Jake Williams
@MalwareJake
Followers
144K
Following
46K
Media
13K
Statuses
102K
Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Odenton, MD
Joined September 2009
Let's not mince words: * If you don't support trans people, you're a bad human * If you have to add caveats to your support (e.g. "as long as my kids don't see"), you're one of the worst kinds of human * Trans deserve your *unconditional* support for their humanity
263
304
2K
I read the Trump AI Executive Order (for what little that's worth). If he cared about reducing regulatory burdens in tech, he'd implement a national data privacy law first (or at least in parallel). That would be FAR more impactful. It's also not where the investment $$ are,
1
1
16
What happens when @MalwareJake pokes a stick into AI during real-world situations and risk assessments. You may be surprised, and you’ll definitely be entertained: SAINTCON 2025 - Jake Williams - Findings From Real-World AI Application Assessments https://t.co/FwuCnW9yMH
1
3
5
Why is Microsoft bundling Security Copilot licenses with E5? Clearly because they can't sell it as a standalone product. In other news, E5 costs will certainly go up "due to enhanced value." https://t.co/VERh5VQosP
darkreading.com
The move aims to expand the use of Security Copilot and comes with the launch of 12 new agents from Microsoft at the company's Ignite conference last week.
3
7
70
if u paid anywhere close to $1k or more for a tech bootcamp i absolutely need to talk to u
48
11
311
I spoke with @Williamrt of @ComputerWeekly on NDA bug bounties failing to increase security & the effects of gov disclosure requirements on national security, plus how AI threatens the human expert labor pipeline of tomorrow & why UBI may be our best bet
New- Why bug bounty schemes have not led to secure software https://t.co/YaGVwJbHyB via @computerweekly @k8em0
0
10
17
Yet another reason to block LLMs apps you don't explicitly authorize in the enterprise. Threat actors using malvertising to drive victims to shared chats with malicious instructions. https://t.co/YpKvCIuV1w
blog.breakpointsecurity.pt
How scrolling Reddit led me to find a new (for me) type of malvertising that leverages LLM shared chats to distribute crypto/infostealers targeting MacOS.
1
16
46
At 1200 ET, I'll be diving into React2Shell giving teams actionable advice before an incident ruins someone's weekend... (fun fact, that's not me in the thumbnail, but whatever) https://t.co/GdgTxCNrXG
1
1
17
The day is rapidly approaching when we're going to learn that one of the big AI companies has been taking money to align their LLMs to recommend certain brands (or criticize their competitors). It won't be anywhere near as obvious as Grok and Elon. I'd like to see laws prevent
8
11
86
The Cloudflare outage was caused by a configuration file growing too large. Likely, they were blocking too many scrapers and caused out of memory exceptions parsing the file. I'll be amazed if blocking AI scrapers isn't the outage catalyst. https://t.co/hu6tWNfUN8
theverge.com
What isn’t offline right now?
21
19
118
Thanks for pointing this out Matt. I just updated my bio
835
12K
309K
Oh, my. I hope Google solved prompt injection...
The Agentic SOC is here. 🛡️Introducing the Alert Triage and Investigation Agent in Google SecOps (Public Preview). It autonomously investigates alerts, runs YARA-L queries, and applies @Mandiant expertise to deliver clear verdicts. See how it works: https://t.co/AOyqnFpYla
9
11
144
Holy shit they’ve LinkedInified my shitpost, including a medium article, and tons of ai hallucinated corpospeak, truly a cursed platform
BREAKTHROUGH: I have invented a novel object notation format that provides an additional 71% token savings over JSON and 59% over TOON. I have named it VSC (Values Separated by Comma), patent pending.
287
433
6K
If China is doing so well in the AI race, how come their threat actors have to use @AnthropicAI ??? 🤨
In mid-Sep 2025, Anthropic detected suspicious activity that later investigation determined to be a highly sophisticated espionage campaign conducted by a threat actor assessed with high confidence to be a 🇨🇳 state-sponsored group. The attackers used AI’s “agentic” capabilities
22
24
170
My teenage son is on the cover of the Los Angeles 2028 Olympics Competition Schedule for Sport Climbing. Just 985 days to go!
10
11
236
The Epstein emails call Trump the “dog that hasn’t barked.” He's silent because he knows what's inside. It's time to release the files.
🚨BREAKING: Oversight Dems have received new emails from Jeffrey Epstein’s estate that raise serious questions about Donald Trump and his knowledge of Epstein’s horrific crimes. Read them for yourself. It’s time to end this cover-up and RELEASE THE FILES.
2K
2K
9K
Happy Veterans Day to my husband @TC_Johnson- 20 years in the USAF, 3 deployments, started as a c130 mechanic, moved to Space operations, and then finished his service with the Civil Air patrol, before he retired last year. So proud of my husband the badass 🙂
12
3
269
It would be a huge mistake to keep thinking of China as the same cyber threat actor we were dealing with ten years ago. Let's talk about it. See you on Thursday for a more in-depth discussion. https://t.co/EYP8nJ6YDX
3
15
41
Honestly, here's what I'd like to see with the future of enterprise security in general. At least for organizations who genuinely want to try to make it a priority🧵: 1. Finally accepting detection + response importantly backstops solid prevention but cannot substitute for it.
2
11
32