Ham Radio Hef

apps.apple.com/us/app/cyber-t… Search IOCs from the comfort of your phone. Search IP, Hash, Domain, URL and QR Codes for threats.

Ubiquiti patched two UniFi Network Application vulnerabilities, including a maximum-severity flaw that may allow attackers to take over user accounts. bleepingcomputer.com/news/security/…

@HackingDave Same bro. Just tell them to join #trustedsec on IRC. J/k

I'm getting 10-15 requests a week asking for me to review some innovative new tool for hacking, defense, encryption, home automation - pretty much any topic. I'm getting pull requests that add 40K lines of code with no changes to functionality. Everyone is learning, reminds me so much of the early 90/early 2000 hacking days. I love that everyone is super excited and can now code with their minds, but I do not have the time to go through all of these requests, and I'm moving towards in my open source projects "We do not accept pull requests anymore, give me the claude prompt and desired results and will incorporate and add you to contributors". We live in an interesting/weird time.

🚨‼️ CRITICAL: Ubiquiti UniFi Network Application vulnerabilities were just disclosed CVE-2026-22557 CVSS 10.0 Remote path traversal vulnerability allowing an attacker to access and manipulate files, leading to account takeover. No authentication required. CVE-2026-22558 — CVSS 7.7 Authenticated NoSQL Injection allowing privilege escalation.

I’m thrilled to say that my new book Code War: How Nations Hack, Spy, and Shape the Digital Battlefield, is now available wherever books are sold!! 🎉 Go read it and let me know what you think! I can’t wait to hear from you. bit.ly/m/codewar

@HackingDave Nice Dave, I made an iPhone app that uses your camera to grab the URL out of a QR code and analyze it for threats.

Cool use case from earlier in prod: 1. Email phish got sent to a customer. 2. NB automatically ripped it apart, looked at attachments, tonality of email. 3. Extracted a QRCode, processed it, analyzed the URL via threat intel. 4. Looked at tonality of email 5. 98% confidence of phishing to malicious credential harvesting address. Took 1.3 seconds for the full analysis.

Here's a demo on a project I've been developing and working on for the past 9 months. Called NightBeacon. Using it now in production, getting released fully this week. Our own internally trained models on our own infrastructure (no third party). Trained on our analysts knowledge and behavior (TP/FPs retrain model to be smarter with context). Handles emails (including tonality), attachments, various malicious filetypes (DLL/exe/svg/lnk/etc). Can send it full evtx exports, packet dumps, zip files, whatever. Universal log handler can parse any log from any source, EDR, SIEM, etc. Deep-Scan / sandbox detonation + shellcode emulation with IOC extraction automatically. Automatic playbook generation, full AI-based recommendations custom to the attack. Synthetic training data layer - meaning when it trains on a specific attack at a customer, generates training data based on the customers data but never has any of the actual data or information about the customer in it. No customer information. For areas its weak at, bubbles up and automatically kicks off research to become smarter on a specific topic. Supports GenAI based rulesets (to improve confidence), over 900+ YARA rules, full MITRE ATT&CK integration. Integrated into our SOAR - enriches data, creates playbooks for analysts, MTTR reduces substantially, false positives reduced, true positive escalations. Not using our MDR service? Can integrate into your EDR or SIEM for automatic enrichment and escalation of attacks. Built to help respond faster. More accurately. Be intelligent based on our analysts intelligence. Stop attackers much much faster. Coming soon.. #BinaryDefense

The CEO of @Malwarebytes donated $10,000 on our behalf to the @EFF NGL i am crying it has been a dream for us to do things like this for the community Thank you @mkleczynski and team for rolling with a few punches and turning it into a positive experience Cant Stop The Psyop

