Your company is rushing to build product features that use AI How do you do that securely? There are MANY ways things can go wrong 🚨 Rami McCarthy's deep dive is BY FAR the best guide I've seen 🚨 Learn the latest attacks and defenses in one 🧵 tldrsec.com/p/securely-bui…

cisa.gov/news-events/al… Thanks, AZ-ISAC for promoting awareness!

perplexity.ai/page/critical-…

You don't always need more sleep. Sometimes you just need a shower and a nice cup of coffee. But usually you just need sleep.

Logging into Linux after a day of doing work on Windows.

🚨 CVE-2025-38236 – Linux Kernel Priv-Esc 🚨 Current in-the-wild exploit targets the Chrome sandbox on Linux desktops, but this is NOT just a workstation problem. Any local user able to send crafted AF_UNIX socket messages can trigger it on any vulnerable Linux system.

Interesting morning coffee news today. perplexity.ai/page/anthropic…

#FF of #InfoSec && #CyberSecurity professionals Jack Rhysider 🏴‍☠️ Lina Alh4zr3d Accidental CISO Katie Paxton-Fear Garr Rana Khalil 🇵🇸 Runa Sandvik Marcel (Skip) Tae’lur Alexis lil c Mike Manrod ali JS0N Haddix I am Jakoby X TheMayor - Joe Helle Ryan M. Montgomery TCM Security

Kudos to Amazon! aws.amazon.com/it/blogs/secur…

This seems to becoming much more common place than I thought. jdstaerk.substack.com/p/we-just-foun…

My coworker mentions a minor bug, slight lag, or small irritation with their Windows or Max experience.

In interesting news, for this month's patch Tuesday, Microsoft observed none of the vulns being actively exploited in the wild! There are eight vulnerabilities where exploitation may be likely. Only one, CVE-2025-54916 , is a remote code execution (RCE) vulnerability.

So Microsoft, S1, and Palo have all withdrawn from the MITRE Attack Evaluations for 2026. Moderately interestingly, S1 and Palo pulled out on the same day (9/12).

The first samples of #EDRFreeze that landed on VirusTotal were already detected by our existing rules – even though we hadn’t written anything specific for it. The reason is that the authors reused previously documented techniques we had already covered in our generic YARA rules

Outstanding kickoff for Threat Intelligence Support Unit (TISU) training. Special thanks to The Bingus Man for coming out to support and participate (and to all our volunteers, attendees, and contributors - including co-creators Ezra Woods and christian_taillon, et al.)

Big move. I know the MCP standard is less stable and changes often, but it is definitely the way the industry seems to be going for agentic tool calling. Going to be a wild 6 months for tool usage.

Artem I. Baranov 🐦 But there’s still a „you“. It reads the emails for <you>. The market expectation is that there’s no you anymore. I didn’t say that it’s not useful. I said that the expectations are too high.

People are getting angry at this and it's the exact same failure mode as "why are football players paid more than nurses huh??" High valuations come from scarcity and growth expectations, not total societal contribution. They're not a thermometer for "what society values".

Join us at Grand Canyon U or one of the many other locations, to participate in SW Splunk Boss of the SOC (#Bots) this Halloween!! Not frightened by scary movies anymore? Some of the BotS challenges will haunt your nightmares.

Gemini 3.0 just refactored my entire codebase in one call. 25 tool invocations. 3,000+ new lines. 12 brand new files. It modularized everything. Broke up monoliths. Cleaned up spaghetti. None of it worked. But boy was it beautiful.