Sabitlenmiş Tweet
Red
3K posts
Red
@TheRedWall__
e/acc | Cyber Security x AI | Adversary Emulation
Katılım Eylül 2024
744 Takip Edilen294 Takipçiler
> be Cursor
> watch every AI lab pour billions into coding models
> get called the dying IDE while they raised
> quietly ship Composer 2.5
> 63.2% on CursorBench at $0.55 per task
> match Opus 4.7 Max and GPT 5.5 Extra High
> at 1/20th the price
> turns out cheap and good was the play
BridgeMind@bridgemindai
New CursorBench results just dropped. Two big takeaways. Composer 2.5 is way better than most people think. 63.2% score at $0.55 per task. Nearly matching Opus 4.7 Max and GPT 5.5 Extra High at 20x less cost. This is insane value. Gemini 3.5 Flash is #10 at 49.8%. Below GPT 5.5 Low. Below Opus 4.7 Low. Google's newest model can't even beat budget tier competition. Composer 2.5 is the sleeper. Gemini 3.5 Flash is the disappointment.
English
Got a long flight coming up. Tell me your favorite tech talk that came out in the last year or two so I can download it for the plane.
English
Can someone correct me if I'm wrong but I don't think this is worse than normal?
Like this seems pretty normal to me vibes wise as someone whose worked in this industry for a few years
Is this a case of just more coverage?
Theo - t3.gg@theo
Security things from the last few days: - CopyFail (linux pwn'd) - CopyFail 2/Dirty Frag - 13 advisories in Next.js - Over 70 CVEs addressed in MacOS 26.5 - ~50 CVEs addressed in iOS 26.5 - YellowKey (Windows Bitlocker pwn'd entirely) - GreenPlasma (Windows privilege escalation) - CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE - CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access - Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning) - Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too" - Canvas (popular LMS used in most schools) pwn'd entirely - PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300 Are you scared yet?
English
@ZackKorman @HackingLZ I feel like LOLLM should be reserved for abusing a local llm lmao
English
GOOGLE 🔥: An upcoming Gemini Omni video model from Google is expected to be much more advanced in video editing, capable of completing tasks like removing watermarks, replacing objects in the video, and more.
It is also likely that Google will release 2 versions of this model, including a Pro variant.
And I assume what we see isn't Pro?
Anime sample 👀
Just a dragon@Waguri_Kaoruko8
🫨Google is creating a new Omni model with good video editing. Veo4? The original is on the left. Edited right. The new model also does a good job of removing watermarks from videos.
English
@IceSolst @ZackKorman @loop0420 @eliedelkind Honestly the biggest double edge sword in this industry. Everything is met with skepticism, even the personal project I’m super excited about and sharing with the team 🥲
English
English
It is exhausting dealing with some of these folks that aren’t seeing the light…
Zack Korman@ZackKorman
Average experience posting about cybersecurity on here. Going to use this post as a reply from now on.
English
@dillon_mulroy I basically always want skills to be auto invoked. I load up 100+ skills hand selected to curate the agent to my needs with the assumption that they get auto invoked. Maybe you should be building custom commands instead?
English
i think skills are a mistake and the wrong abstraction. i almost never want my agent auto invoking them and i have built custom tooling to "toggle" them on/off to prevent them from always being present in my context window.
English
@VelvetSignal999 @allgarbled Idk I find TDD is a peak approach to coding agents
English
@allgarbled What’s your test writing strategies?
I feel like TDD doesn’t work perfectly w agents because rarely will they write all the edge cases at first
English
@emollick @legit_api > this is a general purpose model that just happens to be good at finding exploits
This is no longer true. The labs are actively adding training data to improve these skills
English
So Mythos was, indeed, not marketing hype.
Remember this is a general purpose model that just happens to be good at finding exploits because good models are good at lots of things. Expect similar from OpenAI & Google. And from open models in 8 months. hacks.mozilla.org/2026/05/behind…
English
Red retweetledi
Time to explain what Embroidery does: We monitor AI agents like Claude Code and Codex to detect and alert on dangerous behavior.
Companies are giving devs access to these tools, but if something bad happens they probably wouldn't know.
Details on how it works below.
English
@GrahamHelton3 @cyber_rekk Hiring managers like the extra education as a credential so it’ll boost your chances of getting an interview
English
@TheRedWall__ @cyber_rekk Im about to graduate with my masters and dont know what adding it to my resume will add unless I wanted to go down the teaching route
English
Is it still worth it to get a masters degree in cybersecurity in 2026?
Sam Altman@sama
we're starting rollout of GPT-5.5-Cyber, a frontier cybersecurity model, to critical cyber defenders in the next few days. we will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure.
English
is anyone else always lol at the fact that we spent YEARS trying to figure out hybrid search, document embeddings, "RAG" and graph databases, just for the models to improve enough to wield tools against a filesystem, and the SOTA achieved by Doing Literally None Of That
English
@techspence User: *give me bad advice*
AI: *gives bad advice*
User: oh my god
English
Labs that fail to dogfood their models are doomed to have shit models. Evident with Gemini, where deepmind largely uses Claude. Soon to be evident with Claude Opus, where Anthropic will largely be using Mythos. OpenAI will be the only good provider if this pattern continues and that’s a shame
English