OSINT, CTI, adict to graphs and python scripts. ISO 3103 compliant.
Love to learn, learning is the beginning towards becoming a better human.
Not an English native, hope I don't sound too harsh.
He/him - 30 - Cyber Threat Analyst
| Motto | https://www.youtube.com/watch?v=8yyAgk9der4 |
| GitHub | https://github.com/BongoKnight |
| Profil picture | https://ko-fi.com/winomas |
For about a month, I have been mentoring an intern. It's disappointing to see AI being used for everything:
- Writing an advisory on an ongoing threat? AI. Everything is rephrased, and as a reader, it's impossible to understand the point of the advisory.
- Not understanding computer science concepts? AI. It's poorly explained and inaccurate.
- Adding a new feature in code? AI. The task was easy and should have taken five minutes by copying and adjusting another part of the code. I've seen three versions of the same code, all with a strange use of the library it relies on and nonsensical comments.
I'm only 30 and I already feel like a boomer, even though I need to work for that many more years. Is learning new things and trying to understand them so boring?
Not to mention OpenClaw, Moltbook, and other recent insanities. What a pleasure to see the planet burn for that.
This study—from Anthropic, no less—is rather damning of the entire generative AI project. In code creation, the realm where it should shine, not only were the time gains marginal, but developers understood their code far, far less. And they didn't even have more fun doing the work!
But to me the most concerning part of this study is the fact that Anthropic could not get the control (non-AI) group to comply. Up to 35% of the "control" in the initial studies used AI tools despite instructions not to. What kind of behavior does that sound like?
UPDATE: See below for important counterpoints as to the validity of the study.
Holy shit. TIL that Janet Jackson is the only Grammy-winning artist with a CVE.
CVE-2022-38392 indicates that playing Rhythm Nation near certain hard drives will cause a crash, because the song contains a resonate frequency with a 5400RPM spinning disk of a certain diameter and construction.
Neat.
The WSJ reports that Google has moved to seize dozens of domains belonging to IPIDEA, a Chinese residential proxy service and the largest by far with ~10M proxies for rent. Google has also taken steps to remove hundreds of apps affiliated with the company from Android devices
Earlier this month, we broke the news about how the world's biggest botnet -- Kimwolf -- grew very quickly to well more than 2 million devices by exploiting a weakness in IPIDEA that allowed them to probe the local networks of proxy endpoints, and infect unofficial Android devices like TV boxes.
https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/
IPIDEA's proxy service has become synonymous with these Android TV boxes, which generally come backdoored at purchase. According to Synthient, the proxy tracking startup that figured out how Kimwolf was spreading, the majority of traffic being funneled through IPIDEA proxies is for account takeover activity and ad fraud.
Here's the announcement from Google: https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network
TL;DR A botnet of 10 millions of devices is taken down.
If you never heard of BadBox, Kimwolf or IPIdea, you may want to read Brian Krebs recent articles or this one from WSJ.
Else this is pretty cool!
AhnLab published an analysis of a campaign observed by the CertGraveyard in December. Great to see more details.
An actor using signer "CÔNG TY TNHH XB FLOW TECHNOLOGIES" leveraged a range of RMM tools and regularly contested abuse complaints.
Blogpost in thread
1/2
David Revoy
Taggart
rk: it’s hyphen-minus actually
BrianKrebs
Squiblydoo
∅🧠