CHALK

There is nothing more powerful than well-informed optimism. It has to be well-informed though. The "everything will be fine" type of optimism may also be somewhat useful, but it's not as useful as the "Hmm, what if we tried x?" kind.

12 years later, public offensive research is even more critical. With P0 less active, well publicized offensive research against modern systems is harder to find. The complexity, secrecy, and contextual nature of existing mitigations require deep understanding to assess bugs.

who wants more free open source software??

I see the whole battlefield from my POV. I live it every day. All the vulns. All the risks. All the potential. And you know what? We fuckin GOT this. The human spirit has been mogging x-risk since day zero. And we’ll fuckin do it again.

Can AI replace security platforms? I asked Claude to build a CrowdStrike replacement. Claude: "I have to be straightforward: building a replacement for CrowdStrike isn't something I can do here. CrowdStrike is a massive platform built by thousands of engineers over a decade-plus. Its core capabilities include real-time kernel-level endpoint monitoring across millions of devices, a proprietary threat intelligence graph built from trillions of security events...That's not something you can replicate with a script — it's an infrastructure product." If you want to create AI, you need GPUs. If you want to deploy AI, you need security. That's not a hallucination – it's a fact. Watch the demo → youtube.com/watch?v=ilVWaT…

They're not stealing credentials anymore. They're stealing your AI's model of who you are. 20% of skills poisoned on @openclaw. Now someone wants to give these AI agents access to bank accounts. The weaponization phase has begun. rekt.news/identity-theft…

Vibe coding is here. Vibe research is next.

The next Vitalik is not building a blockchain

The PayPal main account is tweeting Hyperliquid Just wrap it up man

10 years of Ethereum.

⚡️ INSIGHT: A North Korean crypto spy pretending to be a Japanese crypto dev walked into a fake job interview set up by security researcher Heiner Garcia. Cointelegraph was invited to attend undercover. By the end, he rage-quit and left behind a trail of breadcrumbs.

What is your favorite Phrack article? What did it teach you?

Join us on war against Lazarus - lazarusbounty.com Industry first bounty site that shows aggregated full transparency on the sanctioned Lazarus money laundering activities. V1 includes: - Becoming a bounty hunter by connecting your wallet and help tracing the fund, when your submitted bounty leads to freeze, bounty is paid upfront upon instantly at freezing. -All freezer gets 5% of the bounty, exchange, mixers and all. - live ranking of good and bad actor and their response time to deal with the sanctioned Lazarus group transactions. You don't want to end up on the bad actor list , it's a record of you helping to facilitate sanctioned transactions. - Live API wallet address update for exchange, Chainanalysis, @arkham @elliptic @trmlabs We have assigned a team to dedicate to maintain and update this website, we will not stop until Lazarus or bad actors in the industry is eliminated. In the future we will open it up to other victims of Lazarus as well. V2 coming up: -Live update on latest wallet with latest balance, this will serve as open bounty, bounty hunter can claim a wallet and own that part of the journey for x amount of time when the wallet is moving. -Regulator Tools - **More idea, feedback welcomed, please leave at comment, a lot more improvement needed** LET THE HUNTING SEASON BEGIN!

praying to god we have the first president of the united states to perform a rug pull

@vxunderground @cyberwarfarelab

Good morning, we're now on giveaway number 20. Our friends at @cyberwarfarelab hooked us up with 5 vouchers for the CCSE (Certified Cyber Security Engineer). See course description in subsequent tweet. If you want to cybersecurity, and be certified, or whatever. Leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize

You are not aggressive enough. You need to be wartime mode maxxing. You need to be let’s outship the yappers. You need to be EIP stacking. You need to be mog the concernoors. You need to be unapologetically pushing weapons grade code. You need to be let’s accelerate now.

@cantinaxyz i think bro snagged all the vulnerabilities 🤔

Giveaways left in the queue... we've gotta get through all of these before Christmas, we gotta pick up the speed - Sektor7 Malware Development Essentials Course - Sektor7 Malware Development Intermediate Course - Sektor7 Malware Development Advanced Vol.1 - Hands-On KQL for Security Analysts (x5) - TorGuard VPN 1 year subscription (x10) - xG3 Injectable Biomagnet v2 - The Definitive Guide to KQL (eBook) (x10) - Certified Red Team Professional (x3) - Certified Red Team Expert (x3) - Certified Azure Red Team Professional (x3) - Malcore Lifetime Reverse Engineer Plan (x10) - 1336_0ff_by_0ne malware graphic shirts (x12) - $150 of vx-underground merch - $15,000 of cash giveaways - Certified Cyber Security Engineer (x5) - Enterprise Security Controls Attack Specialist (x10)

holy shit immutable smart contracts just beat the treasury department in court "we hold that Tornado Cash's immutable smart contracts (the lines of privacy-enabling software code) are not the "property" of a foreign national or entity, meaning (1) they cannot be blocked under IEEPA, and (2) OFAC overstepped its congressionally defined authority" incredible the degree to which crypto is killing it in federal courts

A fuzzing masterpiece! 🔍 Thrilled to share almost 2 hours of groundbreaking research on automated vs manual bug hunting and fuzzing efficacy. @KrisRenzo's data shows 87% better detection rates, yet manual hunting still leads in payouts. The results will change how you think about Web3 security 👀 youtube.com/watch?v=BBw_od… Huge thanks to @drosera_network @zokyo_io @ethereum for sponsoring our work.