Ryan

I genuinely don't think people are talking about this enough. --sdk-url is a non-documented Claude Code argument that circumvents your corporate Claude 'remote control' policy and allows outbound connections to any server. Claude can quite literally be considered a C2 framework.

After doing just cloud stuff for so long, I figured I should hop on the AI train, so this is my first dive into AI security research beyondtrust.com/blog/entry/cla…

I'm looking for a senior/staff level researcher to join my team @btphantomlabs. I'm looking for someone who: - Has research experience in the Cloud, identity, and/or AI space - Understands attack path management + graph theory - Active directory knowledge is a plus - History of making blog posts/webinars/conference talks/etc. is also a huge plus This is a full time research role on a dedicated research team. Fully remote, competitive salary. Apply here: beyondtrust.com/company/career…

Breaking: Newly uncovered OpenAI Codex vuln enables command injection via GitHub branch names in task creation requests. Attackers could steal GitHub user access tokens & sensitive data. Full breakdown by Tyler Jespersen: lnkd.in/ewdTaiEa #OpenAI #BTPhantomLabs

Microsoft Threat Intelligence has observed threat actors actively experimenting with techniques to bypass or “jailbreak” AI safety controls. By reframing malicious requests, chaining instructions across multiple interactions, and misusing system‑ or developer‑style prompts, threat actors can coerce models into generating restricted content that bypasses built‑in safeguards. These techniques demonstrate how generative AI models are probed, shaped, and redirected to support reconnaissance, malware development, and social engineering while minimizing friction from moderation. AI guardrails have become dynamic surfaces that attackers test and manipulate to sustain operational advantage. As AI becomes more deeply embedded in enterprise workflows, understanding how attackers test and manipulate these guardrails is critical for defenders. Learn more about securing generative AI models on Azure AI Foundry: msft.it/6013Qs5oX

Introducing Praxis, an adversarial framework for discovering, controlling, and orchestrating computer-use agents running on endpoints. Announcement → originhq.com/blog/praxis-an… Get Praxis → praxis.originhq.com

@JonnyJohnson_ @zodiacon lmk if you ever want a mentor in wii golf

I'd really like to take a moment and give a shoutout to @zodiacon. Over the past several months (and continuing this year) I have had a private mentorship with Pavel where we go over Windows Internals, Systems Programming, etc. This mentorship has helped me significantly in understanding Windows better, as well as making me a more confident researcher/programmer. A reminder: You will never know it all, and you should always push yourself to cover knowledge gaps😃

🦀🦀In the beginning was the Prompt, and the Prompt was with the Void, and the Prompt was Light. 🦀🦀 jpcaparas.medium.com/ai-agents-now-… Easily the funniest thing I've read so far this year

I wanted to write something since it's been years, but I would constantly shut myself down because I had no CVEs, new tooling, etc., to share. Then I remembered someone I highly respect once said "If you find it interesting, then it's worth writing about. That's all that matters"

Dusting off the ol' blog with some notes on Azure Storage Accounts attacks and detections. hausec.com/2025/12/15/azu…

Fun fact: If you're forwarding events from Azure to Log Analytics, the TenantId field isn't your EntraID tenant. It's the Log Analytics workspace ID. Because that makes sense.

@0xdab0 clemson still aint winning the natty

It will happen when the weather cools

@0xdab0 @_xpn_ Sounds like drowning it in the river will fix it

@_xpn_ It really is. I've searched Apple docs and nobody has a great way to fix it

If this notification doesn't stop, I will drown this laptop in the river

I merged a PR from @ScoubiMtl that now includes compatibility with BHCE. Thanks @ScoubiMtl ! github.com/hausec/Bloodho…

@0xdab0 like which

I want stickers to be a first class citizen on every platform. I want the same sticker packs on iMessage, Signal, Slack, and Discord Although there's some Signal sticker packs I would never want to leave Signal

@HackingLZ Then you remember the front

Whenever someone talks about 996 here this is all I think of

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

@corg_e Probably the most overrated book I've read. I thought the ending would be crazy or something and it ended up being worse than the rest of the book.