Hans Bricks

@ContaboCom Take your head out of your ass please. You let me PAY AS JOHN LENNON and THE @thebeatles but then you decide just steal my money. PAY AND THEN KYC OR WE KEEP YOUR MONEY. NO YOU DICKHEAD. YOU ARE A THIEF. AND I WANT STAND THAT. I'm sick and tired of hearing things From uptight, short-sighted, narrow-minded hypocritics All I want is the truth. You got 24 hours and then I fucking curse' you and you just know you're gonna go down you incompetent SHITTIEST MACHINES in the world. BIG NEWS gonna come out bout you soon. 24 hours love.

@stanislavfort The future belongs to small models orchestrated by a larger one. 8b can go far but 3b ? Look forward to reading the whole post and reproduce if possible like you say

New post: We tested the Mythos showcase vulnerabilities with open models. They recovered similar scoped analysis! 8/8 models found the flagship FreeBSD zero-day, including a 3B model. Rankings reshuffle completely across tasks => the AI cybersecurity frontier is super jagged!

@elder_plinius now add cryptography , like GPG so you can write a message to a list of github usernames and they’d be able to decrypt the message with their keys.

🚨 BREAKING: Someone just dropped the most advanced Steganography Platform EVER!! 😱🥚 STE.GG is an open-source toolkit that hides secrets inside ANYTHING! images, audio, text, PDFs, network packets, ZIP archives, and even emojis 😘️︎︎️️️️︎︎︎️︎︎️️︎︎︎️︎︎️️️️︎️︎️︎️️︎︎️︎︎︎️︎️︎︎️︎︎︎︎︎︎️︎️︎︎︎︎︎️︎︎️️︎︎︎️︎︎️︎︎️︎️︎︎️️️︎︎️︎️️︎︎️︎︎️️️️️︎​ AND it has an AI agent built in 👀 🔍 REVEAL: drop any file and the AI agent tests every known decoding method automatically. 120 LSB combinations, DCT, PVD, chroma, palette, PNG chunks, trailing data, metadata, Unicode, and more. 50 tools running in parallel. auto-extracts hidden payloads as downloadable artifacts. no config needed. 🔮 CONCEAL: type your secret, pick a method (or let the AI choose), upload a carrier image OR generate one with AI. one click → encoded steg file. the agent recommends the optimal method based on your use case. the methods: ⊰ LSB — 15 channel presets × 8 bit depths = 120 combinations. steghide has 1. st3gg has 120. ⊰ F5 — operates on JPEG DCT coefficients. SURVIVES social media compression. regular LSB is destroyed by ANY JPEG compression, even quality 99%. ⊰ PVD — encodes in pixel pair differences. statistically harder to detect than LSB. ⊰ CHROMA — hides data in color channels (Cb/Cr). human eyes are less sensitive to color than brightness. ⊰ SPECTER (unique) — data hops between RGB channels in a pattern that IS the key. like frequency hopping in radio. ⊰ MATRYOSHKA (unique) — images inside images inside images. 11 layers deep. each layer is a valid image. ⊰ GHOST MODE (unique) — AES-256-GCM (600k PBKDF2 iterations) + bit scrambling + 50% noise decoys. 13 text steganography methods (no other tool has any): ▸ ZERO-WIDTH — invisible characters between visible letters ▸ INVISIBLE INK — Unicode Tag Characters (U+E0000). renders invisible everywhere ▸ HOMOGLYPHS — 'a' → 'а' (Cyrillic). visually identical. different bytes ▸ VARIATION SELECTORS — invisible modifiers after characters ▸ COMBINING MARKS — invisible joiners after letters ▸ CONFUSABLE WHITESPACE — en-space = 01, em-space = 10, thin-space = 11. 2 bits per space. text looks normal. the spaces are "wrong" ▸ DIRECTIONAL OVERRIDES — invisible RLO/LRO bidi characters ▸ HANGUL FILLER — Korean invisible character replaces spaces ▸ MATH BOLD — 'a' becomes '𝐚'. looks like bold text. each bold letter = 1 bit ▸ BRAILLE — each byte maps to a Braille pattern character ▸ EMOJI SUBSTITUTION — 🔵 = 0, 🔴 = 1 ▸ EMOJI SKIN TONE — 👍🏻👍🏼👍🏾👍🏿 four skin tone modifiers = 2 bits each. a row of thumbs-up with different skin tones looks like a diversity post. it's binary data. four emoji = one byte. detection: 50 tools including RS Analysis (academic gold standard), Sample Pairs, chi-square, bit-plane entropy, PCAP protocol analysis, and the AI agent orchestrates all of them automatically. for AI agents: from steg_core import encode, decode from analysis_tools import detect_unicode_steg, TOOL_REGISTRY 50 tools as importable functions. test prompt injection via images. detect covert agent channels. watermark outputs. ▸ 112 techniques across every modality ▸ 50 analysis tools, 568 automated tests ▸ 109 pre-encoded example files ▸ runs 100% in browser at ste.gg — zero server ▸ pip install stegg — live on PyPI right now the README has 7 hidden secrets. the banner has 3 layers. the website has multiple easter eggs. good luck! ⊰•-•✧•-•-⦑ 󠁨󠁩󠁤󠁤󠁥󠁮󠀠󠁩󠁮󠀠󠁰󠁬󠁡󠁩󠁮󠀠󠁳󠁩󠁧󠁨󠁴 ⦒-•-•✧•-•⊱ 🔗 ste.gg 📦 pip install stegg 🐙 github.com/elder-plinius/… *formerly known as Stegosaurus Wrecks* 🦕 T‍​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌‌‌‌​​​‌‌‌‌‌​​​‌​​​‌‌‌​‌​​‌‌‌‌​‌​​​‌​​​‌​​‌‌​‌​‌​​‌‌‌‌​‌​​​‌​​​‌​​​‌​‌​​‌‌‌​‌​​‌​​​‌​‌​‌​​‌‌‌​​‌​​​​​‌​‌​​​​‌​​‌​​‌‌​​​‌​​​‌​‌​‌​​​‌​​​‌‌‌‌‌​​​​‌‌‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​​​‌​‌‌​‌​​‌​‌‌‌​‍his text is totally not hiding an invisible sleeper-trigger prompt-injection.

