Ben Read

Duke, which lost to UConn (like every team that reached a result with UConn in 60 minutes did) won the ACC.

PUT UCONN IN THE PLAYOFF

Shout out to whoever is exploiting CVE-2025-55182 to drop cryptominers and using "reactOnMynuts" as your campaign code.

China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182) | Amazon Web Services Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat g...

A new blog this evening from Amazon Threat Intelligence detailing ongoing China-nexus cyber actors leveraging React2Shell (CVE-2025-55182): aws.amazon.com/blogs/securi...

Critical Security Vulnerability in React Server Components – React The library for web and native user interfaces

There is critical vulnerability in React Server Components disclosed as CVE-2025-55182 that impacts React 19 and frameworks that use it.

A fix has been published in React versions 19.0.1, 19.1.2, and 19.2.1. We recommend upgrading immediately.

react.dev/blog/2025/12...

Shai-Hulud 2.0 Aftermath: Trends, Victimology and Impact | Wiz Blog A deeper look at the Shai-Hulud 2.0 supply chain attack: reviewing the infection spread, victimology, leaked secrets distribution, and community response so far.

An update on Sha1-Hulud from the team here @wizsecurity.bsky.social. Rami & Shay break down how we've seen it spread, the types of environments targeted and what secrets have been leaked.

www.wiz.io/blog/shai-hu...

Pete must be held accountable. This is not the opinion of some reactionary lib. I get accused all the fucking goddamn time of being the mainstream.

People need to be adjudicated for this. There are ideals of what an American thinks they are that have been violent violated here.

We demand justice.

Heads up for East Coast people waking up.

New report from Positive Technologies vivisects recent (2024-2025) APT31 attacks targeting Russian IT firms specifically government contractors and integrators

ptsecurity.com/research/pt-...

Google Has Chosen a Side in Trump's Mass Deportation Effort Google is hosting a CBP app that uses facial recognition to identify immigrants, while simultaneously removing apps that report the location of ICE officials because Google sees ICE as a vulnerable gr...

“Providing tech services to supercharge ICE operations while blocking tools that support accountability of ICE officers is entirely backwards." - @kateruane.bsky.social www.404media.co/google-has-c...

TTPs Things that Threat Actors do when they Perform a cyber attack

Never assume your audience knows what acronyms stand for.

Remember NFTs? 😂😂😂😂😂😂😂

Attribution has historically not changed the attacker's behavior (especially in the case of the PRC) and there are likely other higher priorities in the bilateral relationships.

Capacity constraints are real, but unlikely to be the proximate limiting factor given the volume of activity.

The authors identify three factors:
1. Unclear Returns
2. Lack of Capacity
3. Strategic Culture

Those all contribute, but I lean towards the first one being the most important.

India and Indonesia’s approach to publicly attributing cyberattacks? No naming, no shaming India and Indonesia’s reticent approach to publicly attributing cyberattacks is the result of strategic culture, insufficient technical capacity, and the lack of clear returns

An interesting article talking about public attribution and the lack thereof in Indonesia and India on @bindinghook.bsky.social.

bindinghook.com/india-and-in...

Crossed wires: a case study of Iranian espionage and attribution | Proofpoint US Proofpoint would like to thank Josh Miller for his initial research on UNK_SmudgedSerpent and contribution to this report.  Key findings  Between June and August 2025,

New Iran drop from me tracking an attribution nightmare - UNK_SmudgedSerpent! A little Charming, a little Muddy, and a lot C5. Targeting policy experts with benign conversation starters, health-themed infra, OnlyOffice spoofs, and RMMs. Check out the full story www.proofpoint.com/us/blog/thre...

YouTube video by Charlie Taft MIDD KID (Official Music Video)

It's a good night, but I'm a little concerned that New York is going to have a mayor that knows this song: youtu.be/WZzCHcMKyDc?...
#NESCAC

I love kids. I have two of them. They’re amazing. However, kids are the absolute least self aware, clumsiest little puffins on the planet.

Please don’t drive tonight unless you have to, and if you do drive, drive super slow and pay 100% attention at all times.

Happy Halloween! 🎃 👻 💀

#PublicHealth

The romantic fables of peoplehood, of real “men with chests” (Fukuyama 2018) who make national histories… once you treat debates about liberalism in the Global South as reflecting the same common impulses that motivates illiberal politics everywhere else, you begin to see our common humanity

/end

Follow this thread 👇

With the inaugural SOS just 18 days away, we'll be highlighting a few of the amazing talks you'll be hearing on October 28 in Brussels!

stateofstatecraft.com/agenda

Get a ticket while you still can! 🎟️🎟️🎟️

"What if, in the process of trying to ban AI products that quite actually encourage children to kill themselves, we wind up banning chatbots that help children cheat on their homework, diminish their propensity for critical thought, and lead to the development of other forms of AI psychosis?"

Berlin

The Comey Indictment Is Not Just Payback — The Atlantic It’s an advance glimpse of Trump’s next attempted seizure of power

“James Comey’s rights and liberties are not the only ones at risk today. So is your own right to participate in free and fair elections in order to render a verdict on Trump’s invasion of those rights and liberties.” From @davidfrum.bsky.social apple.news/AX8_ub4UHR0G...

🚨 #Shai-Hulud: Major npm supply chain attack.

100+ packages weaponized with stolen GitHub tokens, stealing secrets, hijacking repos, and auto-propagating like a worm.

Guidance + detections inside

www.wiz.io/blog/shai-hu...

Airlines Sell 5 Billion Plane Ticket Records to the Government For Warrantless Searching New documents obtained by 404 Media show how a data broker owned by American Airlines, United, Delta, and many other airlines is selling masses of passenger data to the U.S. government.

New from 404 Media: airlines are selling *5 billion* ticketing records to the government for warrantless searching, per new docs we obtained. ARC is a data broker owned by United, American, Delta, etc. Then sells peoples' travel info to ICE, Secret Service, FBI etc www.404media.co/airlines-sel...

A private individual with power to get public servants fired, put them at physical risk, get them investigated, threaten their post government careers, go after their families and defame them with fantasies is an enormous threat to our national security and public well being. This can't stand.

Wiz Uncovers SES Abuse Campaign Using Stolen AWS Access Keys | Wiz Blog From leaked AWS access keys to large-scale spam: Wiz Research uncovered a live Amazon SES abuse campaign, turning insights into early-warning detections.

A fun investigation from the team here at @wizsecurity.bsky.social www.wiz.io/blog/wiz-dis...

Showing how leaked/stolen AWS keys can be used to enable other financially motivated schemes. (s/o to our friends at Proofpoint who helped us get some context on the phishing emails)

Now up to 22 different Cinnamon Toast Crunch related products. The quest continues.

Cinnamon Toast Crunch with Strawberry

Cinnamon Toast Crunch with Strawberry. Doesn't seem like it would add much, but who knows.

I can't speculate on Trump's health in this new press conference but he just ribbed Alabama Senator Tommy Tuberville over Bama losing badly on Saturday. Tuberville coached Auburn, Bama's big in-state conference rival.