banner
weld.bsky.social
Chris Wysopal
@weld.bsky.social
6.4K followers 300 following 300 posts
Gray haired gray hat. Co-founder Veracode. Former L0pht security researcher. Builds tools to find and fix vulnerabilities in code at scale. Twitter: https://twitter.com/WeldPond
twitter.com
Posts Media Videos Starter Packs
weld.bsky.social
Chris Wysopal @weld.bsky.social · 3d
Stellar weekend in Newport, RI. My daughter got married to a wonderful man! My son even played in the band. So happy and grateful for family!
3 27
weld.bsky.social
Chris Wysopal @weld.bsky.social · 8d
Watch the presentation from BruCon. www.youtube.com/watch?v=L9m9...
03 - BruCON 0x11 - Epochalypse Now The Coming Collapse of Time Integrity Trey Darley Pedro Umbelino
YouTube video by BruCON Security Conference
www.youtube.com
1
weld.bsky.social
Chris Wysopal @weld.bsky.social · 8d
Are you ready for the 2036 Epochalypse and the 2038 Time Rollover? This makes Y2K seem easy.
2 1 9
Reposted by Chris Wysopal
debdebdeb.bsky.social
deb kavaler @debdebdeb.bsky.social · 13d
gofund.me/ae3e52797
It is with great sadness I share the passing of Caspian Shea youngest son of Johanna and Dylan. We are asking for your support covering medical and funeral arrangements during this unimaginable time. Please consider donating - but do share far and wide
Donate to Supporting the Shea Family in Loving Memory of Caspian, organized by Debra Kavaler Wysopal
On behalf of the Shea family, we have created this page of su… Debra Kavaler Wysopal needs your support for Supporting the Shea Family in Loving Memory of Caspian
gofund.me
8 10
weld.bsky.social
Chris Wysopal @weld.bsky.social · 13d
I write this post with a sad and heavy heart. My close friends Dylan and Jo's child, Caspian, has died. You may know Dylan as FreqOut, a longtime member of the hacker community (cDc). The family faces significant medical and funeral costs. If you can, please donate or share: gofund.me/13b9506f0
Donate to Supporting the Shea Family in Loving Memory of Caspian, organized by Debra Kavaler Wysopal
On behalf of the Shea family, we have created this page of su… Debra Kavaler Wysopal needs your support for Supporting the Shea Family in Loving Memory of Caspian
gofund.me
2 7
weld.bsky.social
Chris Wysopal @weld.bsky.social · 19d
Teen hackers aren’t villains-in-waiting, they’re untapped defenders. We can intercept talent early, show real career paths, and turn curiosity into cyber defense. My take on building ethical on-ramps for #cybersecurity www.forbes.com/councils/for...
Intercepting Talent: Turning Hackers Into Cyber Defenders
Teen hackers are reshaping cybersecurity. Channeling their curiosity into ethical hacking could transform risks into the next wave of defenders.
www.forbes.com
9 23
weld.bsky.social
Chris Wysopal @weld.bsky.social · 23d
Goggins was in Boston and saw the movie with us!
1
weld.bsky.social
Chris Wysopal @weld.bsky.social · 23d
30 years ago today, I saw Hackers in theaters with my crew @l0pht.bsky.social Later, I met my wife @debdebdeb.bsky.social on IRC. Then I co-founded a cybersecurity company @veracode.bsky.social with fellow L0pht hacker @dildog.l0pht.com What a journey! Anyone else feeling old? Post your story.
Movie poster for “Hackers”
12 9 83
Reposted by Chris Wysopal
cataribartok.bsky.social
Gustaue Flavorofhumanfleshbert @cataribartok.bsky.social · 27d
BOSTON AREA #synthsky! Hidden Fountain is having our video release show at the French Club in N Cambridge this Saturday. Music from us, Mute City, Bell System (sifu.tweety.fish), and Kathy Snax, followed by videos and short films from Coco Roy and AV Carraway! info/tix at hiddenfounta.in.
5 11
weld.bsky.social
Chris Wysopal @weld.bsky.social · 27d
We may never know the answer to that question but all first responders are part of the World Trade Center Health Program which provides monitoring and treatment and the World Trade Center Health Registry which tracks health over time.
1 8
weld.bsky.social
Chris Wysopal @weld.bsky.social · 27d
On this Sept 11, we remember. My wife served at Ground Zero as a first responder. Yesterday she rang the radiation bell, a milestone on her road to beating breast cancer. Grief + gratitude, service + strength. Proud of her. #NeverForget #FirstResponder #BreastCancer
Smiling as she rings the radiation bell at the treatment center—celebrating an end-of-radiation milestone on Sept 10
10 34 250
weld.bsky.social
Chris Wysopal @weld.bsky.social · 28d
Top cybersecurity conferences are introducing new rules that require researchers to formally address ethics in their work. Starting with the 2026 USENIX Security Symposium, all submissions must include a stakeholder-based ethics analysis.
www.helpnetsecurity.com/2025/09/08/c...
Cybersecurity research is getting new ethics rules, here's what you need to know - Help Net Security
Cybersecurity research ethics is required at top conferences. A guide helps researchers balance innovation, risk, stakeholder responsibility.
www.helpnetsecurity.com
1 4
weld.bsky.social
Chris Wysopal @weld.bsky.social · 28d
Will software companies with CDUs utilize zero day that they know about in their shipping products? Will companies with endpoint agents they control use them for offense? So many questions.
1
weld.bsky.social
Chris Wysopal @weld.bsky.social · Sep 5
Who hacks the hackers?

