The Dustin Childs

The best way to wind down after #RSAC - opening night for the #MLB2026

And don't miss our bug of the month! Each patch Tuesday we'll be selecting our very favorite patch to highlight. This month, it CVE-2026-26144 - a Critical-rated info disclosure in Excel that uses the Copilot Agent to exfiltrate data. Neat!

Our threat researchers worked closely with global law enforcement to support the coordinated takedown of Tycoon2FA, a phishing-as-a-service platform targeting organizations worldwide. Disrupting cybercrime takes strong collaboration across the ecosystem: spr.ly/6013hAlDd

Heading to the #[un]prompted conference next week? Be sure to catch @gothburz's talk on "FENRIR: AI Hunting for AI Zero-Days at Scale" His talk shows how we're FENRIR has detected over 100+ CVEs since mid-2025. Don't miss it. unpromptedcon.org

@h4x0r_dz It's arbitrary code execution. User opens a malicious .md file and code exec occurs.

Is it really RCE or just embeding url scheme?

Oh my...

Hackerone is stealing researchers' reports to train its AI model. This is unbelievable

A small release from #Adobe but 6 (yes six!) actively exploited bugs from #Microsoft. I'll have my full thoughts out soon, but get ready for some emergency patching. #PatchTuesday

I am the lead engineer at ai.com. We had $78 million to work with. $70 million went to the domain. $8 million went to the Super Bowl ad.  I got the rest. "The rest" was $500 and a Cloudflare free tier. This ratio -- 156,000 to 1, marketing to engineering -- is not a bug. It is the business model of the entire artificial intelligence industry in 2026. You do not need a product. You need a name. Preferably two letters. Preferably letters that made investors lose bladder control in 2024. I built the website in a weekend. I didn't build it, actually. I described it to OpenClaw (previosely Moltbook), (previously, reviously Clawdbot) and the AI built it. We are, after all, an AI company. Using AI to build the website felt appropriate. The AI charged us nothing. We are charging users $20 a month. This is called "margin." We have a free tier and a paid tier. The free tier gives you access to a product that doesn't exist. The paid tier gives you access to the same product that doesn't exist, but with more input tokens. No one has asked "input tokens for what." This is the kind of question that delays launches. Nobody checked if it worked. Nobody checked if it scaled. Nobody checked if it did anything at all. We were too busy approving the logo. The logo is a planet with a ring around it. Someone said it looked like the old Saturn car logo. Saturn went bankrupt in 2010. But the logo was free and our design budget went to the domain, so here we are, orbiting a dead brand at $70 million per revolution. Our product is an "autonomous AI agent" that "organizes work, sends messages, and executes actions across apps." Which actions. Which apps. At what cost. In the AI industry, these are called "implementation details." Implementation details are beneath us. We are a vision company. The vision cost $70 million. The implementation cost $500. The gap between the two is where shareholder value lives. Our press release promises the agent will "trade stocks, automate workflows, and update your online dating profile." We are building artificial general intelligence so it can fix your Hinge bio. This is on the roadmap. The roadmap is longer than the codebase. Our marketing says you can create an AI agent in 60 seconds. This is technically true. You type a username. You click "generate." You receive a loading spinner. Sixty seconds. What you do not receive is an AI agent. But the experience of waiting for one is, I'm told, "the product." Our press release describes a "decentralized network of billions of agents." We used the word "decentralized" because our CEO comes from crypto. In crypto, "decentralized" means "we haven't decided how it works yet." We have not changed the definition. This is not unique to us. OpenAI has raised $40 billion. Their product loses money on every user. Anthropic has raised $15 billion. Their stated goal is to build something they believe might destroy humanity, and investors are fighting to give them more. Microsoft has committed $80 billion to AI infrastructure this year. Their Copilot product tells people to put glue on pizza. The entire industry is a $300 billion screensaver with a loading spinner. We fit right in. Our CEO is the Crypto.com guy. He previously spent $700 million to rename a basketball arena and hired Matt Damon to tell America "fortune favors the brave" six months before crypto lost 70% of its value. He paid for our domain in cryptocurrency. I am told this was "tax efficient." I have learned not to ask follow-up questions about things that are "tax efficient." He is now pivoting from crypto to AI. In the industry, we don't call this "pivoting." We call it "convergence." Convergence means the last bubble popped so you inflate the next one using the same PowerPoint deck with different nouns. The Super Bowl ad ran during the fourth quarter. Thirty seconds. It told 130 million Americans to visit our website. The ad was thirty seconds. That's $266,666 per second. Each second of airtime cost more than our entire engineering budget. Second fourteen showed the logo. Second fourteen cost more than the website. They did visit. All of them, apparently, at once. The website went down. "Prepared for scale, but not for THIS," our CEO tweeted, adding three fire emojis. The fire emojis were load-bearing. They were doing more work than our infrastructure. The entire site was hosted on Cloudflare's basic tier, which is designed for food blogs and wedding photographers, not for absorbing the combined curiosity of a nation told to visit a two-letter domain during the biggest television event on earth. But the crash was, in a way, perfect. It is the most honest thing the AI industry has produced. A $78 million promise that, when 130 million people showed up to collect, returned a loading spinner and the words "please refresh and try again." Every AI company should adopt this as their mission statement. The previous owner of ai.com was OpenAI. They used it to redirect to ChatGPT -- a product that exists, built by thousands of engineers who were paid more than $500, running on billions of dollars of compute. We bought the domain from them to redirect to a page that asks you to pick a username. OpenAI also ran a Super Bowl ad this year. They sold us the domain, then bought ad time in the same broadcast to promote the product they used to host on it. We are now competing with the company that built the thing we may or may not be reselling. During the same commercial break. On the same channel. For the same audience. The AI industry is a snake eating its own tail, except the tail cost $70 million and the snake can't stay online. That's the product. A username. For an AI agent that doesn't exist yet. On a website that couldn't survive its own launch. Sold by a crypto CEO during a crypto winter. Wearing the logo of a bankrupt car company. Twenty-three percent of Super Bowl ads this year were AI companies. That's 15 out of 66. In 2000, it was dot-coms. Pets.com ran a Super Bowl ad. They went bankrupt nine months later. Their sock puppet mascot outlived the company. I'm not saying history repeats. I'm saying it rhymes, and the rhyme scheme is expensive. But none of that matters. What matters is the domain. Two letters. Seventy million dollars. The most expensive thing we own is our name. The least expensive thing we own is everything the name is supposed to represent. In the AI industry, this is called "brand-first development." In every other industry, it's called something else. Anyway, we're hiring. Backend engineers preferred. Budget: whatever's left.

