BSides Triad

@Anirudhgharat Cause the job listings are fake.

Why is everyone hiring but no one is getting job 🥲

@OrevaZSN I have. Many cannot comprehend. The response is along the lines of, "Well in my day.... "

“Nobody wants to work anymore.” Imagine explaining a five-round interview process to Boomers for entry-level jobs.

@LinkedInLunat1c I'm seeing more and more posts like these, everyday, more people with hastag looking for work....and ones from people posting about being unemployed for 2 + years, and living in their car. It's bleak out there.

Crashing out on LinkedIn

@hthieblot stick death and rotten

Anyone who surfed the early web between 1995-2010. What’s the one website/app you still think about?

@HedgieMarkets Same story with WARP.

🦔GitHub Copilot switched to token-based billing this morning and users are already out of credits. Pro+ subscribers paying $39 a month are reporting 60% of their credits gone in two hours of normal use. One user lost 20% of their allowance from a single file review with no code changes. Another hit their monthly cap before the calendar even flipped to June. Orgs with shared token pools have no way to see individual usage, so entire teams get cut off when one person runs a heavy prompt. Users are canceling and moving to Claude Code and Codex. GitHub community forums are on fire. My Take Flat-rate AI subscriptions were always subsidized. Everyone in the industry knew it. Today the subsidy ran out for a few million developers at once. The problem is a lot of companies already restructured around these tools. They cut headcount and told remaining engineers to lean on Copilot instead of building skills internally. Those companies now depend on a tool whose cost just became unpredictable and whose usefulness completely changes when you have to ration prompts to stay under budget. The developers moving to Claude Code and Codex will hit the same wall eventually. Every AI provider faces the same unit economics. Anthropic filed its S-1 this morning, and the durability of its revenue depends on whether customers stick around once real pricing kicks in everywhere. If a $39 subscriber cancels after one day because the tool became unusable, multiply that across millions of seats and the churn risk becomes very real. Today showed what happens when AI pricing meets reality. The companies that built their workflows around cheap tokens just discovered the tokens aren't cheap anymore and the people who knew how to do the work without them are already gone. Hedgie🤗

I INSTALLED A KERNEL MODE ANTI CHEAT SOMEONE HELP ME OH MY GOD ITS ALL OVER MY KERNEL ITS CHINESE AND INSIDE OF ME KERNEL

@elormkdaniel 😂😂😂😂😂😂😂😂

Web3 summarized

@tekbog And when you catch it and call it out..."I'm sorry, you're right, I wasn't supposed to do that."

“claude did you delete the prod database?” claude:

@tekbog same thing when it deletes your crontab... always bkup and make copies.

@minkal0041 @LinkedInLunat1c again, 😂😆

@LinkedInLunat1c I think Harrison is making shit up again

Not one person moved. Including me.

@LinkedInLunat1c I come across cringe posts like this too much. Might have to share them sometime.

Wanted to provide more clarity about this. Yesterday, we had a regression in merge queue behavior where, in some cases, squash or rebase commits were generated from the wrong base state, making earlier changes appear reverted in branch history. 2,804 pull requests out of over 4M merged on April 23 (roughly 0.07%) were affected. We fixed the issue, we've contacted every impacted customer, and we're expanding our automated test coverage for merge queue operations. The team will be updating the status page with RCA details as well.

AI is amazing. I am extremely pro-AI 1. It has lowered the barrier of entry for programmers, resulting in hundreds upon hundreds of slop applications vulnerable to everything. This is job security. 2. AI influencers keep saying AI is going to destroy cybersecurity. This is good. AI influencers don't understand the size and scope of cybersecurity, they think it's just smashing a keyboard and making cat noises. This makes people less likely to enter our field, making us more valuable, making us more money. It's job security. Keep telling people cybersecurity is dead. 3. It's given us a new area of research: AI security 4. It's made task automation easier with slop Python scripts. In summary, cybersecurity is dead. DO NOT try to work in this field. It's all over. Cybersecurity has been solved!

Mr. Titus Tech is correct. cpuid-dot-com is indeed delivering malware right now. As I began poking this with I stick I discovered this is not your typical run-of-the-mill malware. This malware is deeply trojanized, distributes from a compromised domain (cpuid-dot-com), performs file masquerading, is multi-staged, operates (almost) entirely in-memory, and uses some interesting methods to evade EDRs and/or AVs such as proxying NTDLL functionality from a .NET assembly. The C2 domain present in one of the binaries is a clear IoC. This is the same Threat Group who was masquerading FileZilla in early March, 2026. They've been busy.

