@disintegr8te

Without Confirmation Defender signature 1.449.424.0 looks to detect two DigiCert public root CAs as Trojan:Win32/Cerdigent.A!dha — thumbprints DDFB16CD4931C973A2037D3FC83A4D7D775D05E4 (DigiCert Trusted Root G4) and 0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43 (DigiCert Assured ID Root CA).

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

Told you yesterday. The average people in the U.S. and around the world have no clue what’s going on with the massive USAF🇺🇸 & US Navy build up related to Iran 🇮🇷. They will wake up the next morning and suddenly the U.S. is at war. That’s why I yesterday showed my respect and thanked the OSINT Community on X!

Everyone freaks out that AI can build beautiful websites in seconds But what only a few people see: we’re heading into a world where you don’t need websites anymore. Who needs a website when an agent can book a table, reserve cinema seats, fill out forms, pull facts and just get stuff done ..straight from markdown, APIs or MCP servers? People think „AI = prettier UI“ and “AI writes code a human can read and debug”. That’s still the human-in-the-loop phase. The final phase is: human isn’t in loop anymore. Agents will use different inputs, different protocols, different paths from problem to solution. A lot of the software we built mainly to be usable for humans in the middle - it’s gone in five years. Maybe sooner

OpenAI now requires government ID verification to use GPT-5.3-Codex for cybersecurity work. - https://t.co/X6rTCVDPXb GPT-5.3 and Opus 4.6... AI cybersecurity capabilities have reached the critical point where they need to be properly safeguarded. OpenAI built a tiered trust system with automated classifiers monitoring for suspicious cyber activity in real-time, an invite-only tier for researchers, and $10M in API credits for defensive teams. Prediction: 1️�� Google DeepMind and Anthropic will follow and implement KYC to access the risky capabilities of their frontier models. 2️⃣ Today's frontier models will become just a model in 6 months, with open access to everyone. But they won't become less capable. 3️⃣ The labs will continue doubling down on safety guardrails and making AI able to protect from AI Source: Ilya Kabanov