Nate Dunning

"That Lance Armstrong was a magnificent athlete"

@adshotco @Hesamation It exists. Check out Jack&Jill

@Hesamation we live in a timeline where AI applies to 700 jobs for you and the recruiter on the other end is using AI to screen your AI-written resume. at some point two AIs are just gonna negotiate a salary and cc the humans on the offer letter

bro created an AI job search system for Claude Code that scored 700+ job applications and actually got him a job. AND IT'S NOW OPEN-SOURCE. It scans multiple company career pages, rewrites your CV per job, and even fills application forms. The repo has: > 14 skill modes (evaluate, scan, PDF, ...) > Go terminal dashboard > ATS-optimized PDF generation via Playwright > 45+ companies pre-configured (Anthropic, OpenAI, ElevenLabs, Stripe...) GitHub: github.com/santifer/caree…

@CR1337 @three_cube He is one of the inspirations for my company - @osspreysecurity! We're working to detect and prevent future XZ Utils, Shai Hulud, and other sofrware supply chain threats!

When Andres Freund, Linux kernel contributor & Microsoft engineer was debugging slow SSH logins on his Debian machine in March 2024, he noticed something weird: liblzma (part of XZ Utils) was using way too much CPU power, so he kept digging, and what he uncovered was a multi-year supply-chain attack! An attacker using the name “Jia Tan” had spent two years slowly infiltrating the tiny XZ Utils project, a compression library used by virtually every major Linux distribution. The backdoor wasn’t in the source code. It was hidden deep inside the build scripts. It would have given the attacker remote root access on millions of servers the moment a specially crafted SSH key was used. Freund caught it days before it would have shipped in Debian, Fedora, Ubuntu and more. One man, one anomaly, one routine debug session saved the internet from a potential catastrophe. Respect!

A new wave of #TeamPCP malware embedded in #telnyx versions 4.87.1 and 4.87.2 on #PyPI. Full analysis is on our blog. If telnyx is in your dependency tree, check your installed version now. ossprey.com/blog/telnyx-py… #SupplyChainSecurity #PyPI #OpenSource

@FiredForEffect @vxunderground Im building out my skills library this week. Any tips or pointers where to start for a good set of baseline security skills? I also do a lot of malware reverse engineering

It's a context issue. Models using web chat interactions can provide some good info and research (including valid attack chains) but fall short of Claude Code. The key for offensive workflow is building the proper skills. Mine reverses far faster and better than I ever could. The prompt and skills are their own form of programming. The limitations come primarily from your existing infrastructure, dependencies, and skillset. The common slop usually originates from people lacking these and the knowledge gap keeps them from realizing it.

I don't understand why everyone is so obsessed with Claude and OpenClaw

Hey, anything happening this spring/fall (depending on your hemisphere)? 28 BSides on the calendar for September 20 in October 21 in November

@_mjmeyer Crazy that @github hasn't just auto-flagged every repo with s1ngularity in the name.

New from Ossprey: PyPI is cracking down on domain resurrection attacks by invalidating expired maintainer domains. 1,800 accounts un-verified in just 2 months. Time to check if your dependencies rely on revoked maintainers. Full blog: ossprey.com/blog/pypi-doma… #OpenSource

@nqatpod DDG wasn't physical but he never got so consistently bullied

Altay is the flappiest keeper ever

Hey AI fans, listen up. What OpenAI did is seriously uncool for lots of orgs. With the release of GPT5, they removed all the old models. This is a MASSIVE problem for orgs that need to have validation and change control of all components. boo

@bettersafetynet There is some really solid advice here. I came 🤏 to having to deal with this when I was IR, but luckily, the case was supported by federal authorities, and my skills weren't needed. Sometimes, fighting the good fight leads to wicked places. Thanks for sharing, Mick.

It's critical that you offer lots of support for those working CASM and other human trafficking cases. 1

This meme is everywhere. Let’s be kinder to each other. Making fun of an almost-80-year-old falling on the stairs has no place in our politics.

So Elon goes "Kill the Bill!" and Trump goes "Elon has TDS!" so Elon goes "I'm the reason Trump won!" so Trump goes "we waste billions on Elon!" so Elon goes "Epstein!" and a flunkie goes "Deport!" and Elon goes "Impeach!" And THAT'S why women are too emotional to be President.

@FUT_Accountant Heyo Nate, I dropped of FC a few months ago. When do I need to preorder the next FC in order to get the extra packs and evos? Cheers

The possibilities with the new season pass Evos are endless 🤔

These were the scenes inside Old Trafford as Harry Maguire took the roof off the Theatre of Dreams with his winner in the 121st minute. Manchester United trailed 10-man Lyon 4-2 on the night with just six minutes to play, before three goals completed one of the most famous comebacks in the club's history. #MUFC | #UEL 🎥 @lauriewhitwell

@PhillipWylie Great listen for anyone developing a brand in tech or interested in creating content!

Talking Content Creation and Marketing with Zach Hill podcasters.spotify.com/pod/show/phill…

Happy to announce that we have graduated from the Plexal Grow Cyber Security Accelerator! With over 60 sessions and countless insights, you can learn more about our experience with Plexal here: ossprey.com/blog/cyber-run… #SupplyChainSecurity #OpenSourceSecurity #CyberSecurity

@nqatpod If we somehow made that happen, that's also a lot of bodies going out the door for a team that can't keep anyone fit. How many would you say we'd have to bring in just to have a team with minimal coverage?

Not just cash that Utd need to look at; its book value vs fee vs savings on wages Antony requires ~£34m for PSR breakeven Casemiro ~£12m Mount ~£33m Eriksen, Evans, Heaton, Lindelof leave on frees Sancho is small book profit Rashford option at £40m may cover shortfall elsewhere

Marcus Rashford - All goals for Manchester United x.com/DznerBurner/st…

Marcus Rashford joined United as a boy and cost the club nothing. In fact over his career, he's cost the club less than the transfer fee of a few players presently at United. 2x POTY. 2x Top Scorer. 7 goals behind Ronaldo at United, ahead of Solskjaer, and Andy Cole. 1x Europa League, 2x FA Cup, 2x League Cup. He's a good human being, who has done more for others than most, despite pretty hefty opposition. Football form doesn't change that. If he ends up moving on permanently, I'll wish nothing but the best for him in the future. To me he is a shining example of what United is all about, and a warning to what we can lose if the club isn't set right. The type of career he's had at United should've been so much more.