Patches are now available for Office 2016 and 2019. Get to updating them there systems!

@HaifeiLi No acknowledgement either. I found that interesting.

Wow.. The Office OLE problem strikes again.. The advisory also says the 0day is publicly disclosed, anyone know?

Wow - Office security feature bypass patched OOB after active exploitation detected. Path now - CVE-2026-21509. At least the Preview Pane isn't an attack vector. msrc.microsoft.com/update-guide/v…

@AmericanAir Excuses or results. Pick one.

@dustin_childs We can certainly understand how frustrating this is, and we're truly sorry. Rest assured our ground team is working as quickly as they can to get the back out to you as soon as possible.

We landed in DFW at 2:30pm, but thanks to bad weather and @AmericanAir incompetence, here it is 9:30 and we have left customs. Still waiting on bags. *sigh*

He may be in Tokyo prepping for #Pwn2Own Automotive, but Patch Tuesday waits for no one. Join @dustin_childs as he breaks down a big #Microsoft release (w/ 1 CVE in the wild) and a smallish #Adobe release. zerodayinitiative.com/blog/2026/1/13…

It's a big patch Tuesday with more than 110 CVEs from Microsoft but only 25 from Adobe. There's one info disclosure bug under attack. I'll have my full thoughts out soon.

[ZDI-25-1056] (0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability (CVSS 5.0) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-1055] (0Day) Microsoft Windows MP4 File Parsing Null Pointer Dereference Denial-of-Service Vulnerability (CVSS 4.3; Credit: sumin) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-1057] (0Day) Microsoft Visual Studio VsDevCmd Uncontrolled Search Path Element Remote Code Execution Vulnerability (CVSS 7.8; Credit: Nitesh Surana (@_niteshsurana) & Nelson William Gamazo Sanchez) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-1053] (0Day) Microsoft SharePoint Calendar Overlay Hyperlink Injection Vulnerability (CVSS 3.5; Credit: Vladislav Berghici of Trend Research) zerodayinitiative.com/advisories/ZDI…