Mastodawn

Woot ok now that I have the dependency graph crawled I can just ship the listing of known bad NPM packages and just compare directly against that.

I updated the scanning script to alert if you have -any- version of an infected package.

You're gonna want to be very careful if you're not infected but have one of these dependencies present.

https://github.com/datapartyjs/walk-without-rhythm/blob/main/data/infected-pkgs-versions.txt

#ShalHulud #WalkWithoutRhythm #npm #github #javascript #cybersecurity #threatresponse

Show thread

nullagent Nov 25

At the end of scanning for obvious compromise the `check-projects` script then builds a listing of all of your dependencies and all of the versions your project files mention.

You can find that info under `reports/`

I'm currently working on improving the `check-projects` script so that it will alert you if ANY of your package.json or package-lock.json mentions a known infected package.

#ShalHulud #WalkWithoutRhythm #npm #github #javascript #cybersecurity #threatresponse

Manuel Bissey Nov 12

Rhadamanthys infostealer disrupted as cybercriminals lose server access — a rare victory for defenders in the cat-and-mouse game. 🐭🛡️ #ThreatResponse #CyberDefense

https://www.bleepingcomputer.com/news/security/rhadamanthys-infostealer-disrupted-as-cybercriminals-lose-server-access/

Rhadamanthys infostealer disrupted as cybercriminals lose server access

The Rhadamanthys infostealer operation has been disrupted, with numerous "customers" of the malware-as-a-service reporting that they no longer have access to their servers.

BleepingComputer

Bob Carver Oct 10

Agentic AI Defenders — The Rise of Autonomous Cyber Response
https://youtu.be/Tia1RS7CFz4 #Cybersecurity #AI #AgenticAI #AIDefense #SOCAutomation #ThreatResponse #FutureOfCyber

SOC Goulash Sep 25

It's been a quiet 24 hours in the cyber world, so we've got a short but thought-provoking post today focusing on the evolving landscape of AI security and its implications for future defence strategies. Let's dive in:

AI Security: Containment is Key 🛡️

- The increasing speed of cyber conflict, driven by AI, now surpasses human response capabilities, necessitating autonomous AI in tactical security operations.
- The focus for AI security should shift from programming "human values" into probabilistic AI to building "deterministic fortresses" around it, controlling its interactions with the world.
- This involves architecting systems with rigorously enforced interfaces and boundary protections, allowing AI to operate strategically while maintaining human accountability and control over its actions.

🤫 CyberScoop | https://cyberscoop.com/security-automonous-ai-threat-response/

#CyberSecurity #AI #AISecurity #ThreatResponse #InfoSec #CriticalInfrastructure #AutonomousAI

Contain or be contained: The security imperative of controlling autonomous AI

The most secure and resilient AI systems will be those with minimal direct human interaction, the CEO of Owl Cyber Defense argues.

CyberScoop

Digital Edge Ventures Aug 21, 2025

🛡️ 2:00 AM. Saturday. Threat detected. Digital Edge is already on it. Real-time response. Scalable defense. No downtime.

#ManagedDetectionResponse #ThreatResponse #CloudSecurity #DevSecOps #AlwaysOnOps #businesscontinuity #digitaledge

BSidesAustin Sep 12, 2024

We're thrilled to have @ProphetSec
joining #BSidesAustin as a platinum sponsor in December. Investigate alerts & respond to threats w/ unparalleled speed & precision while empowering your analysts & safeguarding your data. #infosec #AI #alertinvestigation #threatresponse #secops #cybersecurity