easy to understand terms that developers new to agents can really grok.
arstechnica.com/information-...
arstechnica.com/information-...
ALWAYS validate proof-of-concept exploit code before you use it.
"The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities."
www.bleepingcomputer.com/news/securit...
"The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities."
www.bleepingcomputer.com/news/securit...
WebRAT malware spread via fake vulnerability exploits on GitHub
The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities.
www.bleepingcomputer.com
December 24, 2025 at 8:10 PM
ALWAYS validate proof-of-concept exploit code before you use it.
"The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities."
www.bleepingcomputer.com/news/securit...
"The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for recently disclosed vulnerabilities."
www.bleepingcomputer.com/news/securit...
What do I do on the weekend? I install Game of Active Directory Ninja Hacker Academy on AWS of course! 😂
I'm running through the install so I can learn more about the range deployment on cloud services. Always be learning something new. @orangecyberdefense.bsky.social
github.com/Orange-Cyber...
I'm running through the install so I can learn more about the range deployment on cloud services. Always be learning something new. @orangecyberdefense.bsky.social
github.com/Orange-Cyber...
December 7, 2025 at 4:41 AM
What do I do on the weekend? I install Game of Active Directory Ninja Hacker Academy on AWS of course! 😂
I'm running through the install so I can learn more about the range deployment on cloud services. Always be learning something new. @orangecyberdefense.bsky.social
github.com/Orange-Cyber...
I'm running through the install so I can learn more about the range deployment on cloud services. Always be learning something new. @orangecyberdefense.bsky.social
github.com/Orange-Cyber...
Black Friday and Cyber Monday deals are out! I review some of them and link to a community GitHub page for you all to get discounts on courses, tools and services!
Deals from
@rastamouse.me, OffSec, EvilGinx, @antisyphontraining.bsky.social
and a whole lot more.
youtu.be/hkJfhM1T5bI
Deals from
@rastamouse.me, OffSec, EvilGinx, @antisyphontraining.bsky.social
and a whole lot more.
youtu.be/hkJfhM1T5bI
Get the latest Black Friday and Cyber Monday Cybersecurity Deals for 2025!
YouTube video by Rey Bango
youtu.be
November 30, 2025 at 4:11 PM
Black Friday and Cyber Monday deals are out! I review some of them and link to a community GitHub page for you all to get discounts on courses, tools and services!
Deals from
@rastamouse.me, OffSec, EvilGinx, @antisyphontraining.bsky.social
and a whole lot more.
youtu.be/hkJfhM1T5bI
Deals from
@rastamouse.me, OffSec, EvilGinx, @antisyphontraining.bsky.social
and a whole lot more.
youtu.be/hkJfhM1T5bI
Seeking video camera advice for content creation.
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
a man is standing in front of a microphone with the words `` help me '' written on it .
ALT: a man is standing in front of a microphone with the words `` help me '' written on it .
media.tenor.com
October 5, 2025 at 8:31 PM
Seeking video camera advice for content creation.
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
After getting a scam email saying someone tried to access my Twitter account, I decided to look into it a little. The first of many new videos to come as I work to share more information with the community.
youtu.be/IFy_96Dg__E?...
youtu.be/IFy_96Dg__E?...
Did I Just Fall for a Phishing Attempt?
YouTube video by Rey Bango
youtu.be
September 26, 2025 at 5:09 PM
After getting a scam email saying someone tried to access my Twitter account, I decided to look into it a little. The first of many new videos to come as I work to share more information with the community.
youtu.be/IFy_96Dg__E?...
youtu.be/IFy_96Dg__E?...
Reposted by Rey Bango
RubyGems & PyPI under attack:
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.
thehackernews.com
August 8, 2025 at 9:30 PM
RubyGems & PyPI under attack:
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
Reposted by Rey Bango
August 7, 2025 at 11:09 PM
Picked up this very cool @crowdstrike.com t-shirt for my son and the action figure that goes with it. He’s going to love it.
August 6, 2025 at 10:40 PM
Picked up this very cool @crowdstrike.com t-shirt for my son and the action figure that goes with it. He’s going to love it.
@crowdstrike.com says they’re seeing threat actors are targeting GenAI workloads to try poison the models. The inherent trust being built as we continue to use AI systems will lead to threat actors becoming an insider threat.
August 6, 2025 at 6:43 PM
@crowdstrike.com says they’re seeing threat actors are targeting GenAI workloads to try poison the models. The inherent trust being built as we continue to use AI systems will lead to threat actors becoming an insider threat.
Walking back to my room I passed the Google Cloud Security party at Blackhat and it looked jumping. Almost considered social engineering my way in. 😈😈
August 6, 2025 at 2:16 AM
Walking back to my room I passed the Google Cloud Security party at Blackhat and it looked jumping. Almost considered social engineering my way in. 😈😈
Great analysis by @SentinelOne on a threat actor working out of Vietnam to target users in 62 countries.
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem
PXA Stealer uses advanced evasion and Telegram C2 to steal global victim data, fueling a thriving cybercrime market.
www.sentinelone.com
August 5, 2025 at 4:46 PM
Great analysis by @SentinelOne on a threat actor working out of Vietnam to target users in 62 countries.
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
😂😂kerberoasting 4eva amirite @timmedin.bsky.social
August 5, 2025 at 4:02 PM
😂😂kerberoasting 4eva amirite @timmedin.bsky.social
Reposted by Rey Bango
Unfortunately @broadcom.bsky.social still hasn't fixed the VMWare Workstation update server link so be sure to upgrade to 17.6.4 to fix a security issue found at Berlin Pwn2own
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025.
www.bleepingcomputer.com
July 18, 2025 at 4:34 PM
Unfortunately @broadcom.bsky.social still hasn't fixed the VMWare Workstation update server link so be sure to upgrade to 17.6.4 to fix a security issue found at Berlin Pwn2own
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Reposted by Rey Bango
"Wo unto you rich men, that will not give your substance to the poor, for your riches will canker your souls; and this shall be your lamentation in the day of visitation, and of judgment, and of indignation: The harvest is past, the summer is ended, and my soul is not saved!"
June 2, 2025 at 1:19 AM
"Wo unto you rich men, that will not give your substance to the poor, for your riches will canker your souls; and this shall be your lamentation in the day of visitation, and of judgment, and of indignation: The harvest is past, the summer is ended, and my soul is not saved!"
“This isn’t 'The Hunger Games’ for immigrants,” Worsoff told the newspaper
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
A Reality Show Where Immigrants Compete for U.S. Citizenship? D.H.S. Is Considering It.
www.nytimes.com
May 17, 2025 at 10:57 PM
“This isn’t 'The Hunger Games’ for immigrants,” Worsoff told the newspaper
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
When you play an internal CTF against 10 other teams and win! Booyah! 😈
a pixelated image of a little girl in a red coat
ALT: a pixelated image of a little girl in a red coat
media.tenor.com
May 7, 2025 at 10:46 PM
When you play an internal CTF against 10 other teams and win! Booyah! 😈
"Malicious VSCode extensions infect Windows with cryptominers"
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
Malicious VSCode extensions infect Windows with cryptominers
Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com
April 10, 2025 at 9:04 PM
"Malicious VSCode extensions infect Windows with cryptominers"
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...