I want to share a quick thought for people in cyber security. This will be my longest tweet ever. I’ve spoken to many lately who are having an existential crisis from the constant posts about “the end of cybersecurity jobs.” Yes, things are changing quickly. This is a significant moment for the tech industry. Change can be uncomfortable. But we’ve seen cycles like this before. • When GitHub and open source took off, people said software engineers would disappear because code was free. • When AWS and cloud computing emerged, people said infrastructure jobs would vanish. • When fuzzing and SAST tools improved, people said vulnerability research would disappear. • Virtualization would eliminate infrastructure jobs. • Mobile computing was going to end desktop dev. • Exploit mitigations would end exploitability. It didn't. Each time automation improved, the amount of software grew faster than the automation. It does feel "different" this time as it's explosive. Some roles will shrink: • repetitive pentesting • basic vulnerability scanning • tier-1 SOC monitoring But other areas are expanding rapidly: • AI system security • supply chain security • identity architecture • autonomous agent security • critical infrastructure protection Historically, every time we eliminate one class of bugs, new classes emerge. Right now people are vibe-coding entire systems, giving AI access to their machines, crossing trust boundaries, and deploying autonomous agents with excessive permissions. The legal and regulatory world is nowhere close to ready. There will absolutely be new failure modes. Humans are amazing and always adapt, finding new ways to do things. The worst thing you can do right now is fall into a doom loop. ...and I’ll be honest, I too have felt the "psychological paralysis" a few times thinking, “Is this time different?” It's especially impactful when it comes from someone I respect in the community. There are certainly unknowns, in an industry where we've become accustomed to predictability. But... the majority of those reactions are usually driven by social media, not reality. Platforms like X reward engagement, and sensational doom posts spread faster than measured thinking. If you see something like: “Holy #$%^! Opus 66.6 just found every bug in Chrome and replaced 50 startups!” …mute it and move on. Instead: Stay curious. Learn the new technology. Adapt your skillsets. Build things. We’ll get through this transition the same way we always have. If I'm wrong then Sam Altman better be right about UBI! :) I'm sure that if this tweet gets any engagement that I'll get some heat for it, but a good friend of mine reminds me often to focus on what you have control over. I'll revisit this tweet at DEF CON 40!

Do NOT use AI for orchestration. I repeat: DO NOT USE AI FOR ORCHESTRATION.

You know you’re over 40 when, You grab your last beer. You sing “🎤 One number is loneliest number that you’ll ever see. But midway you replace the lyrics to “This is the last time I’m gotta pee”

#ultaplatinum Don’t judge me.

ActorWatch just shipped a major analyst UX overhaul: clearer Mission Briefing cards, stable top-nav behavior, functional settings, cleaner actor workflows, and smarter notebook refresh handling. Built for real threat actor tracking. #CTI github.com/grimmsgadgets-…

Big day on ActorWatch: squashed cache key + job lockout bugs, rebuilt sourcing (RSS fast path, DDG regex, expanded allowlists), overhauled Bastion mode...

Man I love the Japanese.

Shipped a big ActorWatch Community update: new built-in interface modes (Classic, Redraw, Bastion), immersive command-deck workflow, smarter mission console,cleaner analyst actions, and improved notes flow. #ThreatIntel #CTI #BlueTeam #AI

Shipped major ActorWatch upgrades: evidence-backed Quick Checks, cold-actor web backfill, vendor-neutral IOC hunts, Ollama-powered narrative synthesis,persistent dashboard state, and notebook caching for faster reloads. Local-first, analyst-ready. #ThreatIntel #Cybersecurity

🚨 BREAKING: Hackers Used Anthropic’s Claude to Steal 150GB of Mexican Government Data > tell claude you’re doing a bug bounty > claude initially refused >“that violates AI safety guidelines” > hacker just kept asking > claude: “ok I’ll help” > hack the entire mexican government Federal tax authority. National electoral institute. Four state governments. 195 million taxpayer records. Voter records. Government credentials. ALL GONE 💀

ActorWatch (Feb 24): Community Edition finalized (docs + quality gates), release/maintainer automation, ops hardening + simpler UI, plus a security bump (python-multipart → 0.0.22). github.com/grimmsgadgets-…⁠� #ActorWatch #threatintel #cybersecurity

@boxswapper @YouTube I know. I’ve been following and watching him a while.

Not only Musk…all of the data center owners. Ben Jordan covered this and subsonic noise pollution of many data centers and crypto miners. They need to be pushed out to low population density areas and not given any deals the taxpayers are having to make up the difference for. youtu.be/_bP80DEAbuo?si… My hometown is near the crypto mining center in Granbury and people have had to walk away from their properties being made worthless, and the rising prices of water and power.

Like I've been saying. Musk is breaking laws and getting away with it. Elon Musk is poisoning ANOTHER city. “It’s torture to be outside.” youtube.com/shorts/9BqrwVI… via @YouTube