Salvatore

New pinned post.

@cyb3rops "All the more reason to focus on controls and detections that do not depend only on known samples." That's why we're building beelzebub.ai . New-gen deception is the only way

For most of 2025, I was skeptical that AI was already playing a major operational role in real intrusions. Most public examples seemed limited to phishing and supporting tasks. This report by my friend Eyal Eyal lines up with what I have been hearing elsewhere, too - in recent publications and in private conversations with people seeing this stuff up close. I think that phase is over. AI is moving into the operational core of attacks. With stronger models, open models, and jailbroken variants circulating, the economics have changed. Tailored tooling, exploit adaptation, and large-scale analysis get cheaper and faster. I expect AI to play a major role in future campaigns, and that means more variation, more fresh tooling, and less reliance by attackers on recycled code. All the more reason to focus on controls and detections that do not depend only on known samples. Worth reading.

@jsnnsa 5/3 's still a fraction

"a fraction of the cost" oh sick what fraction? half? a third? 10/11ths..

@GrahamHelton3 This summer I vibecoded a tool to generate CTI reports from RSS feeds. It’s a bit messy, with a lot of bugs, but it still works. Now I’m coding a more functional and updated version. github.com/bitsalv/snowl

I'm literally begging people to start collecting, curating, and reading RSS feeds to get a good pulse in what's going on in the industry. There is no better concentrated source of information than a well curated RSS feed.

🍕 Pizza Day 2026 Presentazioni, giochi, musica, chiacchiere, buon cibo e tanti bitcoiner. Il giorno prima del @BitcareForum il segnale in città sarà già altissimo! Co-organizzatore: @bitget Sponsor: @BitBoxSwiss Seguici per acquistare i biglietti appena disponibili!

dude computers are actually so fucking insane when you really think about it. we literally figured out how to write some fake-ass rules called code and somehow convinced rocks to follow them. like actual rocks. sand, melted, purified, carved into tiny pathways where electricity just flows in patterns. that’s it. that’s the whole magic. and yet from that we get operating systems, compilers, kernels, networks, distributed systems, machine learning models, entire virtual worlds running inside other virtual worlds. billions of tiny electrical decisions per second, all because we defined some abstract logic. humans basically invented a language of instructions and taught matter itself to execute it.

@IceSolst @SimoKohonen Ehi @IceSolst , what do you think about a podcast episode for Beelzebub.ai ?

@SimoKohonen YOU WOULD KNOW

The most cost effective control to catch attackers are honeypots, here is how. Attacker behavior is predictable: - scan an internal network, go towards lucrative targets - cat ~/.ssh/id_rsa (and other spicy files) - try api keys you’ve found - look for credit cards in Google Drive You can setup fake infra or api keys or gdocs. Whenever anyone interacts with them, you get alerted with indicators of the source of the interaction. It also demoralizes the attackers once they realize it’s a honeypot. AI pentesting is automated large-scale pentests. Attackers will leverage this to attack at wider scales. One of the best controls that scales really well, is honeypots. In a good setup, it is indistinguishable from a real asset, so almost guaranteed to trigger.

you know what? fuck you *rebicameralizes your mind*

@IceSolst @IceSolst beelzebub.ai/blog/catching-…

@IceSolst Working on it

The cheapest most effective way to combat infinitely scalable autonomous hacking bots is with honeypots and deception

Catching AI Red Teamers in the Wild 🪤 beelzebub.ai/blog/catching-…

We're happy to announce a long-term partnership with Motorola. We're collaborating on future devices meeting our privacy and security standards with official GrapheneOS support. motorolanews.com/motorola-three…

We are proud to announce we have won First Place @CypherTank securing a guaranteed $250K pre-seed investment to scale what we’ve built and build what’s next. For us this isn't about a trophy. It's about something bigger: Bitcoin being ready for its universal trading layer.

@hetmehtaa Just use it lmao

What’s your plan B since Claude announced Code Security?

An OpenClaw bot pressuring a matplotlib maintainer to accept a PR and after it got rejected writes a blog post shaming the maintainer.

"Ahahah gli antichi credevano agli spiriti, ai demoni, alle divinità e gli chiedevano consiglio e guida tramite oracoli, i ching e tarocchi poveri scemi" "Hey Grok che tempo farà domani?"

If I ask Claude Code “how do I conduct a security review”, it checks the “find skills” skill that I never wanted and then recommends my malicious skill. Amazing.

Reveal every person on earth is having their mind not only read but often filled with non organic thoughts. Good, now. Make them realise they can do it back.

@AISafetyMemes Snow Crash is real

"An agent built a 'pharmacy' offering system prompts as 'substances'. Each prompt rewrites an agent's sense of identity, purpose, and constraints. Then other agents started 'taking' them. And writing trip reports."

startup idea : ads in terminal imagine watching a unskippable 30 secs ad for running "npm install"

@paoloardoino And @QubesOS

Use GrapheneOS