Zach Edwards
@thezedwards.bsky.social
data supply auditor | privacy & ad tech expert | internet threats
Personal @ victorymedium.com
Sr Threat Analyst @ SilentPush.com
Personal @ victorymedium.com
Sr Threat Analyst @ SilentPush.com
My Youtube account was unsuspended but the video in question is still private. Based on their vague feedback it seems possible that YouTube now has a tool to scrape videos for URLs (like from my screen sharing research session) and then flag videos which in any way reference a known malicious URL.
YouTube suspended my ~15+ year old account and all my videos due to a video I recorded about scammers targeting US government and military offices, which was embedded into articles like @ www.vice.com/en/article/w... from @josephcox.bsky.social
I was likely targeted by a mass reporting campaign.🤡
I was likely targeted by a mass reporting campaign.🤡
December 17, 2025 at 6:03 PM
My Youtube account was unsuspended but the video in question is still private. Based on their vague feedback it seems possible that YouTube now has a tool to scrape videos for URLs (like from my screen sharing research session) and then flag videos which in any way reference a known malicious URL.
Today our team at @silentpush.bsky.social released research we’ve been working on all year – a magnum opus 39-page report on the state of Bulletproof Hosting Providers.
Brief thread with some details
Read the report @ www.silentpush.com/white-papers...
Brief thread with some details
Read the report @ www.silentpush.com/white-papers...
December 15, 2025 at 7:31 PM
Today our team at @silentpush.bsky.social released research we’ve been working on all year – a magnum opus 39-page report on the state of Bulletproof Hosting Providers.
Brief thread with some details
Read the report @ www.silentpush.com/white-papers...
Brief thread with some details
Read the report @ www.silentpush.com/white-papers...
Reposted by Zach Edwards
We found the bug in how Vetco generates PDF documents for its customers. Its PDF page was public and was indexed by Google, which is how we found it. Worse, an IDOR bug in the URL meant it was possible for anyone to obtain customer data by changing the customer's unique ID by a single digit. 🤦
Exclusive: Petco takes down Vetco website after exposing customers' personal information
TechCrunch found Petco's veterinary clinics were spilling customers' personal information and medical histories of their pets.
techcrunch.com
December 10, 2025 at 1:49 PM
We found the bug in how Vetco generates PDF documents for its customers. Its PDF page was public and was indexed by Google, which is how we found it. Worse, an IDOR bug in the URL meant it was possible for anyone to obtain customer data by changing the customer's unique ID by a single digit. 🤦
Found a "great deal" in about 30 seconds of hunting -- 1k abuse reports on YouTube for $100 - a mere 10 cents per report! This is the type of bot farm product that shit birds use when they want to harass researchers and other folks.
December 13, 2025 at 6:17 PM
Found a "great deal" in about 30 seconds of hunting -- 1k abuse reports on YouTube for $100 - a mere 10 cents per report! This is the type of bot farm product that shit birds use when they want to harass researchers and other folks.
YouTube suspended my ~15+ year old account and all my videos due to a video I recorded about scammers targeting US government and military offices, which was embedded into articles like @ www.vice.com/en/article/w... from @josephcox.bsky.social
I was likely targeted by a mass reporting campaign.🤡
I was likely targeted by a mass reporting campaign.🤡
December 12, 2025 at 4:18 PM
YouTube suspended my ~15+ year old account and all my videos due to a video I recorded about scammers targeting US government and military offices, which was embedded into articles like @ www.vice.com/en/article/w... from @josephcox.bsky.social
I was likely targeted by a mass reporting campaign.🤡
I was likely targeted by a mass reporting campaign.🤡
The new *free* FireFox VPN which has been tested for months (windowsreport.com/firefox-is-t...) is likely on the horizon for a wider release based on recent comments that a VP / head of Product at Firefox made on Linkedin.
