also, what did the researchers do with the rest of the cocaine from the experiment

are they safe to eat though?

🚨 BREAKING: Vercel has been breached. A threat actor has listed their customers' data, source code, databases, and keys up for sale.

Vercel has also publicly disclosed they've identified a security incident involving unauthorized access to their internal systems.

Breach Lessons - First Look: Vercel and Context AI We usually wait for the investigation to complete, but there are already a ton of useful lessons here.

Some thoughts on the Vercel/Context breach turducken

www.defendersinitiative.com/p/breach-les...

Notepad sheds Copilot from toolbar as Microsoft gives subtlety a try AI gubbins still there, just tucked under 'Writing Tools' Copilot is on its way out of Notepad, but a return to the basic text editor is not on the cards.…

Notepad sheds Copilot from toolbar as Microsoft gives subtlety a try

Saturday morning vibes

Making brunch in the kitchen in utter silence like a psycho

No music, no YouTube, no audiobook, no podcast

Monday #RSAC sessions with CyberCanon Committee Members and Authors:

🤖 Caroline Wong - The Foundations of AI

👁️ Adrian Sanabria - A Failure Is a Terrible Thing to Waste: The Case for Breach Transparency

🪖 Nicole Perlroth - Resilient Infrastructure as National Defense

(part 1/3)

I worked dial up tech support in the 90s

You can’t scare me

NOW everyone will suddenly remember PR is part of the US

It technically doesn’t count because it is restructuring, but I have started a separate list for “badly hurt, but not destroyed by breach”

Vulnerability management is in some trouble and I have thoughts on how to deal with it.

TL;DR - exploitation is happening too fast for traditional vuln mgmt to be effective.

open.substack.com/pub/defendersi…

Saturday repair project time!

My partners’ thousands of hours in Rocket League have taken their toll on these poor PS5 controllers.

This Italian hacking magazine needs to calm down

Don't get me wrong, I think there's a time and place for resorts where you just want to turn off your brain and get some sun.

Or for a guided tour from an expert.

But travelers that don't wander are missing out.

Ironically, it seems the most dangerous places are where the tourists are expected, not where they're rare.

Though he doesn't look it in this photo, this man was delighted I was excited about the fact he was cooking naan in a tandoori oven.

I find these resorts confusing. My favorite part of traveling is wandering in an unfamiliar country and learning the culture first hand.

Wandering the suks in Manama, the monuments in Yerevan, exploring the stalls in Fortaleza, trying fruits I never knew existed - this is the best part of traveling

At the Hard Rock resort in Punta Cana, you could get a guitar and an amp delivered to your room, but the native cuisine was nowhere to be found.

There was a Mexican restaurant in the resort though.

So disappointing.

Why even go to a beach in another country if it's emulating US tastes?

What an amazing essay. Moved me to tears.

I had a similar experience in the Dominican Republic. A vendor was paying for me, an industry analyst at the time, to attend a conference there.

I was excited - I had never had Dominican food before!

But there was no opportunity to at the resort.

CyberCanon's review of Chip War

✍️ 𝗥𝗲𝘃𝗶𝗲𝘄 𝗗𝗿𝗼𝗽𝗽𝗲𝗱 🪖

We have back-to-back reviews from Larry Pesce. Today, Larry offers his insights on Chris Miller's widely well-regarded book, 𝘾𝙝𝙞𝙥 𝙒𝙖𝙧, from a cyber pro's perspective:

📝 You'll want to read this review cybercanon.org/chip-war-the...

#CybersecurityBooks | @haxorthematrix

Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach | TechCrunch The fintech giant said it plans to "seek recoupment of any expenses" from its firewall provider SonicWall after a 2025 data breach exposed customer firewall configurations.

New: Fintech firm Marquis, used by hundreds of banks & credit unions across the U.S., told its customers that it plans to seek compensation from its firewall provider SonicWall after blaming the company for a breach that allowed hackers to steal tons of people's personal and financial data & SSNs.

Announcing BlackIce: A Containerized Red Teaming Toolkit for AI Security Testing In this post, we introduce BlackIce, an open-source, containerized toolkit that bundles 14 widely used AI security tools into a single, reproducible environment.

@erratarob.bsky.social I imagine they don't even realize that they're reusing a security tool name

which makes me feel old

www.databricks.com/blog/announc...

A much-liked post by Germany’s satirical newspaper @der-postillon.com with the titles “Vienna Academy of the Arts offers Trump admission as a student” and the caption “They don’t want to get blamed again“

A joke for the history buffs:

Germany’s satirical newspaper @der-postillon.com titles: “Vienna Academy of the Arts offers Trump admission as a student — They don’t want to get blamed again“

Attack surface management used to mean “outside the firewall.”

Now it’s everything: cloud, SaaS, IoT, shadow IT...

In this Enterprise Security Weekly webcast, @hdm.io + @todb.hugesuccess.org join @sawaba.bsky.social to talk how to find gaps before attackers do.

▶️ www.runzero.com/resources/as...

Is *If You Give a Mouse a Cookie* about people with ADHD? #RandomThoughts

It's that time of year again.

The #WinterSolstice.

The day the only hand on my annual clock points straight up, at 12:00

Here's the book I was thinking of a.co/d/hKIYQmE

So the 'heroes' of the movie were actually the antagonists IRL I guess?

I dug into this a while back, and it seems the consensus in hindsight was that the 2008 collapse wouldn't have happened if these finance bros didn't innovate a way to bet against the housing market.

Once they did it, large institutions started doing it and that was the push that caused the collapse

Doesn't match in size or color

@johnhammond.bsky.social, even.