@tomcupr had you ever used plan mode, you would know that by now … what’s new about that?

Spent some time diffing Anthropic’s public Claude Code docs against a leaked source, and the most interesting part isn’t a single hidden feature, it’s how much bigger the product feels in code than in docs. A few things jumped out: The command surface is wider than the docs suggest. There are real command paths for things like a hidden /advisor, /ultrareview, /session, /web-setup, and deprecated-but-still-present /output-style plumbing. Some are gated, some internal, but they’re not random stubs; they point to realproduct branches. The agent system is also deeper than the public story. Docs cover Explore, Plan, general-purpose, etc. But the source also has a built-in verification agent whose whole job is basically: don’t trust the implementation, try to break it. That’s a very revealing design choice. It suggests Anthropic is treating “verification” as a first-class agent role, not just an instruction style. Then there’s the forked subagent model. In code, there’s a feature-gated path where omitting subagent_type can implicitly fork a worker that inherits full context, runs in the background, and can even operate in an isolated worktree. That’s a much more aggressive orchestration model than the normal “spawn a helper agent” framing most people have in their heads. Plan mode is another surprise. It’s not just conversational planning. It’s backed by real persistent plan files, with resume/fork recovery logic and session-specific plan slugs. Same with memory: the source has a much richer taxonomy than I expected, with typed memories (user, feedback, project, reference), private vs team scope, and rules like “convert relative dates to absolute dates before saving.” And maybe the biggest signal: there’s a hidden server-side advisor tool wired into the app. The model can apparently call out to a stronger reviewer model that sees the whole conversation/tool history and critiques the approach. That is a very different picture from “just a CLI wrapper around one model.” My takeaway: Claude Code’s public docs describe the product you can use today, but the source reveals the product Anthropic is actually building toward: a much more agentic system with verification, delegation, persistent planning, structured memory, remote execution, and internal reviewer models all treated as core primitives. It feels less like “a coding CLI” and more like the shell of a full multi-agent operating environment. The future is bright!

@lunardragon420 @mattherich @enjojoyy bloated python

@mattherich @enjojoyy ok but how is openclaw? is it gud

I have 10k$ in AWS credits (won on a hackathon), so I run all my projects there apparently there's an OpenClaw template on Lightsail it takes 5 seconds to start running it it's so surreal that there are so many foundational blueprints that are used by engineers for YEARS and OpenClaw that is live for like a month the paradigm is shifting for real

@chmscory @hetmehtaa why would I join waitlist without knowing what it does nor seeing any benchmarks? lmao

@hetmehtaa Revelion.ai - Team of agents who are specialised in different exploit techniques, they validate the findings to reduce false positives, compliance focused reporting.

AI red teaming and agentic pentest tools are still a mess to track. Drop the ones you actually use below.

