Br*an

@joand315 @ghostfpv @skydrama You wish

@ghostfpv @skydrama I thought he moved to Florida because of.... Taxes.

Who in the world is flying direct from London to Champaign, Illinois?

Even HackerOne got hit - just not through its own systems. Nearly 300 employees’ sensitive data exposed after a breach at benefits provider Navia, caused by a BOLA (Broken Object Level Authorization) flaw. The real issue isn’t the vulnerability. It’s the timeline. 👉 Access occurred: Dec 22 – Jan 15 👉 Suspicious activity detected: Jan 23 👉 HackerOne formally notified: March Weeks of delay - while SSNs, addresses, health plan data and dependent information were potentially exposed. This is the pattern we keep seeing: - Not a company breach. - A supplier breach. - Followed by a notification lag. Your security posture is no longer defined by your controls - but by the slowest vendor in your ecosystem. And as AI agents and SaaS integrations multiply, this “extended enterprise” attack surface only grows. If a bug bounty company can’t escape third-party risk, no organisation can. The real question: Do you know how quickly your suppliers must tell you when something goes wrong? More info: theregister.com/2026/03/24/hac…

The DarkSword iPhone exploit code just leaked on GitHub. This changes the threat model for everyone, not just Apple users. Here's what most coverage is missing. DarkSword was originally a nation-state grade tool — tracked by Google's Threat Intelligence Group since November 2025, used by Russian espionage groups and customers of a Turkish commercial surveillance vendor. This was elite capability reserved for high-value targets. Now it's on GitHub. Anyone can download it, study it, modify it, and redeploy it. That's the moment a spyware-grade exploit chain goes from "targeted espionage" to "commodity attack tool." Google themselves warned this is exactly what happens - leaked code gives threat actors a starting point to test, tweak, and iterate. Three malware families deploy after compromise: GhostBlade, GhostKnife, and GhostSaber. Together they steal data, establish a backdoor for re-entry, and execute code - compressing the entire kill chain into a single click. But here's the enterprise angle nobody is connecting. SecurityScorecard's CISO Steve Cobb put it perfectly: once attackers gain credentials on a compromised phone, they're no longer limited to that device. They move into SaaS platforms, cloud environments, and partner systems without needing another exploit. Now think about how many people use the same iPhone for: → Corporate email and Slack → AI agent control channels (Telegram, WhatsApp, Discord) → Two-factor authentication → Cloud storage with synced credentials A compromised iPhone isn't a phone incident anymore. It's an enterprise access incident. If your CISO is running an OpenClaw agent through Telegram on their Mac and their iPhone connects to the same Telegram account - the phone becomes a lateral entry point to the agent. This is the second iOS exploit kit disclosure this month. Coruna gave attackers 23 exploits across iOS 13 through 17.2.1. DarkSword covers iOS 18.4 through 18.7. Between them, nearly every iPhone version in the wild has been targeted. What to do right now: → Update to iOS 26.3 immediately - this patches the DarkSword chain → Enable Lockdown Mode on any device you can't update → If your org allows BYOD, assume unpatched personal devices are compromised → Review what enterprise services are accessible from mobile - email, cloud, SSO tokens, AI agent channels → Test whether your mobile security controls can actually detect and block these exploit chains, not just in theory The pattern is clear: nation-state exploit tools are leaking faster than organisations can patch. DarkSword is public now. The window between "elite capability" and "commodity attack" just collapsed. Patch today. Not tomorrow. More Info: cybernews.com/security/anger…

@willsommer @mehdirhasan What an unfortunate combination of words in a single tweet

FBI director Kash Patel’s girlfriend says Michael Flynn, Tucker Carlson, Joe Kent and Candace Owens are all tied to a foreign influence operation.

@AlexisWilkins Lmaooooooo

THREAD: (1/13) A foreign-linked influence network has been running coordinated operations against the Trump administration for 22 months. I know it's real because they ran one against me. I was targeted in something I knew was far from organic. This level of media is isolating, unwanted, and unwarranted. There was nobody to help, nobody to jump in and say, this is a false OP and help me. Well, I don’t believe in problems without solutions, so I’ve spent the last few months learning to build programs to utilize publicly available information to prove that this is way bigger than me. This is about creating chaos in the Republican Party. It's about the organized effort to lose Republicans the midterms and subvert President Trump's agenda, and I have the data for you to see 🧵

@Finest_BandiT @sentdefender @grok Lol

@sentdefender @grok pls confirm

Following a deadly Colombian Air Force C-130 crash, the updated casualty numbers are 69 dead and 57 injured, as a total of 126 airmen were on the crashed aircraft.

@SenTedCruz Lol

Due to the Democrat’s Shutdown, I’ve asked the Financial Clerk of the Senate to hold my salary. It’s not right for Members of Congress to be paid if the working men and women of DHS aren’t.

