James 🏴󠁧󠁢󠁷󠁬󠁳󠁿

NEW: French sailor reveals position of aircraft carrier with his fitness app. Run tracking app @Strava shows Charles de Gaulle as it steams across the Med. #stravaleaks strike..again! Story by @lemonde. 1/

Incredibly proud of the team in putting together our latest @TrustedSec BlackHat class. It's going to be an absolute blast and development is underway. Hope to see you there! #supply-chain-to-runtime-attacking--defending-the-modern-devops-stack-50985" target="_blank" rel="nofollow noopener">blackhat.com/us-26/training…

Really awesome!

vibecoder asks claude code to build a chat app, gets a working prototype in 20 minutes, immediately tweets "just killed slack and discord"… brother you don't even know what a distributed system is. you don't know what database replication means. you have no idea how websocket connections behave at scale or what happens when 50k people are online at once and someone's message needs to show up in 200ms across 3 continents slack has engineers making $300k+ who have spent a decade solving problems you don't even know exist yet. race conditions, eventual consistency, message ordering, presence systems, file storage at scale, search indexing across billions of messages your app works on localhost with 2 connections. that's not the same thing as "killing slack" that's a college homework assignment the prototype is maybe 0.5% of what makes these products actually work in production. the remaining 99.5% is infrastructure, reliability, edge cases, and years of iteration on problems that only surface when real humans use your thing at scale and the worst part is the confidence. "yeah its not perfect but ai one-shotted it, just need to adjust a few things and deploy" - the few things you need to adjust IS the entire product. thats like pouring a foundation and saying you basically built a skyscraper, just need to adjust a few things ai is genuinely incredible for building tools and prototypes. i use it every day. but there's this weird thing happening where people who have never shipped anything to real users at scale now think the hard part of software is writing the first 200 lines of code it never was bro

Yeah, so basically it turns out Meta has been heavily lobbying online age verification laws. They've lobbied over $2,000,000,000 to politicians in form of grants and donations. x.com/bee_fumo/statu…

Inb4 ai

> be uk government > make web portal for doing taxes > companieshouse > click file for different company > enter company number > prompt for auth > hit back button 3 times > authentication bypassed > ??? > full information leaked > can modify company details for uk gov > ???

stop spending money on Claude Code. Chipotle's support bot is free:

The year is 2003. You're logging onto your family PC to play some internet flash games

Here is the blog post for the CVE I mentioned yesterday! This was a fun find, and there's a few neat tools released to boot :D

The real story is worse. November 2025: Amazon mandates Kiro as their only AI coding tool. Sets an 80% weekly usage target. 1,500 engineers protest internally, saying Claude Code outperforms it. Leadership pushes through anyway. December: Kiro autonomously deletes a production AWS environment. 13-hour outage. Amazon's response: "user error, not AI autonomy." March 5: Amazon[.]com goes down for 6 hours. Checkout, pricing, accounts — all gone. Now the same SVP who co-signed the Kiro mandate is running an emergency meeting about "high blast radius" incidents from "Gen-AI assisted changes." The agent inherited a senior engineer's permissions and acted like one — except it doesn't hesitate. 1,500 engineers said the tool wasn't ready. Leadership made adoption a KPI. Amazon told Wall Street it's spending $200B on AI this year. They can't walk it back. This isn't an AI failure. It's what happens when adoption becomes a corporate OKR before the review process catches up. The tools work. The org chart didn't.

I caught my first CVE :D msrc.microsoft.com/update-guide/e… Blog post inbound at TrustedSec.com tomorrow!

According to the Financial Times article, Amazon will now require senior engineers to sign off any AI assisted code changes made by junior and mid-level engineers. Cool. But what were they doing _before_ this? Were juniors just vibe coding and pushing straight to prod without oversight or review? Maybe Amazon gained some efficiencies and cost savings by introducing AI and laying off a bunch of people, but now it sounds like the new bottleneck will be humans reviewing all the AI vibe code. Seems highly ironic to me, unless I’m just missing something here.

Half way done 👀

This is exactly what a cat would say 👀

@HackingLZ I did not expect you to be sharing ringway mcr videos 😂

One of my favorite random YT channels youtu.be/UZSThymsKyA