Sean Gallagher  πŸ€ 

@[email protected]
4.4K Followers
921 Following
1.1K Posts
Security Research Engineer @Cisco Talos. Past: Natsec/Infosec Editor Emeritus @ Ars Technica. Ex Navy officer and actual battleship sailor. Verified cat furniture. Bird paparazzo. Still mostly s***posting as @[email protected]. Also federating @thepacketrat and @thepacketrat
Works atSophos
Works asPrincipal Threat Researcher
Non-Infosec thingsbirds, pottery, shoulder cats, media criticism, natsec
Twitterhttps://twitter.com/thepacketrat
bloghttps://fancybearfriends.org
Work bloghttps://news.sophos.com/en-us/author/sean-gallagher/
Sean Gallagher  πŸ€ 18h ago

An anonymous submission: Stop watering dead flowers

This post is a follow-up to an earlier anon submission --editor Stop Watering Dead Flowers I have been walking through the long dusk since the burn. Smoke still in my lungs. It has been almost a year since the last time I wrote about it. Ghosts of what should have been, scattered in the corners. I thought we were watching a slow slide.

http://thepacketrat.com/2026/06/09/an-anonymous-submission-stop-watering-dead-flowers/

An anonymous submission: Stop watering dead flowers

This post is a follow-up to an earlier anon submission –editor Stop Watering Dead Flowers I have been walking through the long dusk since the burn. Smoke still in my lungs. It has been almost…

The Packet Rat
Sean Gallagher  πŸ€ May 12
Made a new friend this weekend.
Sean Gallagher  πŸ€ May 7
Good morning Chippo.
Sean Gallagher  πŸ€ Apr 22
burritosec  Apr 6
@thepacketrat pointed out over on the butterfly site that it's a little over 10 years since the left-pad incident. I looked up the wikipedia article he authored about it - March 22. And just about 10 years later after we all learned the dangers of over reliance on external dependencies, we get axios. Everything old is new and no one learns anything ever.
Show threadSean Gallagher  πŸ€ Apr 22
Currently that is working out pretty well. It seems it’s hard for me to hold grudges against dead people.
Sean Gallagher  πŸ€ Apr 22
My current goal is to make as many friends as possible and outlive my enemies.
Sean Gallagher  πŸ€ Apr 22

It was recently pointed out to me that I had let my profile bio fester. Yes, I am at Cisco Talos now. Last week was the anniversary (roughly) of my interview for the job, precipitated by the layoff of half my team at Sophos (including Andrew Brandt, who just landed at Huntress).

In a few years maybe no one will even remember my time at Ars Technica, now 6 years in the rear view ago.

Sean Gallagher  πŸ€ Apr 15
My colleague Omid and I did a thing.
It's my first Cisco Talos blog ever.
https://blog.talosintelligence.com/the-n8n-n8mare/
The n8n n8mare: How threat actors are misusing AI workflow automation

Cisco Talos research has uncovered agentic AI workflow automation platform abuse in emails. Recently, we identified an increase in the number of emails that abuse n8n, one of these platforms, from as early as October 2025 through March 2026.

Cisco Talos Blog
Show threadSean Gallagher  πŸ€ Apr 2
And yes I'm old I had to look up "mogged"
Sean Gallagher  πŸ€ Apr 2
Lotta people feeling this right now.