@sentdefender #25A

Speaking to reporters earlier at the White House, President Trump mentions and vaguely talks about a mysterious “present” given to the United States yesterday by Iran: “Because they're going to make a deal. They're going to make a deal. They did something yesterday that was amazing, actually. They gave us a present, and the present arrived today. It was a very big present worth a tremendous amount of money. And I'm not going to tell you what that present is, but it was a very significant prize. And they gave it to us, and they said they were going to give it. So that meant one thing to me, we’re dealing with the right people. No, it wasn't nuclear related. It was oil and gas related. And it was a very nice thing they did.”

Meek Mill? The open source contributor?

@koopaaron @fmill57 @supertrucker @grok I’m just kidding fellas, thought you’d appreciate it

@fmill57 @SecurityCollins @supertrucker @grok Last place I was new at, automatics hauling fuel… Truck broke spare was a 10 speed, trainer couldn’t float nothin, It was fun making him look stupid that arrogant fuck.

.@grok does Jay Leno have a CDL?

Users will click, developers will install malicious packages, someone will give up their password. Design security programs with this in mind and plan accordingly.

@JJ19334417 @BarakRavid No. Trump’s pride is going to get more troops and other innocent people killed

@BarakRavid Aren’t they negotiating with the Iranian regime?

🚨A U.S. official told me the Command element of the 82nd airborne division has been directed by the Pentagon to deploy to the Middle East together with an infantry brigade consisting of several thousand troops 🚨This is another significant troops reinforcement in the region ahead of a possible ground operation in Iran

@sentdefender Shameful

U.S. officials have told Axios’ Barak Ravid that the Headquarters of the 82nd Airborne Division, stationed at Ft. Bragg in North Carolina, has been directed by the Pentagon to deploy to the Middle East together with a Brigade Combat Team consisting of several thousand troops, ahead of possible ground operations in Iran.

@CBSNews IGs, GAP, OMB surely wouldn’t allow fraud? Is that what they’re saying?

Congress launches investigation into California hospice fraud, citing millions in taxpayer losses. cbsn.ws/4uNG4mw

@111OneMind @Skint_Eastwood1 Canada

@Skint_Eastwood1 Hey guys, what happened before the video? Does everyone enjoy loud motorcycles ripping through their neighbourhoods?

🚨NEW FULL FOOTAGE of Alan Ritchson (Reacher) in a street fight with his neighbor Ronnie Taylor in Tennessee. It captures exactly what caused Ritchson to snap and beat the crap out of Taylor.

@TrumplicanWINN @Skint_Eastwood1 Trump would disown you if he saw this

You people crack me up, saying he was with his rights? We don’t know how him and his kids were riding up and down that road. Once I heard him say I should have run you over he lost. You people always favor the actor. Why? These are people paid millions of dollars to pretend like there’s somebody else and you fall for it every time.

@Jack_Raines I tuned that crap off so fast for the same reasons

Moved my retirement accounts to Robinhood last year bc of their asset match (like 3% match on all assets or something like that?) But it’s incredibly annoying that you have to scroll past prediction markets (read: sports betting) to see portfolio positions. The forced sports betting is gross.

Turning Threat Intel Into Defense: Detection Rules for MOIS Campaign The FBI warns that Iranian Ministry of Intelligence and Security (MOIS) cyber actors are using Telegram bots as command-and-control infrastructure to deliver malware disguised as legitimate Windows applications, targeting dissidents, journalists, and opposition groups worldwide. This multi‑stage malware enables persistent access, data theft, and exfiltration of files, audio, and video, with groups like Handala Hack and Homeland Justice linked to these campaigns. The FLASH provides indicators of compromise and urges defenders to apply updates, use trusted sources, enable antivirus, and report suspicious activity to the FBI. Source: ic3.gov/CSA/2026/26032… KQL Code: github.com/SlimKQL/Detect… #Cybersecurity #DefenderXDR #MOISCampaign

Microsoft Threat Intelligence has observed threat actors actively experimenting with techniques to bypass or “jailbreak” AI safety controls. By reframing malicious requests, chaining instructions across multiple interactions, and misusing system‑ or developer‑style prompts, threat actors can coerce models into generating restricted content that bypasses built‑in safeguards. These techniques demonstrate how generative AI models are probed, shaped, and redirected to support reconnaissance, malware development, and social engineering while minimizing friction from moderation. AI guardrails have become dynamic surfaces that attackers test and manipulate to sustain operational advantage. As AI becomes more deeply embedded in enterprise workflows, understanding how attackers test and manipulate these guardrails is critical for defenders. Learn more about securing generative AI models on Azure AI Foundry: msft.it/6013Qs5oX