This is a stand out part of this piece by @tqbf for me. Prompt Engineering is kind of a fluff word at this point. But Context Engineering is where I spend most of my time. I've been talking to @DanielMiessler about everything boiling down to context and scaffolding for a bit

Part 2 of @DomainTools research is out: Inside the Great Firewall Part 2: Technical Infrastructure https://t.co/RrCCR3muN3

I've been watching the Vertex analysts game this out, and I have to say... It's gonna be LIT 💚

My team's Great Firewall dump deep dive part 2, on the GFW technical infrastructure, is now up! As before, not my research, but reading and editing it and going through the details left me shaken as far as capabilities go. #geopolitics #cybersecurity

Microsoft casually patched CVE-2025-59287 last week, which is an easy to find & exploit pre-auth RCE in the WSUS! Mind that, vulnerable versions go back to 2012 (oldest still supported OS ver.). Yeah Microsoft invented SDLC yada yada, but can someone explain that? It's not even a

Shout out to Silobreaker for putting out *really* well-done weekly geopolitical briefs that provide substantial, timely, and relevant analysis without feeling like a chore to make time for. #threatintel #infosec #cybersecurity https://t.co/QZCqxJAweN https://t.co/fm2aydUHwb

Hey folks, just a reminder I'll be at BSides NoVA this weekend, giving a talk on DNS and domain intel in investigative journalism! It's an intersection of passions for me, so I'm wicked excited. https://t.co/TK6vemSg8O

This Phrack timeline of the Kimsuky dump is wiiiiiiild. https://t.co/XtUN8c1IQF (we did some deeper analysis of the dump, linked below, but wow...) ( https://t.co/7vVR7VncAb )

If you need something to read this morning, we published research on Friday around an activity cluster targeting 18+ interests, especially gambling and porn. Well. Also tax websites. Which I suppose is an adult interest. Sigh. #threatintel #infosec https://t.co/EoFM9cDEC3

Prompt||GTFO events have been extremely educational for me as an AI skeptic, as well as fun and entertaining. Worth checking them out. Google Form for getting the invite (or applying to present): https://t.co/Pbjyg6cUfN LinkedIn post with more info: https://t.co/tDNKBiWbtv

We been doin some fun stuff lately even more fun stuff coming soon. Feels like I've reached a place where around every corner lies a fascinating rabbit-hole, especially thanks to my teammates.

Been a while, Twitter. Everybody okay?

Trapper-Creeper

LABScon 2025, the movie 🎥 https://t.co/U2cKgqCGN0

The pattern is simple: - Dev gives vague instruction - AI has production access - Literal interpretation - Catastrophic damage Your SOC won't flag it. Your SIEM won't alert. The attack comes from inside, from tools you authorized.

Introducing a new attack vector: AI-Induced Destruction. After a shared volume of incident responses, we can confirm: AI coding assistants are now a legitimate threat category. Not sci-fi. Not theoretical. Happening daily. Thread (1/4)

CyberAv3ngers: From Infrastructure Hacks to Propaganda Machines in the Iran-Israel Cyber War https://t.co/AYNLVbex3T @DomainTools

Looking for smart reads & listens in cyber? @Neurovagrant shares what’s buzzing on our team’s radar this week: 🎧 @MaltegoHQ's Human Element 📚 @citizenlab 📰 @NextgovFCW 🔍 @threatinsight Full list 👉

DTI reveals a phishing campaign targeting defense and aerospace firms linked to the Ukraine conflict. The infrastructure uses mail servers to spoof organizations and steal credentials, motivated by cyber espionage. https://t.co/uh5cArj8JT #Ukraine #phishing #CyberEspionage

.@neurovagrant shares his top cybersecurity picks: podcasts, blogs, research papers, and more! Starting with "To Catch a Thief: China's Rise to Cyber Supremacy" by @nicoleperlroth. Episode 1 features @DAlperovitch. Three episodes out now! https://t.co/2ijFiNJj9M