Blaze

@shellterproject "People underestimate how much of this work is about stability, not cleverness.  Anyone can make something that works once.  Engineering is making it work everywhere." - 10/10

Why Building Loaders for Yourself Is Easy — and Building for the World Isn’t. shellterproject.com/why-building-l…

@ryancarson Move out of the US, and you will be fine. Once you’re out of that bubble, you will see that your USA struggles are unique.

GitLab announced a layoff today. Please take this seriously. There will be many, many more. Your assignment is clear: Get skilled with agents and practice shipping to prod. It doesn't matter if you're HR, eng, infra, customer success, admin, ops, sales, whatever. As a Founder/CEO, I can tell you that I won't be hiring any employees who aren't really skilled with agents and able to ship to prod. I'm not alone in this. There is no 'engineering' org in the future.

@Tim_Denning AI is lowering the perceived bar of entry, allowing ignorants and idiots to also join conversations and fields of expertise they could not participate in before. How this is seen as a good thing, can only be attributed to our ignorant leaders who put cost saving over performance

Unpopular opinion: AI is removing low performers in every field who refuse to upskill.

@Matt_R_Steele @Daily_MailUS Leave trees out of this dude

@Daily_MailUS If aliens exist wood that destroy scripture? I answer with a resounding “no” There are major semantic challenges between theologians and agnostics. You say “alien” and we say “demon”. It still works.

Religious leaders told 'prepare now' for UFO disclosure to unleash Bible-changing revelations

@cyb3rops It does not require admin, if threat actor compromises a user, they can get that users passwords in plaintext, tested this earlier today.

A few notes on this. Other browsers also decrypt saved credentials into memory when needed. The issue here is the scope and timing. If Edge keeps more saved credentials resident for longer, or preloads them even when they are not used, that increases the exposure window. The “needs admin” argument is also too simple. Yes, local admin is already a bad situation. But that does not make design choices irrelevant. We learned with LSASS that sensitive material in memory still matters, even after compromise. Good designs reduce exposure where they can. The more interesting part to me is the direction this points to. Saved passwords are still relevant, of course. But many high-value services now have MFA, risk-based login checks or SSO in front of them. So the more valuable target is often not the username/password pair anymore, but authenticated browser state: - session cookies - OAuth tokens - refresh tokens - cloud session artifacts - SSO-related material Those can give access to Microsoft 365, Azure, AWS, Google accounts and other high-value services from an already authenticated context. That is the part I find more worrying than saved password dumping. I expect we’ll see more focused tooling around extracting and abusing those high-value browser sessions.

@adamghowiba Seeing the way corporates are implementing AI to solve automation, I firmly believe that we are where we are now in tech because developers were asked to automate and decided it was a good idea to say it can’t be done. Now corporates are solving these problems without them.

JP Morgan's investment research team just shared exactly how they built their multi-agent system "Ask David", and it's the same architecture pattern showing up everywhere: - supervisor agent orchestrates - specialized subagents handle retrieval, structured data, analytics - LLM-as-judge reflection node before the answer ships - human-in-the-loop for the last accuracy gap worth watching for anyone building:

@0x534c @CyberEdition If you already have WSL installed, you don’t need an exploit to get root, while I do understand the zero telemetry point of view for MDE, this is not true for other security software.

CVE-2026-31431 Windows WSL2 ROOTED No MDE log telemetry recorded.😅 #Cybersecurity #DefenderXDR #CVE202631431

@vxunderground We’re in hype cycle number 3000

I am so incredibly tired of hearing about AI Everytime I look up anything cybersecurity related it's all a big ass fuck off circus discussing AI It's not even like, an explanation on AI, or some sort of deep dive, or nuanced perspective. It's all superficial and more akin to a sales pitch than an actual discussion topic. O gracious Lord, if Thou hearest me, pray let this great uproar be stilled.

@sec_hub93028 The best way forward is passion and self-taught skills, then qualifications. Then the certs are not about learning but about proving something. Certs have become about learning which is wrong.

@atheosblazezero What if someone is passionate about the subject but uses certs as a structured guided approach to learning?

Is it possible to have a successful cybersecurity career without any certifications?

@cyb3rops This is my favourite post by @cyb3rops

LinkedIn has turned into a mess AI-generated posts hyping the “hack of a world-ending” AI model, and AI-generated comments reacting to it at some point it’s just machines talking to each other

@Internethunts What? You want my WiFi password? I don’t even know you

@sec_hub93028 Greatest Take Of All Time

Cybersecurity != Hacking

@muheediva01 Degree = Think you can do the job Skill = Can actually do the job Smart people don’t care about degrees. Intelligence is not paper.

Higher paying jobs require degrees. Stop letting these people lie to you, education quite literally does matter.

@thsottiaux The ability to retain memory for each local project indefinitely. I’ve tried to create my own version of this via RAG, DB, Wiki, MD in my local repo’s but codex always forgets something. Think a dev coming back to a project 6 months later to make improvements.

Hello builders. What are we getting wrong with Codex, what can we improve?

@sec_hub93028 Vibers are dumb as fuck, you give them too much credit.

Vibehackers are the new script kiddies.

@Tshepo591694751 @Rendani666 Most messed up thing about this is that recently they were on a hiring drive for Cyber Security resources. 😭🤣

@Rendani666 Lol the most confusing thing about Standard Bank is that almost everyone that I know who works there has an IT qualification… so I can’t help but ask, what the hell are they hired to do

The fraud team there needs some serious help in preparing what’s gonna happen soon as the data is sold to syndicates.

@UK_Daniel_Card I’ve literally taken a long break from AI news, it’s all the same trash, repeating itself everyday. What a shit show. When they said AI will lower the barriers of entry, I did not expect all these dumbasses to come out of hiding.

I am getting quite fed up with hearing about AI nonsense....

@AISecHub @_aircorridor @three_cube You do not need AI for this.

Artificial Intelligence in Cybersecurity: Using AI for Port Scanning - hackers-arise.com/artificial-int… | github.com/peter-hackerta… By @_aircorridor at @three_cube Nmap has been the gold standard of network scanning for decades, and over this time, it has obtained hundreds of command-line options and NSE scripts. It’s great from one side, you can tailor the command for your needs, but on the other side, it requires expertise. What if you could simply tell an AI in plain English what you want to discover, and have it automatically select the right Nmap commands, parse the results, and identify security issues? That’s exactly what the LLM-Tools-Nmap utility does. Basically, it bridges the gap between Large Language Models (LLMs) and Nmap.

@BellaBaddie__ The realisation that Anxiety and Depression is self inflicted. I’ve been healed ever since the day I realised that.

Without medication, what's the best thing against anxiety and depression?