This is one of the most useful Claude Code posts we’ve seen. Real data, not theory. The ENABLE_TOOL_SEARCH fix alone is worth the thread. Loading every tool schema on every turn is silent murder on your token budget. We hit the same bloat building Pelican’s multi-tool architecture and had to restructure how context loads for exactly this reason. The cache expiry finding is the one nobody talks about. You pause for five minutes to check a chart or read an article and your entire conversation rebuilds at full price. That 10x cost jump is real and it’s happening to everyone running long sessions. Two more areas worth auditing: redundant file reads aren’t just wasted tokens, they’re many chances for the model to subtly reinterpret your code differently across a session. And check for base64 encoded content persisting in context from file operations or image generation. That stuff sits there silently eating tokens across every subsequent turn.

Oracle is such a terrible, evil, slime company it borders some sort of twisted black comedy skit. During the beginning of the Trump administration Larry Ellison discussed building some sort of super-AI system and said it would create as much as 100,000 jobs in the United States Fast forward, March 2026, Oracle lays off 30,000 people. 30,000 people is an absolutely insane number. Oracle sent out at email at 6am to 30,000 people which were selected using some sort "selective process", which was a computer program, or something, I don't know. You go online and see people who have worked at Oracle for over 30 years being terminated. People who have had great reviews, sacrificed for the company, ... someone there was terminated and began working at Oracle in 1993. 1993 - 2026 and then terminated by a decision from a computer program while the United States economy is already sliding into the pisser, with inflation, housing crisis, government assistance cuts, gas prices raising, and companies creating hiring freezes Then today it's announced Oracle has put in H1B requests for approx. 3,000 employees from overseas What a fucking piece of shit fucking company.

Part of TeamPCP's success thus far has been the speed in which they operate. tl;dr teampcp doing lots of supply chains, exhausting, smash and grab passwords, runaway, really tiring Generally speaking, large scale supply chain attacks are quiet with the focus being silence and espionage. A notable example of this is SOLARWINDS supply-chain attack which was conducted by the Russian Federation. The goal is to discretely insert malicious code into a products update cycle. The payload would (under ideal circumstances) execute with specific triggers in place and BE QUIET. They don't want to set off any metaphorical alarms. You quietly watch and SLOWLY work. TeamPCP (as of this writing) has focused on information exfiltration (stealing sensitive data, primarily credentials) which is more akin to a smash-and-grab rather staying silent and watching what people are doing with their binoculars. A successful supply chain attack can be a DFIR (Digital Forensics and Incident Response) nightmare. Many organizations do not have an internal DFIR on staff, hence they consult with external entities. Suddenly with a supply chain attack you've got dozens of organizations contacting the same group of companies needing a forensic investigation launched. These DFIR's can take time with reporting, identifying victims, potential PII or sensitive documents stolen, cooperation with law enforcement and legal departments (or external law firms) ... it can take days, weeks, or (depending on the scope of impact and bureaucracy) months. And then suddenly there is another supply chain attack ... and then another ... and then another ... and then another ... with a total of 50 as of this writing. The best I can describe what I'm currently seeing is a "DFIR resource exhaustion" technique. If you've got only a handful of DFIR firms spread thin across a dozen of so companies and then ANOTHER supply chain attack happens AND THEN ANOTHER AND THEN ANOTHER, with some organizations potentially being hit multiple times, it's a nightmare come alive. TeamPCP (as of what we've learned thus far) successfully used a supply chain attack to pivot to other supply chain attacks. They're chaining chains. The concern now is they've performed 50 supply chain attacks in 8 days. Is there anymore coming? Has any other vendor failed to rotate their security credentials correctly? Is any company not cooperating? What data was stolen? How many companies are even impacted? How many are unaware of what happened? How much user PII was stolen? How were these other supply chain attacks conducted? The current prevailing theory is all of these supply chain attacks are the result of the initial Trivy supply chain attack, however (unironically) DFIR work must be conducted and more investigative work needs to be performed. It is dangerously to assert with high-confidence it is the result of the Trivy supply chain attack. If you're wrong, what if it's from something else we're not aware of yet? I'm sure not all details are public (yet). More information will come out eventually. This sort of DFIR work would take months but now it's a race against the clock hoping another doesn't occur. 2026 starting off strong.

BurpSuite demo on the Juice Shop web app.

Nathan’s presentation on WebApp hacking at yesterday’s meetup. Shout out to our sponsor SIXGEN.