Foster Nethercott

I'm looking forward to sitting the alpha run of the new SEC536 course on Adversarial AI this coming Monday and Tuesday! Congratulations to the authors @bettersafetynet and @OSTact13! sans.org/cyber-security…

🚨 NEW WEBSITE HELPS YOU AVOID FLOCK CAMERAS DontGetFlocked.com lets you plug in your start and end points, then maps how many ALPR/Flock cameras you’d hit and shows alternate routes that keep you off their surveillance grid. Because privacy shouldn’t require permission.

Registration is OPEN for Find Evil! the first hackathon for autonomous AI incident response. Built by the community, for the community. $22K+ in prizes. Mission: Make Protocol SIFT, the framework connecting AI agents to the SIFT Workstation's full toolset, into a fully autonomous incident response agent. SIFT Workstation is a beat to shreds, open-source incident response platform with 200+ tools. 19 years of community development. 60K+ downloads annually. No incident response background required. New to AI? Good. Get your hands on the tools and learn with us. Registration open April 1. Hackathon starts April 15. Submissions due June 15. Register: findevil.devpost.com Read more: robtlee73.substack.com/p/registration… Sponsored by @SANSInstitute

Anthropic accidentally leaked their entire source code yesterday. What happened next is one of the most insane stories in tech history. > Anthropic pushed a software update for Claude Code at 4AM. > A debugging file was accidentally bundled inside it. > That file contained 512,000 lines of their proprietary source code. > A researcher named Chaofan Shou spotted it within minutes and posted the download link on X. > 21 million people have seen the thread. > The entire codebase was downloaded, copied and mirrored across GitHub before Anthropic's team had even woken up. > Anthropic pulled the package and started firing DMCA takedowns at every repo hosting it. > That's when a Korean developer named Sigrid Jin woke up at 4AM to his phone blowing up. > He is the most active Claude Code user in the world with the Wall Street Journal reporting he personally used 25 billion tokens last year. > His girlfriend was worried he'd get sued just for having the code on his machine. > So he did what any engineer would do. > He rewrote the entire thing in Python from scratch before sunrise. > Called it claw-code and Pushed it to GitHub. > A Python rewrite is a new creative work. DMCA can't touch it. > The repo hit 30,000 stars faster than any repository in GitHub history. > He wasn't satisfied. He started rewriting it again in Rust. > It now has 49,000 stars and 56,000 forks. > Someone mirrored the original to a decentralised platform with one message, "will never be taken down." > The code is now permanent. Anthropic cannot get it back. Anthropic built a system called Undercover Mode specifically to stop Claude from leaking internal secrets. Then they leaked their own source code themselves. You cannot make this up.

There is a project on GitHub called Axios. Axios is extremely popular. It is used by millions upon millions of applications. Axios is a programming library that helps your JavaScript code make HTTP/S requests (communicate with websites). In simple terms, if you're a programmer doing something with JavaScript, and want to do stuff that communicates with a website in literally any capacity, people heavily recommend using Axios due to its simplicity. Using Axios you don't have to reinvent the wheel and do a bunch of work. All you need to do is import Axios into your code and you're off to the races. Someone (currently unknown) compromised Axios (currently unknown how) to deliver malware to people. When someone updates or installs Axios, Axios itself contains malware. What the malware does is (currently) unknown, but it is being reversed engineered by probably every malware analyst on the planet at this moment. In a few hours more details will emerge. Information is being exchanged in real time on social media and private communication platforms as I write this. Due to the size and popularity of Axios, it is unknown how many are impacted, it could be millions, it could be thousands, or if we're lucky, only hundreds of people or organizations will be impacted. If this is absolute worst case scenario, millions of organizations across the planet have been infected with malware which (currently) we do not understand. However, the likelihood of this is low. It appears Axios being compromised was detected quickly, potentially within minutes (or hours) of it being compromised to deliver malware. Additionally, the likelihood of every single Axios user updating Axios as soon as it was compromised to deliver malware is astronomically low. It is basically zero. The impact from Axios being compromised is devastating, the fallout from this will be a massive headache. This is unironically a malware nuclear missile and will likely be studied in the future.

🚨 CFP OPEN 🚨 HTH 2026 | June 3–5 | Columbus, OH Theme: Spaceballs. Ludicrous speed engaged. 🛸 Technical. Hands-on. No vendor fluff. Got scar tissue to share? Submit it. 🗓️ Deadline: March 6 👉 Proposal link: hthackers.com/cfp

> checks if cloudflare is down > visits downdetector > doesn't work > they use cloudflare

@bettersafetynet I'm hoping this goes without saying but Silicon Valley.. I also second the good place.

any tips/pointers for funny/wholesome shows? Stuff like Parks & Rec, Ted Lasso, Brooklyn 99. Will need something to queue up in a few weeks once a major project crunch ends. I need something to let the grey matter ooze out and enjoy while doing so.

Titanus already getting weaponized. Won't be long before more red teams realize this is a coffloader level release.

Oct 24, learn how SEC535 teaches red teamers to integrate AI without losing judgment with recon, phishing, malware & more. 🔗 sans.org/u/1CVK #AI #RedTeam #SEC535 #SecurityAutomation

@bettersafetynet @cantcomputer

@cantcomputer I can't be the only one who puckered a bit reading that, right? That boom gonna bust eventually, no? Would love to be wrong

🤯

Join us at SANS Hack & Defend Summit in Austin when @OSTact13 leads a hands-on workshop on how attackers use AI to craft convincing lures — & how you can defend against them. 🗓️ Oct 28–29 | Austin, TX 🔗 Save Your Spot: sans.org/u/1AWG

Join us at Hack & Defend Summit in Austin when @OSTact13 leads a hands-on workshop on building a functional keylogger with AI — adding advanced features & defenses along the way. 🗓️ Summit: Oct 28–29 | Austin, TX Save Your Spot: sans.org/u/1AWB

@flakpaket @XboxGamePass Wait.. you guys have time for video games?

Seriously @XboxGamePass? A 50% increase?!?

@bettersafetynet @JackPosobiec Keith Olberman?

@JackPosobiec who? show me a serious player on the left who fits these claims. yes, there are fringe folks... but they're just that... fringe. who has a follower count of over 10k (that's a pretty low bar) that fits your complaint

They’re mad about Jimmy Kimmel being silenced from his show, but OK with Charlie being silenced for life

@bettersafetynet I have a slide dedicated to this in 535 😅

me: the difference between malware and software is intent. random: but what about EDR? me: I didn't stutter.

It honestly doesn't even feel like diminishing returns, it feels like decaying returns.

The "greatest" AI solution the world has ever seen.

Anyone that has talked to me about AI knows that I've been ranting about this for a couple of years now. The future is highly specialized models that are far more resource efficient, not in massive models that can do everything.

@bettersafetynet I think we also have to consider what task is being performed, and the extent to which people hate interacting with machines for some of them. I will always use self checkout if possible, but dealing with customer service bots is going to kill me one day.

I'm so sorry that you were lied to. Your work ethic means nothing in the face of automation. You cannot and will not be able to beat a machine.

It's incredible how far we've come as a species. Just a few short years ago we used to put our symptoms into WebMD so it could misdiagnose us. Now we put it into GPT 5 so it can misdiagnose us.