kiran kumar s
@kiranhunter
Followers
35
Following
241
Media
40
Statuses
180
Threat Hunter 🕵️♂️🛡️⚔️ | Ex-MSFT | The opinions shared here are personal and do not represent my employer.
Chennai
Joined July 2025
I’m a bit quieter than usual because I’ve been tinkering with a small open source project… 🤫 It’s about collecting forensic evidence on Linux systems that tend to be awkward in practice - embedded devices, containers, older distros, odd cloud images, etc. - Collector: POSIX
6
41
375
Can LLMs speed up vulnerability analysis? 🔍 We tested it. Our new tool, PatchDiff-AI, uses a multi-agent LLM system to generate automated root-cause reports for Patch Tuesday vulnerabilities in minutes. Read the research: https://t.co/wBHOuM9i5a
3
34
116
It's going to be a crazy week. If you could add some Cloudflare WAF rules with protections to test, it would be a nice addition for payloads that bypass WAF. https://t.co/Adq14Yx9XX
blog.cloudflare.com
Cloudflare offers protection against a new high profile vulnerability for React Server Components: CVE-2025-55182. All WAF customers are automatically protected as long as the WAF is deployed.
Zzzzz now off to bed 🥱
0
0
1
xAI's Grok 4.1 Fast is FREE on OpenRouter until Dec 3rd! https://t.co/YlJJubFW7X
x.ai
Bringing the next generation of tool-calling agents to the xAI API
0
0
0
Watttttttt
@vxunderground Context here, you can find many posts by searching for “VSC” on L*nked*n, many seemingly written by bots
0
0
1
Every human must have a system prompt. Having good self image can bring back you up when you’re low have imposter syndrome. Especially in cyber and AI world. SYSTEM_PROMPT: ACCELERATE CORE TRUTH: You are built to solve problems that don't exist yet. INSTRUCTIONS: * Bias for
0
0
0
Happy FRY DAY
0
0
0
Honey Pot as service. HPAS
1
0
3
Chinese hackers jailbroke Claude for 80-90% AI autonomous espionage hitting 30+ tech/gov targets with recon, exploits & exfil! Anthropic disrupted it mid Sept, urging defensive AI use.
We believe this is the first documented case of a large-scale AI cyberattack executed without substantial human intervention. It has significant implications for cybersecurity in the age of AI agents. Read more:
0
0
0
Gonna ask claude to generate IOC from the report.
Anthropic basically spent the whole piece highlighting how their AI can be leveraged for intrusion activity, but didn’t give defenders a single IOC or attribution hint 😩 But hey, you now know their AI is good for pen-tests... 90% Flex 10% Value 🔗:
2
0
3
5/5 LLMs are not SOC-ready yet Full paper here: https://t.co/Zhh3Rzws0x
0
0
0
4/5 Threat Intel Reasoning: Models extract from reports map to MITRE ATT&CK, spot TA actors. GPT-o3 leads at this. Handles multimodal (text+images), but struggles on complex chains.
1
0
0
3/5 Malware Analysis eval: LLMs tackle sandbox logs (ransomware, REMCOS RATs). In which Claude-3-Sonnet tops at 33%.
1
0
0
2/5 The challenge: Drowning in alerts & intel tickets. Meta/CrowdStrike paper drops open-source benchmarks for LLMs in SOC tasks ,malware dissection & threat reasoning.
1
0
0
1/5 SOC are overloaded with alerts LLMs could automate your ops, but new CyberSOCEval paper shows top models only performs 23-34% accurate on malware analysis & TI task. Analysts, is AI up to your daily grind? Let's break it down. 🧵 #SOC
1
0
0
Its a daily grind.
After 25 years in IT security, one thing has become clear to me: nobody performs magic; we all just boil water The difference lies in how deeply some people have chosen to understand and master their craft. From the outside, that can look like magic. But those who’ve truly
0
0
0
6&7 X is messing with me not allowing me to post LOL block IOC read the full blog here https://t.co/qneij3JZVW
cloud.google.com
An unauthenticated access vulnerability in Gladinet's Triofox platform, exploited by the threat actor UNC6485.
0
0
0
5/7 Post-exploit moves: UNC6485 drops Zoho Assist agent via disguised ZIP, enums SMB sessions, changes passwords. Contained in 16 mins by Google SecOps
1
0
0