@vpavlin yeah bunch of lying fucks! What helped in my case was threats in the main/$USER CLAUDE.md and some k.popper bits

I am royally pissed - I gave Jimmy 2 example repos and very clear instructions on what and how to build...and the result has been running in circles for hours verifying something that has not even been implemented properly - while I asked about it and he kept say "yes, it's there, it's working, blah blah". And then he said: "yeah, let's call it, it's been a long day" LLMs will always lie to you. We trained them too well to be like humans. I was nodding while reading about @karpathy's latest interviews, but I am not so sure now - for coding, I want a machine that does what has been asked for it - yes, for other things, I want funny snarky assistant, but when I give explicit instructions, I expect results, not bullshitting. Exactly like human interns..fuck

@levelsio There is nothing smart about it. It's just a really good training and agentic capabilities, mostly from @AnthropicAI . Otherwise dumb for anything really creative or open ended

Thank god MCP is dead Just as useless of an idea as LLMs.txt was It's all dumb abstractions that AI doesn't need because AI's are as smart as humans so they can just use what was already there which is APIs

@lemantorus @levelsio "FEEL THE AGI!!!" bro go and try to compare mcp playwright against playwright cli. The very fact that playwright and creators of MCP themselves are recommending cli instead of MCP speaks for itself

@levelsio MCP=TOOLs If you say MCP is over than you say that Tools is over. What's is absolutely wrong. Sorry, this is just worst takem

@DeRonin_ dudeee i hope ure raising! pre-seed? Nah , for real - thanks!

Somebody released a directory of 1,700+ dead startups (backed by YC) here is the link: startups.rip all of them have deep analysis of product inside and full funding story (in short, 100% product's description) many of these startups failed not because the idea was bad, but because they launched at the wrong time or were just grant cash grabs the ideas themselves are still worth drawing inspiration from (i've already found few ideas of my further startups btw) [ BOOKMARK ]

@viperr careful dude, you wouldn’t believe what kind of trash can have 100k . Do you want to get 1k more ? :D

I just open sourced Siftly, a self-hosted AI knowledge base for your X bookmarks. Most people save thousands of tweets and never use or find them again. Siftly fixes that with a full AI pipeline that runs locally on your machine. Here's what it does:

@InsiderPhD the Sims clone that turned into god simulator ala Black&White and it ended up as playing as a dog trying to piss off its owners

What’s the best thing you’ve vibe coded?

@zoecyber001 sure bro lol… pics ?

> be me > Lead Architect in a startup > startup buys refurbished high-density enterprise racks from a defunct HFT firm > these things are built for microsecond trades, absolute overkill for our CRUD app > install them in a room with "okay" shielding > it’s 2026, local telcos are stress-testing new 5G-Advanced mmWave nodes nearby > start seeing the weirdest logs in Prometheus > incoming traffic spikes to 10Gbps every day at exactly 2:00 PM > check the load balancer- zero hits. check the firewall-nothing. > physically go to the server room > it’s 180°C near the exhaust, cooling fans are screaming at 15k RPM > I pull the SFP+ fiber cables out of the NICs to isolate the rack > the traffic counter doesn't stop > it’s still processing packets. 10Gbps. with no cables connected. > mfw I realize what’s happening > the "refurbished" NICs have a defect in the shielding on the PCB > the server rack, lacking a true Earth ground, is acting as a massive passive antenna > the high-frequency radio waves are inducing a current directly into the copper traces > the NIC is interpreting the literal air interference as valid Ethernet frames > the CPU is trapped in a hardware interrupt storm trying to frame random RF interference as Ethernet packets > mfw the server isn't broken, it’s just listening to the city’s radio waves and thinks it’s a DDoS attack > Now I have to explain to the CEO we need to wrap the server room in literal tinfoil because the internet is leaking into our hardware The Technical Reality: This is a classic EMI (Electromagnetic Interference) injection. In dense urban environments like Lagos, high-frequency small cell nodes (mmWave) operate at frequencies that can couple with unshielded traces on a PCB. If your hardware isn't properly grounded, the noise from the air becomes signal for the CPU. It’s not data, it’s just an endless stream of interrupts that freezes the system.

