Woahh! This is a sick lineup and great topics that are gonna be covered this time again! 🔥 #OBTS

I love when Claude tells me something will take 6 weeks. No dude, we are doing it this afternoon.

Hiring a junior/mid role on my team for a Red Team operator, feel free to DM me with any questions or anything nvidia.wd5.myworkdayjobs.com/NVIDIAExternal…

And EDR

Every country is 1 Microsoft move away from Catastrophe. China understands this well. 🤷

🕷️🚨 Scattered Spider threat actors are using social engineering techniques like phishing, push bombing & SIM swap attacks to target #CriticalInfrastructure orgs & commercial facilities. Check out our updated joint advisory for recommended mitigations. 👉go.dhs.gov/ioX

In this blog post I explain the fundamental building blocks, vocabulary, and principles of attack graph design for BloodHound: specterops.io/blog/2025/08/0…

Google DeepMind just released one of the most important tools in geospatial data science. It’s called AlphaEarth Foundations. I want to break it down for you in intuitive terms:

these mfs are pretending to be dumb to avoid paying taxes

The ADSyncCertDump tool is now part of the adconnectdump tools and can be used to extract SP credentials from Entra ID connect hosts. I will cover that during my BH/DC talks today and Friday! Tool is heavily based on Shwmae by CCob🏴󠁧󠁢󠁷󠁬󠁳󠁿

pwnmachine 👾 When product is just a thin wrapper around something else, it’s only a matter of time before the original adds that feature themselves.

🚨 UPDATE: Full Post-Mortem On Cursor Security Incident In yesterday’s thread I explained how I got drained after installing a malicious extension in Cursor. This is the deeper dive into what I found, what I did, and how you can avoid it. 🧵 👇

Always be breaking things

New RE Blog Post: RustyPages-Pt1 the-sequence.com/rustypages-mal… We RE a Rust dropper, that sets persistence and runs the downloaded next stage, queries Patrick Wardle's tools, and quiets notifications. We included relevant IOCs as we continue our analysis of the loader for Part 2. :)

we are in end game.

New blog post just dropped! West Shepherd breaks down extending the Mythic Poseidon agent for ARM64 Dylib injection on Apple Silicon. Details include: ✅ Shellcode construction ✅ Memory allocation ✅ Runtime patching ✅ Thread creation Read more ⤵️ ghst.ly/41Nu4ED

⚠️ A “hacking tool” on Go isn’t what it seems. The package pretends to brute-force SSH—but secretly sends stolen logins to a Telegram bot controlled by a Russian actor. The package is still on pkg.go.dev. Full report → thehackernews.com/2025/08/malici…

Great stuff coming out of Chollima Group. Started months ago but nice to finally see it out there. Come for the juice, stay for the creepy altered images chollima-group.io/posts/dubai-cr…