I would like to throw my hat into the ring for DDG-X.

Burke++

What’s the over / under on how many Renhai‘s will be put to sea before this is canceled.

Like cmon

Was on my morning run and while listening to Words to Me by Sugar Ray I realized if you change the chorus to “Xi sings these words to me” it’s a song about the CCP working for reunification with Taiwan.

what are we without the sauce

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign Mandiant and Google have identified “Brickstorm,” a sophisticated, suspected China-linked hacking campaign targeting U.S. tech firms, legal organizations, and BPOs. The operation often goes undetected...

🚨🚨🚨 Google released a report on "Brickstorm" this morning — a next-level, suspected China-linked campaign targeting U.S. firms. Ultra-stealthy, 400+ day dwell times, focus on stealing IP, finding zero-days, and focused on long-term cyberespionage. cyberscoop.com/chinese-cybe...

a close up of a woman 's face with a purple shirt on . ALT: a close up of a woman 's face with a purple shirt on .

Not me losing my mind tracking ORBs lalalala I can't hear you over the sound of how many darned ORB networks there are 🫠

Patched IOT devices?

What a quaint idea.

Could I offer you another type of compromised network appliance in this trying time?

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs | Google Cloud Blog Russian government-backed group COLDRIVER is using LOSTKEYS malware to steal files and system information from NGOs and western targets.

I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.

cloud.google.com/blog/topics/...

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

Hot off the press is a new blog detailing our observations from in the wild exploitation of CVE-2025-22457 by UNC5221 including two newly observed malware families tracked as BRUSHFIRE and TRAILBLAZE.

cloud.google.com/blog/topics/...

🔥 new blog covering recent UNC3886 ops. Massive S/O to all the authors for dropping such a great blog.

Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog We discovered China-nexus threat actors deployed custom backdoors on Juniper Networks’ Junos OS routers.

Super happy this blog is finally released. Dive into the intricacies of backdoors targeting Juniper devices, veriexec bypass zero-day and other interesting TTPs, all with UNC3886, a China-nexus cyber espionage group as your guide!

cloud.google.com/blog/topics/...

I did get my second pair of Superblast 2s so not a total loss

The universe doesn’t want me to get a pair of the Vaporfly 4s

Another absolute banger of a playlist open.spotify.com/playlist/3MG...

Friday playlist brought to you by all of @stonepwn3000.bsky.social’s favorite bands open.spotify.com/playlist/4B0...

What I feel is ashamed.

Only 10, you doubt me brother

Is this the gabagool I keep hearing about

Plug*

Shameless plus as to why being able to track akas is so valuable

Submitted without comment

Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.

Today, Google Threat Intelligence is alerting the community to increasing efforts from several Russia state-aligned threat actors (GRU, FSB, etc.) to compromise Signal Messenger accounts.

cloud.google.com/blog/topics/...

a man is sitting at a desk in a dark room with his hands on his face . ALT: a man is sitting at a desk in a dark room with his hands on his face .

Are you taking notes on a criminal conspiracy?

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation | Microsoft Security Blog Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelli...

Fantastic work here from the MSTIC folks re: 74455. So many threads to pull.

www.microsoft.com/en-us/securi...