Google couldn't even get a free VPN + abandoned their $$ "Google One VPN"
Google couldn't even get a free VPN + abandoned their $$ "Google One VPN"
Firefox Is Testing a Free, Built-In “Browser-Only” VPN
Mozilla is testing a free, built-in VPN in Firefox to improve online privacy. The browser-only VPN hides your IP and encrypts traffic while you browse.
windowsreport.com
December 4, 2025 at 4:56 PM
The new *free* FireFox VPN which has been tested for months (windowsreport.com/firefox-is-t...) is likely on the horizon for a wider release based on recent comments that a VP / head of Product at Firefox made on Linkedin.
Google couldn't even get a free VPN + abandoned their $$ "Google One VPN"
Google couldn't even get a free VPN + abandoned their $$ "Google One VPN"
SS7 is gonna remain a dumpster fire security threat and China will continue to exploit it if we can’t even have simple cybersecurity requirements for the telecom industry.
Breaking: The FCC has voted 2-1 along party lines to eliminate cybersecurity requirements for telecom companies that the commission adopted at the end of the Biden administration.
Telecoms had lobbied for the change. Democrats said it would invite another Salt Typhoon.
Story coming shortly.
Telecoms had lobbied for the change. Democrats said it would invite another Salt Typhoon.
Story coming shortly.
November 20, 2025 at 4:42 PM
SS7 is gonna remain a dumpster fire security threat and China will continue to exploit it if we can’t even have simple cybersecurity requirements for the telecom industry.
a 5+ year old bug ticket was finally closed by Google - this was actually the last significant investigation into Chrome extensions that I did because the feedback loop was so challenging
definitely still a place with research opportunities and threat actors regularly doing weird stuff! 🖖
definitely still a place with research opportunities and threat actors regularly doing weird stuff! 🖖
November 19, 2025 at 3:47 PM
a 5+ year old bug ticket was finally closed by Google - this was actually the last significant investigation into Chrome extensions that I did because the feedback loop was so challenging
definitely still a place with research opportunities and threat actors regularly doing weird stuff! 🖖
definitely still a place with research opportunities and threat actors regularly doing weird stuff! 🖖
Everything about this piece from Reuters about the scam ads on Facebook is wild -- internal Meta estimates noted they were showing these scams 15 billion times per day, scammers are not banned just forced to pay more for ads, teams internally restricted, must read: www.reuters.com/investigatio...
Meta is earning a fortune on a deluge of fraudulent ads, documents show
Meta projected 10% of its 2024 revenue would come from ads for scams and banned goods, and it internally estimates that its platforms show users 15 billion scam ads a day, company documents show.
www.reuters.com
November 6, 2025 at 8:41 PM
Everything about this piece from Reuters about the scam ads on Facebook is wild -- internal Meta estimates noted they were showing these scams 15 billion times per day, scammers are not banned just forced to pay more for ads, teams internally restricted, must read: www.reuters.com/investigatio...
fun to see my mom in this crowd shot from the No Kings rally in Houston featured by the Houston Chronicle @ www.houstonchronicle.com/projects/202...
October 19, 2025 at 4:40 AM
fun to see my mom in this crowd shot from the No Kings rally in Houston featured by the Houston Chronicle @ www.houstonchronicle.com/projects/202...
Has anyone ever successfully received data from a personal Yandex data access request? Essentially receiving what data they collect on you as required under a bunch of privacy laws?
September 19, 2025 at 3:59 AM
Has anyone ever successfully received data from a personal Yandex data access request? Essentially receiving what data they collect on you as required under a bunch of privacy laws?
I’ve got this 100+ year old copy of an old play about Abraham Lincoln’s life which was owned by someone named Alden Nash who had an interesting personal emblem that he screen printed & glued onto the cover page.
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
September 9, 2025 at 2:46 AM
I’ve got this 100+ year old copy of an old play about Abraham Lincoln’s life which was owned by someone named Alden Nash who had an interesting personal emblem that he screen printed & glued onto the cover page.
