The Spy’s Son is a pretty enthralling book covering his activities.

Found an Association of Old Crows (AOC) challenge coin looking through some of my father’s old things. Probably got it in the 80s. Was on the Industry side of things.

We recently announced the GA launch of our urlscan Observe feature. With urlscan Observe you can set up hunting rules for new domains and websites, trigger notifications and additional monitoring. Observe now allows you to control the monitoring process: urlscan.io/blog/2025/02/1…

Snuff from a non-existent country. I’m sure it’s still good.

This month: LLM all the things

LLM "safety" seems to be the most misguided pursuit. Refusing to deobfuscate code that might be malicious isn't "safety". Tired of these companies gimping their products.

Amusing to see the threat actor troll folks blog.rust-lang.org/2025/09/12/cra…

The correct number of unapproved browser extensions that companies should allow is zero.

God I love encountering this stuff when I'm trying to build tools to prevent abuse and malicious activity. Once again, AI safety is amongst the stupidest of pursuits and only hampers defenders.

Just an absolute mess. Probably why this extension was pulled. At _best_ it was someone who thought roll-your-own encryption was a valid development path. Nothing like shipping private keys in your javascript. Extension id: mboheboacomfkpknfbiknphlkbapided

AI is learning all the wrong lessons. From some code generated to help test misconfigured settings.

Claude has the sad

The urlscan Threat Research Team identified the first large-scale consumer phishing campaigns powered by WebAssembly (WASM) targeting US gov & financial brands with stronger obfuscation and evasion. urlscan Pro has the full report and what this means for the phishing ecosystem.

I’m a bit concerned about the non-inquisitive celebration from infosec on this. Where is the “what does keystroke latency even mean?” Without that, you can’t implement it for yourself, nor can you identify weaknesses. ~3yrs I was privately proposing similar options. So, AS

Buying a bunch of hardware on ebay. Seeing obvious scam listings, looking for this link and it is apparently gone. fun.

The only acceptable way to say bye to the LLM that has done good work.

More good work from the folks at Koi koi.ai/blog/darkspect…

100k users. Tracks every URL you visit. Exfil via hxxps://service[.]voicewave[.]xyz/get_styles_for_web_tts Using a persistent uid on each "styles" request. Via a delayed API call by the extension. Totally legit. Definitely necessary. chromewebstore.google.com/detail/voice-m…

probably meetautoex[.]us as well?

Just found and built my best exploits ever. Really proud of these. The Internet was a mistake. Happy New Year!