Cindʎ Xiao 🍉

@cxiao@infosec.exchange
741 Followers
1.9K Following
2.1K Posts

professional strings(1) operator

online once every century, DM for signal!

pronounsshe/her or they/them
websitehttps://cxiao.net
githubhttps://github.com/cxiao
bskyhttps://bsky.app/profile/cxiao.net
🏳️‍🌈😎
viewsare mine
Show threadCindʎ Xiao 🍉9h ago
@carkner May he remain in obscurity 🙏🙏🙏
Show threadCindʎ Xiao 🍉11h ago

@carkner omg i just went through his blog and...regret. dude is a pro china/russia tankie crank 💀

the NDP has to do way, way better than this guy

Cindʎ Xiao 🍉1d ago
Show threadcR0w 2d ago
@buherator I don't see any in the article but @badsamurai has talked about them on here and has a slide deck with them: https://github.com/BadSamuraiDev/Clikki-Tikki-Tavi
GitHub - BadSamuraiDev/Clikki-Tikki-Tavi: Low regret ClickFix mitigation script for Windows

Low regret ClickFix mitigation script for Windows. Contribute to BadSamuraiDev/Clikki-Tikki-Tavi development by creating an account on GitHub.

GitHub
Cindʎ Xiao 🍉2d ago

"My inescapable conclusion has become that Israel is committing genocide against the Palestinian people. Having grown up in a Zionist home, lived the first half of my life in Israel, served in the I.D.F. as a soldier and officer and spent most of my career researching and writing on war crimes and the Holocaust, this was a painful conclusion to reach, and one that I resisted as long as I could. But I have been teaching classes on genocide for a quarter of a century. I can recognize one when I see one."

https://www.nytimes.com/2025/07/15/opinion/israel-gaza-holocaust-genocide-palestinians.html?unlocked_article_code=1.W08.zx-L.gyT-M6Lx4sFP&smid=url-share

Opinion | I’m a Genocide Scholar. I Know It When I See It.

A professor of Holocaust and genocide studies comes to a painful conclusion about Israel’s actions in Gaza.

The New York Times
Cindʎ Xiao 🍉2d ago
squillace2d ago

A long time coming for #hyperlight and any micro-guest -- including #webassembly -- interactive debugging across the hardware boundary and into the microguest. https://opensource.microsoft.com/blog/2025/07/14/hyperlight-debugging-hardware-protected-guests/

Great stuff by @dblnz !!

Hyperlight: Debugging hardware-protected guests - Microsoft Open Source Blog

Find out how you can step through code in your guest micro-VM by attaching the GNU Debugger at runtime to debug Hyperlight guest micro-VMs.

Microsoft Open Source Blog
Show threadCindʎ Xiao 🍉2d ago
@carkner this guy....his "clarification" is so much worse than his original statement 
Cindʎ Xiao 🍉2d ago
cR0w Jul 10

Unit42 has yet another write-up on ClickFix with TTPs and IOCs. Maybe consider blocking Win + R and Win + X. @badsamurai has had good results with this.

https://unit42.paloaltonetworks.com/preventing-clickfix-attack-vector/

#threatIntel

Fix the Click: Preventing the ClickFix Attack Vector

ClickFix campaigns are on the rise. We highlight three that distributed NetSupport RAT, Latrodectus, and Lumma Stealer malware. ClickFix campaigns are on the rise. We highlight three that distributed NetSupport RAT, Latrodectus, and Lumma Stealer malware.

Unit 42
Cindʎ Xiao 🍉2d ago
Follow the Money EU2d ago

Millions of people across Europe buy their clothes on the fast fashion app Shein. But the Chinese company’s aggressive tactics for recruiting users have attracted the attention of European regulators.

Investigative journalists Yara van Heugten and Alexander Fanta looked into this ultra-fast fashion firm that is dreaming of entering the stock market. They cut through the smoke and mirrors behind this fashion mogul’s flashy claims and found that behind the dazzling numbers, cracks are starting to show – and Shein may be losing its shine. https://www.ftm.nl/artikelen/podcast-shein-toxic-business-model

Cindʎ Xiao 🍉2d ago
May Likes Toronto2d ago

Called it. Canadian Federal Government partners with Cohere to build out AI in the public service.

Cohere is 75% behind on their published revenue targets for this year. Here comes the government to bail them out.
https://ottawacitizen.com/news/artificial-intelligence-public-service-cohere

#cdnpoli

Feds partner with Canadian firm to accelerate AI use in public service

Prime Minister Mark Carney said the federal government has signed memorandums of understanding (MOUs) with Cohere and the United Kingdom.

ottawacitizen
Cindʎ Xiao 🍉5d ago
Lizbeth5d ago

My summer tattoo flash drop is arrived!

Feel free to share and if you want a design and can come to Montreal for it you can book one over here: https://ritualdust.com/tattoo/flash/

×
mahalozJun 29
I am very grateful to have been part of the panel at REcon. Like last year, I find myself leaving @reconmtl inspired and motivated to keep pushing forward in my research. Thanks again for all the awesome conversations, everyone. Hope to see you all next year.
Show threadmahalozJun 29
Photo credz @richinseattle