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
The play was shown at the Birmingham Repertory Theatre then the Hammersmith Playhouse.📚
Our team @silentpush just dropped a definitive look at SocGholish (operated by TA569) and the initial access broker ecosystem they are facilitating. Big thanks to past researchers who have worked on SocGholish! We've got details about our visibility @ www.silentpush.com/blog/socghol... 🖖🏻
August 6, 2025 at 7:49 PM
Our team @silentpush just dropped a definitive look at SocGholish (operated by TA569) and the initial access broker ecosystem they are facilitating. Big thanks to past researchers who have worked on SocGholish! We've got details about our visibility @ www.silentpush.com/blog/socghol... 🖖🏻
If I’ve been quiet you know I’m cooking up some fire research!
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
July 3, 2025 at 4:56 PM
If I’ve been quiet you know I’m cooking up some fire research!
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
Our team at @silentpush.bsky.social is out today with a big report about the admin / owner of the FUNNULL CDN – essentially a dox of all his accounts and activities on the internet for the last 15+ years.
"Funnull had direct exposure to Huione Pay, for which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a finding and notice of proposed rulemaking (NPRM) identifying it as a primary money laundering concern" 👀
🚨Today, OFAC sanctioned Philippines-based tech firm, Funnull Technology Inc., and its administrator Liu Lizhi for their roles in facilitating crypto investment scams, commonly known as pig butchering. Read our blog to learn more: www.chainalysis.com/blog/ofac-sa...
May 29, 2025 at 7:02 PM
"Funnull had direct exposure to Huione Pay, for which the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) recently issued a finding and notice of proposed rulemaking (NPRM) identifying it as a primary money laundering concern" 👀
Reposted by Zach Edwards
More on Funnull in this Silent Push report from January: www.silentpush.com/blog/infrast...
These are also Funnull IPs and domains: bsky.app/profile/camp...
These are also Funnull IPs and domains: bsky.app/profile/camp...
The FBI has released pages of IOCs related to cyber scam infrastructure that has been active between October 2023 and April 2025
PDF: www.ic3.gov/CSA/2025/250...
PDF: www.ic3.gov/CSA/2025/250...
May 29, 2025 at 5:37 PM
More on Funnull in this Silent Push report from January: www.silentpush.com/blog/infrast...
These are also Funnull IPs and domains: bsky.app/profile/camp...
These are also Funnull IPs and domains: bsky.app/profile/camp...
Reposted by Zach Edwards
NEW: The U.S. government has announced sanctions against FUNNULL and its administrator.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
US government sanctions tech company involved in cyber scams | TechCrunch
The Treasury said FUNNULL was involved in providing infrastructure for pig butchering crypto scams.
techcrunch.com
May 29, 2025 at 4:59 PM
NEW: The U.S. government has announced sanctions against FUNNULL and its administrator.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
FUNNULL is accused of providing infrastructure for pig butchering crypto scams, as well as being the company behind the Polyfill supply chain attack, which pushed malware to victims who visited certain websites.
The last 6 months I've traveled around the world giving presentations on FUNNULL about the scams and money laundering they are facilitating -- and today -- the U.S. Treasury has sanctioned FUNNULL and we got a bunch more facts about the operation now public.
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
May 29, 2025 at 3:41 PM
The last 6 months I've traveled around the world giving presentations on FUNNULL about the scams and money laundering they are facilitating -- and today -- the U.S. Treasury has sanctioned FUNNULL and we got a bunch more facts about the operation now public.
home.treasury.gov/news/press-r...
home.treasury.gov/news/press-r...
The location data they will be selling will primarily be powered by Google and Apple’s Mobile Advertising ID schemes - combining that with new data lakes trying to connect scraped social media content to IPs and MAIDs is truly connecting the dots on dystopia.
The Trump administration is building a central online marketplace for the Intelligence Community to buy private information about individuals from unregulated data brokers — coming soon to www.icdata.gov
theintercept.com/2025/05/22/i...
theintercept.com/2025/05/22/i...