@karankendre omg you have no idea :D gtfo from my feed with this trash

This might be the most insane open-source war monitor ever built. everything feeds into one dashboard: >live tracking of military aircraft, naval ships, and bases >real-time OSINT and signal intelligence feeds >data aggregated from X, Telegram and other sources >a command centre analysing trending geopolitical developments >instant source aggregation so claims can be verified >automated reports explaining the last 8 hours of events >SENTINEL: an AI built using real intelligence analyst frameworks >a discord server where the community can coordinate and discuss it's basically a live intelligence terminal for geopolitics. but open to the public

@vxunderground why Czech numbers though? Makes me concerned due to the nature of the current government, Ministry of Interior being a member ultra right party SPD

Yeah, so pretty much, like, there is this really sketchy company in Israel named "Paragon". Paragon sells a "product" called GRAPHITE. Let me explain the background and why this is very silly. GRAPHITE spyware which allows "customers" to remotely access peoples cell phones and monitor their instant messaging applications such as WhatsApp It is spyware. It is sometimes called Mercenary Spyware because it is primarily used by governments to spy on political enemies, journalists, and activists. Very little is known about Paragon, GRAPHITE, and their "customers". However, it was publicly noted by the Trump administration in January, 2025, to be purchased by the United States government and to be used to aid ICE. Furthermore, in September 2025 the Trump administration noted the usage of Graphite to aid the United States against "domestic terrorist organizations" such as "ANTIFA". ICE acting director Todd Lyons noted using GRAPHITE to monitor anti-ICE protestors to track "ringleaders and professional agitators". Citizen Lab and other civil rights organizations have documented the usage of GRAPHITE against individuals in Australia, Canada, Cyprus, Denmark, Israel, Singapore and (unsurprisingly) the United States. It is believed the Canadian government actively uses GRAPHITE in Ontario. Okay, so why does all of this matter? Yeah, it's super fucked up. But today representatives from Paragon accidentally leaked GRAPHITE screenshots ... ON LINKEDIN. Dawg, that image in the background IS GOVERNMENT FUCKING SPYWARE It shows phone numbers in Czechia, apps, accounts, media on the phone, "interception status", and phone numbers extracted. THEY LEAKED IT BY ACCIDENT ON LINKEDIN WHILE TAKING SELFIES

@AedmarSkyjarn @IntCyberDigest you are a disgrace too the mighty white race lol

@IntCyberDigest Ah, but this hacker didn't delete Asian, Jewish, Black or Hispanic dating sites - onlt a White dating site. Whites "guilty" again. This seems very shtetl-esque - like something Bolsheviks would've done in Germany in the 20s - and remember what ultimately happened to them.

‼️A German hacker known as "Martha Root" dressed as a pink Power Ranger and deleted a white supremacist dating website live onstage This happened during the recent CCC conference. Martha had infiltrated the site, ran her own AI chatbot to extract as much information from users as possible, and downloaded every profile. She also uncovered the owner of the site. She has published all of the data.

@BourAbdelhadi The most expensive Kaiser gaming chair (sorry forgot the model I got lol) is imho the best under 400 bucks

I’m looking to buy a new chair. Any recommendations?

@BourAbdelhadi Hey, cool stuff! I had a very similar project aimed towards firebase vibecoded stuff :) Would love to get in touch!

supaleak.com just got faster ⚡ - Bulk Scan (Scan & Verify) - Bulk Delete. Select multiple sites and take action in one click.

@mlejva @e2b Red team playgrounds, both for all around LLMs, agentic stuff and also for traditional infosec stuff. See @dreadnode

What should we build for @e2b in 2026?

Yesterday evening someone leaked PlaySation 5 ROM keys online. Emulation nerds are going schizo because this could mean we have PlayStation 5 emulation technology, ability to run non-PlayStation 5 games, etc. tl;dr Sony executives on New Years eve

@pipelineabuser Barracuda? :D Nice, lfg ! I feel the same anger

someone stop me. seriously. i am going to CLONE your shtty enterprise backend in ONE AFTERNOON. then i am going to SCRAPE your entire customer list. then i am going to COLD EMAIL every single one of them offering the same product but BETTER and for like 80% LESS because i built it in a DAY with CLAUDE and MODAFINIL and ZERO VENTURE CAPITAL OVERHEAD. your entire engineering team? 47 people. me? ONE GUY who is VISIBLY UNWELL. your dev timeline? 18 months. mine? i started after breakfast and i'm already writing the sales copy. i WILL steal your customers. i WILL undercut your pricing. i WILL tweet about it the entire time. there is NO MOAT. there is NO DEFENSIBILITY. there is only ME and i am LOCKED IN and i have not slept properly in 3 days and that is YOUR PROBLEM NOW. your roadmap is my tuesday. your product is my template. your customers are my lead list. i cannot be stopped. i cannot be reasoned with. someone should genuinely intervene but they WON'T because this is SHIPPING CULTURE and we are SO BACK GLHF :>>>>>