banner
LightNews
malwaretech.com
Marcus Hutchins
@malwaretech.com
35K followers 240 following 2.4K posts
Cybersecurity Specialist, Public Speaker, Ex-Hacker. https://marcushutchins.com
marcushutchins.com
Posts Media Videos Starter Packs
malwaretech.com
Marcus Hutchins @malwaretech.com · 3h
It reduces a couple of theoretical risk, but not super pertinent
1 2
malwaretech.com
Marcus Hutchins @malwaretech.com · 4h
One of the questions on my company's mandatory cybersecurity awareness training exam is "what is one thing you have learned as a result of taking this training?" 😭
25 4 61
malwaretech.com
Marcus Hutchins @malwaretech.com · 4h
Almost all of those "resist" accounts are bots
1 1 9
malwaretech.com
Marcus Hutchins @malwaretech.com · 19h
5 10 85
Reposted by Marcus Hutchins
junoryleejournalism.com
Juno Rylee Schultz @junoryleejournalism.com · 1d
David Simon, creator of ‘The Wire’, being interviewed by Ari Shapiro (NPR)
SHAPIRO: OK, so you've spent your career creating television without Al, and I could imagine today you thinking, boy, I wish I had had that tool to solve those thorny problems... SIMON: What? SHAPIRO: ...Or saying... SIMON: You imagine that? SHAPIRO: ...Boy, if that had existed, it would have screwed me over. SIMON: I don't think Al can remotely challenge what writers do at a fundamentally creative level. SHAPIRO: But if you're trying to transition from scene five to scene six, and you're stuck with that transition, you could imagine plugging that portion of the script into an Al and say, give me 10 ideas for how to transition this. SIMON: I'd rather put a gun in my mouth.
320 8.5K 27K
malwaretech.com
Marcus Hutchins @malwaretech.com · 1d
What's crazy about the US immigration system is even under a good administration it's still atrocious. I remember applying for my first work permit, which took so long that it was already expired by the time I received it.
reichlinmelnick.bsky.social
Aaron Reichlin-Melnick @reichlinmelnick.bsky.social · 1d
Yikes indeed. After multiple quarters of success in bringing down backlogs, U.S. Citizenship and Immigration Services is taking a turn for the worse.

The latest data shows that in the first six months of 2025, total net backlogs rose 26%, up by 1.1 million pending applications (of all kinds).
A bar chart showing Total Net USCIS Immigration Application Backlog by quarter, Fiscal Year 2023 Q4 through Fiscal Year 2025 Q3. The chart shows that total applications pending dropped from a bit over 4 million in FY 2023 Q4 to 3.8 million in FY 2024 Q4. In FY 2025, every quarter there has been an increase, with the sharpest increase from Q1 to Q2 and then a smaller but still significant increase from Q2 to Q3, peaking at 5.4 million pending cases.
7 17 150
malwaretech.com
Marcus Hutchins @malwaretech.com · 1d
He isn't an undocumented immigrant, not even an immigrant, a natural born US citizen. He's the second most streamed artist on Spotify, second only to Taylor Swift. A logical choice to play the Super Bowl, but Republicans are extremely mad about it. And absolutely everyone knows why. 2/2
4 17 180
malwaretech.com
Marcus Hutchins @malwaretech.com · 1d
I don't think anyone here was naive enough to think it was ever actually about criminal undocumented immigrants. But with that said, MAGA, Congress people, and even the president taking time out of their day to be mad about Bad Bunny playing the Super Bowl tells you exactly where there head is. 1/2
1 19 150
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
This is how silly all the ASI & vibe coding posts are probably going to look in 5 years time.
1 55
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
It's not an air condition, it's a HEPA filter
1
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
Arctic dog doing arctic dog things
4 6 150
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
Most of the common windows ones are fairly easy to avoid, but it'd be a cat and mouse game either way you do it
1 1
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
There's a lot of different variants with how they encourage users to run the script and they like to rotate between them. Personally I think it'd be best to prevent it via a browser extension which scans the clipboard for scripts and warns the users
1
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
Yeah that was my first thought, but then I decided it's best not to give threat actors technique improvement advice in the corporate blog
1 3
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
Nobody is making the claim that a powershell script don't constitute a payload, only that it does not embed a payload.
1 1
Reposted by Marcus Hutchins
expelsecurity.bsky.social
Expel @expelsecurity.bsky.social · 2d
We're also bringing @malwaretech.com into the mix. Marcus’ expertise in malware analysis and reverse engineering adds serious firepower to our ability to understand and counter evolving threats. 👀 Read his first blog post with Expel: expel.com/blog/cache-s...
(6/7)
Cache smuggling: When a picture isn’t a thousand words
We recently observed an innovative campaign using the ClickFix attack tactic for cache smuggling. Here's what you need to know.
expel.com
1 1 15
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
We encountered a unique variant of the ClickFix malware technique. The catch? The user is social engineered into running a PowerShell script which downloads no files, makes no web requests, and embeds no payload.

Regardless, it's still able to install a malicious loader.

expel.com/blog/cache-s...
Cache smuggling: When a picture isn’t a thousand words
We recently observed an innovative campaign using the ClickFix attack tactic for cache smuggling. Here's what you need to know.
expel.com
6 14 62
malwaretech.com
Marcus Hutchins @malwaretech.com · 2d
lol, a macro for creating integer overflow vulnerabilities. Incredible.
4
malwaretech.com
Marcus Hutchins @malwaretech.com · 3d
What if it's a factory that's ass at producing clowns
2 1
malwaretech.com
Marcus Hutchins @malwaretech.com · 3d
"That's easy". Brother, you have absolutely no idea what you're talking about. TLS exploits can only be used against a live connection, and a certificate leak doesn't allow you to retroactively decrypt traffic (even if you get the full private key, this only used for authentication not encryption).
2
malwaretech.com
Marcus Hutchins @malwaretech.com · 4d
Would this gui application be written with one or two people using the keyboard at the same time
3 1 24
malwaretech.com
Marcus Hutchins @malwaretech.com · 4d
Essentially the company procures exploits for vulnerabilities in mobile software that are unknown to the manufacturers, which they then use to remotely hack phones. These sell from anywhere from $1.5m to over $10m. "use Pegasus" is basically synonymous with "I have no idea how hacking works". 3/3
7 4 110
malwaretech.com
Marcus Hutchins @malwaretech.com · 4d
Pegasus is a piece of mobile malware maintained by a company called NSO Group. The company sell phone hacking services to governments for something like $500k per phone. The malware alone is completely useless, the means by which they install it onto phones is the important bit. 2/3
1 3 78
malwaretech.com
Marcus Hutchins @malwaretech.com · 4d
Having a rather amusing conversation after I pushed back on the advice that using public wifi without a VPN will get you hacked. I bet someone $10k that I could log into my bank account via their wifi network and they couldn't even tell me my username. This guy is telling me he'd "use Pegasus" 1/3
12 12 140
malwaretech.com
Marcus Hutchins @malwaretech.com · 4d
I think $100k/year square is stretchable up to $400k mortgage with current interest rates, but yeah shit's pretty grim even getting into multi 6 figure incomes.
1 1