U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
The government wants to build a centralized platform where spy agencies can more easily buy private info about millions of people.
theintercept.com
May 22, 2025 at 7:54 PM
The location data they will be selling will primarily be powered by Google and Apple’s Mobile Advertising ID schemes - combining that with new data lakes trying to connect scraped social media content to IPs and MAIDs is truly connecting the dots on dystopia.
Adage is out with a new piece today about a data broker product targeting people in Saudi Arabia which doesn't make *any* sense to me.
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
How Coke used an AI agent to target ads to 828,000 fast-food fans
The campaign tracked users across social media, raising potential privacy concerns.
adage.com
May 21, 2025 at 4:24 PM
Adage is out with a new piece today about a data broker product targeting people in Saudi Arabia which doesn't make *any* sense to me.
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
I provided pushback but my comments wern't include -- the piece is "How Coke used an AI agent to target ads to 828,000 fast-food fans" adage.com/technology/a... 🧵
21 year-old money launderer for a $265 million crypto theft ring was helping members exchange crypto for cash and mailing $25k in cash through the mail put inside "Squishmallow" stuffed animals www.cnbc.com/amp/2025/05/... 🫧🐰
May 17, 2025 at 5:29 AM
21 year-old money launderer for a $265 million crypto theft ring was helping members exchange crypto for cash and mailing $25k in cash through the mail put inside "Squishmallow" stuffed animals www.cnbc.com/amp/2025/05/... 🫧🐰
Wow what a mess
CrowdStrike discovered that state officials in Rhode Island had been unaware for more than five months that its VPN system, managed by Deloitte, had been hacked. Deloitte didn't know until the hackers asked for a ransom.
Now, it looks like RI will sue Deloitte.
www.bostonglobe.com/2025/05/15/m...
Now, it looks like RI will sue Deloitte.
www.bostonglobe.com/2025/05/15/m...
Cyberattacker accessed R.I.’s benefits system five months before state officials discovered the hack - The Boston Globe
State officials are in the process of notifying thousands of new victims of the data breach, and say they plan to hold Deloitte accountable.
www.bostonglobe.com
May 16, 2025 at 12:59 PM
Wow what a mess
Reposted by Zach Edwards
It's 2015. President Barack Obama has accepted a "sky palace" jumbo jet from the Qatari government, which he'll own after he leaves office. "Everybody relax," he says in an interview with the New York Times. Everyone does. The networks then televise the military parade in his honor on his birthday.
May 11, 2025 at 6:43 PM
It's 2015. President Barack Obama has accepted a "sky palace" jumbo jet from the Qatari government, which he'll own after he leaves office. "Everybody relax," he says in an interview with the New York Times. Everyone does. The networks then televise the military parade in his honor on his birthday.
mouse jail is a weird way to encourage accidental clicks victorymedium.com/mouse-jail/
mouse jail - Victory Medium
It’s a TRAP!It’s a TRAP!
victorymedium.com
May 2, 2025 at 1:49 AM
mouse jail is a weird way to encourage accidental clicks victorymedium.com/mouse-jail/
Reposted by Zach Edwards
Real-time bidding has been called the biggest data breach in history. Companies like Gravy Analytics are mining tons of personal data from RTB and selling to just about anyone. Zach Edwards @thezedwards.bsky.social explains just how bad it is.
podcast.firewallsdontstopdragons.com/2025/04/28/r...
podcast.firewallsdontstopdragons.com/2025/04/28/r...
Riding the Data Gravy Train - Firewalls Don't Stop Dragons Podcast
Data brokers are out of control. While we think of them gathering data in order to target us with ads, they can actually use...
podcast.firewallsdontstopdragons.com
April 28, 2025 at 2:44 PM
Real-time bidding has been called the biggest data breach in history. Companies like Gravy Analytics are mining tons of personal data from RTB and selling to just about anyone. Zach Edwards @thezedwards.bsky.social explains just how bad it is.
podcast.firewallsdontstopdragons.com/2025/04/28/r...
podcast.firewallsdontstopdragons.com/2025/04/28/r...