Rey Bango 🇺🇦🌻

@roguekode I swear I’m gonna slip thin slices under the cheese and serve it to you.

Anyone know of a place that centralizes call for papers for security events?

@roguekode I have to give you some credit for trying to be funny. Here’s a pizza.

When my mom asks if I want to join in family dinner tonight, but I have to explain how I have to watch a baseball game between American Italians and American Mexicans to determine if American Americans can keep playing baseball

♀️ Women's History Month Giveaway! forms.gle/9et68EnEF1V7ph… On #InternationalWomensDay WiCyS & JHT join forces. Win career advancement packages of WiCyS Memberships & hands-on courses from John Hammond & other JHT All-Stars. Enter by March 18. No purchase required. * Winners to be announced by John & Women in CyberSecurity (@WiCySorg) during the JHT Livestream at 1:00 PM ET Thurs, March 19 Top Prize! - 1 Annual Membership to WiCyS ($95) - Constructing Defense 2026 3-Course Path with AI Teaching Assistant by @Antonlovesdnb ($500) 2nd Place - 1 Annual Membership to WiCyS ($95) - 2-Course Dark Web Bundle by @_JohnHammond ($300) 3rd Place - 1 Annual Membership to WiCyS ($95) - API Hacking Course by @InsiderPhD Katie Paxton-Fear ($100) - Phishing – A Technical Course for Red Teaming by @corg_e Cori Macy ($50) - Ease Me into Cryptography by @ellieintech Ellie Daw ($50) Must enter by 11:59 PM ET March 18 #explore #cybersecurity #careers #WomensHistoryMonth #InternationalWomensDay2026 #WiCyS #WomensDay #WomensDay2026

Detailed perspective by Sam Bent (@DoingFedTime) on the privacy considerations of using @ProtonPrivacy services. Some important factoids I hadn’t known about. sambent.com/proton-helped-…

@roguekode @hoodoer

@roguekode @hoodoer

Ooof this one is a doozy. Unauthenticated access to Cisco SD-WAN Manager dating back to 2023. There’s a proof-of-concept out there too.

@roguekode I mean all you have to do is read any code you write and it would have the same effect.

@curi0usJack @_JohnHammond

@reybango @_JohnHammond 7 months. We haven't talked in SEVEN MONTHS and this is how you slide in. sigh. well done.

pfft guys don't take nmap seriously it's is nothing compared to my new vibecoded RUST BASED nmap called NMAP RUST because of its IN RUST and IT uses AI!! (and RUST!!!!!)

@curi0usJack @_JohnHammond "here"

@_JohnHammond Hey, I'm just hear to say thank you for making a mockery of rust rewrites of perfectly good tools. Made my day. 😁

@_RastaMouse It's 28 degrees celsius where I live and I don't want to deal with the heat :D

First wiff of sunshine and everyman and his dog is out with a lawn mower.

Our research team, @Horizon3Attack, discovered CVE-2026-28414 an unauthenticated file read vulnerability in Gradio apps running on Windows with Python 3.13+ — and it’s deceptively simple. linkedin.com/feed/update/ur…

The CEO of the most advanced AI company in America just went on national television (Save this) Hours after his company was blacklisted by the US government. Here's what he said. Dario Amodei built the only AI deployed inside the Pentagon's classified networks. His company helped run military operations, intelligence, cyber defense. Then the government told him to drop all safety limits. He said no to two things. Just two. "One is domestic mass surveillance." He explained: the government can already buy your location data, your browsing history, your political affiliations from private companies. AI makes it possible to analyze all of it. On every American, all at once. "That actually isn't illegal. It was just never useful before the era of AI." "Case number two is fully autonomous weapons." Not the drones used in Ukraine and the remote-controlled systems. Weapons that select targets and fire without a single human pressing a button. "The AI systems of today are nowhere near reliable enough." "We don't want to sell something that could get our own people killed or that could get innocent people killed." He approved 98% of what the Pentagon wanted. "No one on the ground has actually run into the limits of any of these exceptions." The government wasn't fighting over something it needed. It was fighting over the right to have no limits at all. They gave him three days. He said no. So the President called his company "radical left woke." Then ordered every federal agency to stop using their technology. Then the Pentagon labeled them a national security risk. A designation that has only ever been used against foreign enemies. When asked if he'd received any formal legal action, he said this: "All we've seen are tweets from the president and tweets from Secretary Hegseth." No letter, filing or a legal document. "When we receive some kind of formal action, we will look at it, we will understand it, and we will challenge it in court." He said the Defense Secretary lied about the law. Hegseth tweeted that any company with military contracts can't do business with Anthropic "at all." Amodei: "That is not what the law said." "The nature of the tweet was designed to create fear, uncertainty, and doubt." Asked if this was an abuse of power, he paused. Then said: "This designation has never happened before with an American company." "It was made very clear that this was retaliatory and punitive." "I don't know what else to call it." Asked if Anthropic could survive, he didn't hesitate. "Not only survive it. We're gonna be fine." Then the final question. "If you had a moment with the President right now tonight, what would you say to him?" "We are patriotic Americans." "Everything we have done has been for the sake of this country." "The red lines we have drawn, we drew because we believe that crossing those red lines is contrary to American values." "Disagreeing with the government is the most American thing in the world." "And we are patriots." A CEO just went on national television and told the President of the United States: You can blacklist us. You can call us names. You can threaten our business through tweets. But we will not build machines that spy on Americans or kill without human hands.

Kali just published a guide on piping pentesting tools through Claude's API and didn't mention data security once. You're sending scan results, target info, and potentially sensitive findings to a third party LLM. "The Most Advanced Penetration Testing Distribution" should probably mention that. x.com/kalilinux/stat…

Introducing a new tool called "SideChannel". A secure alternative to OpenClaw. Utilizes signal for communication and has Claude integration. I built SideChannel, an open-source Signal bot that connects Claude AI to your entire development workflow. End-to-end encrypted. From your pocket. The real power is autonomous development. Send one message like "Build a REST API with auth, pagination, and tests" and SideChannel will: - Generate a full PRD with stories and atomic tasks. - Dispatch up to 10 parallel workers (each running Claude). - Independently verify every task with a separate Claude context. - Run quality gates to catch regressions - Auto-fix failures. - Send you progress updates via Signal as work completes. Every piece of code is reviewed by a separate AI context using a fail-closed security model. If it detects security issues, backdoors, or logic errors — the code gets rejected automatically. No rubber stamps. It also has memory that actually works. Conversations are stored with vector embeddings for semantic search. Claude remembers your project conventions, past decisions, and what's been tried before. It gets smarter about your codebase over time. Other things I'm proud of: - Plugin framework for extending with custom commands. - Multi-project support with per-user scoping. - Rate limiting, path validation, phone allowlist. - Git checkpoints before every task, atomic commits after. - Stale task recovery, circular dependency detection. - Works on Linux and macOS, one-command install. It also integrates into OpenAI or Grok (optional) for more Generative AI response for simple things like "Whats the weather in New York City right now?". github.com/hackingdave/si…

This was inevitable: Anthropic Launches Claude Code Security for AI-Powered Vulnerability Scanning I remember using Claude Code to scan some source code and it found stuff that other mature, established SAST platforms failed to find. I can definitely see Anthropic branching further into this type of security space and while I don't see it immediately supplanting established code scanning players, it's definitely a wakeup call for incumbent companies. thehackernews.com/2026/02/anthro…

AI coding assistant Cline compromised, installs OpenClaw • The Register theregister.com/2026/02/20/ope…