arxiv.org/abs/2508.21669
Cybersecurity AI: Hacking the AI Hackers via Prompt Injection
We demonstrate how AI-powered cybersecurity tools can be turned against themselves through prompt injection attacks. Prompt injection is reminiscent of cross-site scripting (XSS): malicious text is hi...
arxiv.org
1 3
weld.bsky.social
Chris Wysopal @weld.bsky.social · Sep 2
should be "use of prohibited legacy protocols"
1
weld.bsky.social
Chris Wysopal @weld.bsky.social · Sep 2
During a routine cybersecurity review, DHS CIO discovered significant security vulns that gave a threat actor access to FEMA’s network.

FEMA CIO, CISO, 22 IT employees terminated

Lack of MFA, prohibited legacy protocols, failing to fix known and critical vulns, inadequate operational visibility.
1 2 10
weld.bsky.social
Chris Wysopal @weld.bsky.social · Sep 2
The AI Vulnerability Crisis is Coming — Can Defenders Catch Up?
securityboulevard.com/2025/09/the-...
The AI Vulnerability Crisis is Coming — Can Defenders Catch Up?
AI is becoming an autonomous exploit engine. Experts warn of an AI-driven vulnerability crisis — but resilience, alliances, and action can blunt the impact.
securityboulevard.com
2 2
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 27
An app developer has jailbroken Echelon exercise bikes to restore functionality that the company put behind a paywall last month, but copyright laws prevent him from being allowed to legally release it.

www.404media.co/developer-un...
Developer Unlocks Newly Enshittified Echelon Exercise Bikes But Can't Legally Release His Software
A firmware update broke a series of popular third-party exercise apps. A developer fixed it, winning a $20,000 bounty from Louis Rossmann.
www.404media.co
2
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 27
LLM automated attacks and extortion is here

www.nbcnews.com/tech/securit...
A hacker used AI to automate an 'unprecedented' cybercrime spree, Anthropic says
The company behind the Claude chatbot said it caught a hacker using its chatbot to identify, hack and extort at least 17 companies.
www.nbcnews.com
2 6
Reposted by Chris Wysopal
eff.org
Electronic Frontier Foundation @eff.org · Aug 26
We know very little about how cell-site simulators (CSS), devices that masquerade as legitimate cell-phone towers, are being deployed in the US or globally, but with Rayhunter, we hope to change that. www.eff.org/deeplinks/2...
Meet Rayhunter: A New Open Source Tool from EFF to Detect Cellular
Rayhunter is a new open source tool we’ve created that runs off an affordable mobile hotspot that we hope empowers everyone, regardless of technical skill, to help search out cell-site simulators
www.eff.org
4 88 230
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 20
Applying lessons from my @l0pht.bsky.social days: transparency, collaboration, & curiosity drive cybersecurity progress. Read how we turned hacker insights into modern security practices: www.forbes.com/councils/for...

#Cybersecurity #L0pht #Innovation
How A Clash Of Cultures Changed Software Security Forever
Vulnerabilities don’t get fixed because we wish them away. They get fixed because someone insists that they can’t be ignored.
www.forbes.com
1
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 20
“RapperBot, Eleven Eleven Botnet, and CowBot, which abused ensnared IoT devices, mainly DVR devices and Wi-Fi routers, to launch massive DDoS attacks against victims in more than 80 countries”

I wonder how many were EOL or were difficult to patch/secure.

www.securityweek.com/rapperbot-bo...
RapperBot Botnet Disrupted, American Administrator Indicted
The US Department of Justice has announced the takedown of the RapperBot botnet and charges against its American administrator.
www.securityweek.com
2
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 19
Hackers aren’t the enemy. Ignoring them is.

While cyber gangs recruit on Discord & gaming forums, the industry is missing out on young, self-taught talent.

“It’s time to go back to our roots.”

www.computerweekly.com/feature/Woul...
Would you hire a hacker? | Computer Weekly
At a time when cyber security breaches are on the up and skills remain in short supply, security experts believe we may be missing a trick by overlooking unconventional sources of talent.
www.computerweekly.com
1 6
Reposted by Chris Wysopal
techmeme.com
Techmeme @techmeme.com · Aug 18
Source: Oracle Chief Security Officer Mary Ann Davidson, who joined in 1988 and became the company's first CSO, is leaving as part of a recent reorganization (Bloomberg)

Main Link | Techmeme Permalink
2 4
weld.bsky.social
Chris Wysopal @weld.bsky.social · Aug 14
MeshCore party!
1 12