With Kovvada almost certainly loading...
AP is now set to dent nuke generation & capacity. If oked, Kovvada will host a mega-site with 6× AP1000 reactors — staggering single-location 7.2 GW at build out. India’s total operational capacity is ~8.5 GW
🇺🇸Gen III+ AP1000 PWRs will also diversify current mix of domestic PHWRs & Russian VVER LWRs.
7.2 GW would place Kovvada among the world’s top nuclear power sites by active capacity.
AP is on a mission.
We’re introducing a new GitHub Certified: Agentic AI Developer (GH-600).
As AI agents become part of modern development workflows, this role-based certification focuses on how developers and teams operate, supervise, and integrate agents across the SDLC.
If you’re already working with tools like GitHub Copilot or exploring agent-driven workflows, we’d love your input.
Learn more and get involved. https://t.co/ruiYtlsYnj
Coding Agents as Customer Service Reps
“Software development will become a collaborative process with the users, and the agents will be handling all of it.”
FAMILY DOCTOR REVEALS SHOCKING TRUTH AFTER 33 YEARS:
Sugar:
If everyone cut out sugar for just 30 days, about 80% of all complaints would disappear like magic
Vitamin D:
If everyone took 1000 1.U. of Vitamin D per 11 kg (25 lbs) of body weight, I'd barely have any patients left in my practice.
Omega-3:
If everyone got enough Omega-3 daily, we'd see half as many inflammations in the body.
Magnesium:
If people regularly took magnesium bisglycinate, migraines would almost be a thing of the past.
Gut Health:
If everyone rebuilt their gut health systematically, I'd probably have to sell my suv.
If you’re lost on where to start with AI/ML, this is for you!
A lot of you asked me because everything feels overwhelming at the beginning.
So I put together a simple, beginner-friendly guide.
https://t.co/OwUWMxDfIZ
I didn’t land on this roadmap instantly, I went through a messy phase of YouTube videos, paid courses, GitHub repos, and endless Reddit threads. Most of it just confused me.
These are the resources that finally clicked for me. Not a list of links, just the path I wish someone had given me on Day 1.
If you’re trying to use Wazuh for threat hunting or incident response, stop wasting your time. Wazuh is fine for compliance and system visibility, but that’s where it ends.
If you want to actually see what’s happening on an endpoint and run proper investigations to play around in a lab, use Elastic Stack. Deploy Fleet (which is just one agent install), enable real telemetry, or enable the Elastic Security agent from the integrations console and get actual EDR-level visibility. That’s where you’ll learn something.
Ran security audit on client's AWS account:
- 847 IAM users (company had ~ 220 employees)
- 234 users hadn't logged in for 90+ days
- 89 users with AdministratorAccess
- 47 access keys older than 1 year
- 12 access keys older than 3 years
- root account access keys
Worst finding: S3 bucket publicly readable containing:
- Database backups with customer PII
- API keys to 3rd party services
- AWS credentials
Bucket created in 2021. Public for 4 years.
No breach detected. Just lucky. Hopefully.
Cleaning up took 1 week. Could have prevented disaster.
𝗦𝘂𝗿𝗶𝗰𝗮𝘁𝗮 𝗶𝘀 𝗻𝗼𝘄 𝗽𝗮𝗿𝘁 𝗼𝗳 𝗗𝗲𝘁𝗲𝗰𝘁𝗶𝗼𝗻𝗦𝘁𝗿𝗲𝗮𝗺 𝘄𝗶𝘁𝗵 𝗽𝗹𝗮𝘆𝗴𝗿𝗼𝘂𝗻𝗱𝘀 𝗮𝗻𝗱 𝗰𝗵𝗮𝗹𝗹𝗲𝗻𝗴𝗲𝘀!
Big update for anyone working on network detections.
𝗜𝗻𝗰𝗹𝘂𝗱𝗲𝗱:
• 45k+ ET rules available out of the box
• Full ET Open ruleset preloaded
• Build and validate custom Suricata rules
• Test rules directly in the browser with PCAP uploads that stay in your browser
More updates with challenges coming soon!
Check it out here: https://t.co/uBDwGAX0KC
Read the blog post about it here: https://t.co/AyApo70WHG
Investigation Scenario 🔎
A helpdesk tech reports that after installing an update for a third-party remote management tool, outbound connections to 45.77.XX.XX:8080 from its service started appearing across multiple endpoints. This IP is not part of the vendor's known IP space.
What do you look for to investigate whether the update was tampered with upstream?
#InvestigationPath #DFIR #SOC
Malware spreading via WhatsApp with multi-vector persistence & sophisticated C&C.
Investigation shows the consistent use of Portuguese, which suggest the threat actor’s focus on Brazil.
The most sophisticated aspect of the backdoor is its email-based C&C infrastructure. Rather than relying on traditional HTTP-based communication, the malware leverages IMAP connections to terra.]com[.br email accounts using hardcoded email credentials to connect to the email account and retrieve commands.
https://t.co/KOZrPvNrvT
🛡️Threat Intelligence Update
From https://t.co/LElYRAAzfB intelligence lookup I observed more malicious sites operating behind Cloudflare’s Turnstile CAPTCHA. This tactic highlights how adversaries are increasingly using legitimate services to mask malicious activity, making detection and mitigation more challenging. Stay vigilant and ensure your security controls can identify threats even when they hide behind trusted platforms.🫡
#Cybersecurity #Cloudflare #MaliciousSite
Of the 20+times I've been to Sabarimalai, never did I ever have this view. V had all been forbidden to take snaps nor did we get more than a few seconds to have 'That' glimpse of Him. But I dnt know whether it's good or bad to see him glow majestically. Swamiye Saranam Ayyappa 🙏🏻
🔍 What Analyzing Hundreds of Thousands of Cloud Environments Taught Us About Data Exposure
By Wiz Research Team
Wiz analyzed over 200,000 cloud environments—and the findings are eye-opening. The team reveals just how often sensitive data is left exposed and how attackers can easily pivot between services when misconfigurations go unchecked.
Key insights include:
🔓 60%+ of environments exposed secrets in publicly accessible services
📦 Common pitfalls in S3, EBS, RDS, and Databricks configurations
🧠 Real examples of lateral movement stemming from overlooked service integrations
🛡️ Practical remediations based on attack surface mapping and blast radius control
This isn’t just a scare piece—it’s a deeply technical, data-driven look at the cloud’s most common (and dangerous) security gaps.
🔗 Full article: https://t.co/cVdVnYwSjb
This was first mentioned in AWS Security Digest Issue #209:
https://t.co/qCBPUmugwL