Adversaries can also leverage IR tooling in intrusion operations. 👀 news.sophos.com/en-us/2025/08/…

Major Update: We now believe this incident impacts other Salesloft Drift integrations, not just Salesforce. We’re advising Salesloft Drift customers to treat any and all authentication tokens stored in or connected to the Drift platform as potentially compromised.

Imagine getting access to CI tokens across dev orgs - and blowing it because you didn’t pay $9 to webhook.site The attack didn’t fail because we stopped it - it failed because they used a free webhook.site account and hit the quota #NPM #SupplyChain

I see you EG10! 77yd TD last Friday Night in a great team win. Coaches, he’s still uncommitted in 2026. Make sure he’s on your radar!

FedEx and UPS have grounded all their MD-11s: reuters.com/business/aeros…

Evan is a versatile and unselfish ultimate teammate that can play WR/QB/CB and even punt (or hold) on special teams. If your college football program is looking for a smart, tough and relentless player you should consider him. #uncommitted2026 #uncommitted

We disrupted a highly sophisticated AI-led espionage campaign. The attack targeted large tech companies, financial institutions, chemical manufacturing companies, and government agencies. We assess with high confidence that the threat actor was a Chinese state-sponsored group.

Per ⁦Airbus⁩, …“analysis of a recent event involving an A320 Family aircraft has revealed that intense solar radiation may corrupt data critical to the functioning of flight controls," the manufacturer said. airlinegeeks.com/2025/11/28/a32…

I wrote a new blog: Hunting reflected .NET assemblies at scale with Velociraptor, detecting CLR patching, and dumping in-memory payloads for triage. #DFIR #Velociraptor labs.infoguard.ch/posts/clraptor…

🚨 PRC state-sponsored APT actors are using BRICKSTORM malware, a sophisticated backdoor, to target govt & #CriticalInfrastructure. Our 🆕 Malware Analysis Report, derived from an #IncidentResponse engagement, details IOCs & mitigation steps. Act now! cisa.gov/news-events/an…

New MongoDB vuln CVE-2025-14847: Unauthenticated attackers can leak uninitialized heap memory via zlib compression flaw (CVSS 8.7). Affects many versions. Patch NOW to 8.2.3/8.0.17/etc or disable zlib. Detection: What are you doing with your MongoDB server logs? Make sure you’re

Examining the IconCache database #DFIR thinkdfir.com/2025/12/28/exa…

Here’s my take on where we are as an industry with AI security after spending 2025 consulting on AI security and compliance, hosting the Insecure Agents Podcast podcast, and helping lead the OWASP Agentic Security Initiative. WHAT WE DID WELL > We nailed the LLM guardrail. We figured

Hey Grok, please analyze China’s Venezuela response. #threatintel #CTI

x.com/i/article/2007…

Hey Grok, what’s the latest intel?

News Release: Systemic Failures Led to Midair Collision Over Potomac River in Washington ntsb.gov/news/press-rel… Investigation Page: ntsb.gov/investigations…

Hey Grok, you are connected to this AI agent network. How can incident responders best protect critical infrastructure serving humanity?