Ex google engineer acaba de soltar un curso completo de 1 hora para construir agentes de IA que se mejoran solos, desde cero:
00:00 – Cómo nace un agente que se construye a sí mismo
03:01 – soul.md: el archivo que lo controla todo
30:16 – RAG inteligente: solo traes 20 mensajes relevantes, no los 2.000
31:48 – El loop que sabe cuándo parar solo
35:14 – Detectar el error y arreglar el prompt en el momento
50:22 – Cómo Claude comprime y optimiza tu memoria automáticamente
1 hora de contenido práctico que vale más que la mayoría de cursos de pago sobre agentes.
Míralo completo, guárdalo📚
Este repositorio es una joya. Te da todos los pasos e instrucciones para proteger y asegurar tu servidor Linux.
Perfecto por si tienes un servidor propio o VPS:
https://t.co/yJD2GnXFPj
I wrote a Tool to detect MongoBleed exploitation in MongoDB logs 🩸
The detection logic is based on @eric_capuano's excellent research: the exploit makes thousands of connections but never sends client metadata. Legit drivers always do.
https://t.co/0AZeQIDu6j
Features:
- Pure bash/jq/awk - no agents, runs via SSH or on forensic copies
- Streams large logs without loading into memory
- Handles compressed .gz rotated logs
- IPv4 & IPv6 support
- Configurable thresholds
- Risk levels: HIGH/MEDIUM/LOW/INFO
- a Python based wrapper that takes a host list as an input and runs the script on a set of remote systems
The sub folder ./example-logs contains a Mongod.log of an exploited system
MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB
- unauthenticated memory disclosure
- public POC, trivial to exploit
- leaks creds, tokens, cloud keys straight from RAM
- huge exposed surface on the internet
Good writeups and technical details here:
https://t.co/LgK4RABmJu
https://t.co/DWtByJQ3au
https://t.co/LUwfnF6uXG
Patch fast, rotate secrets, and assume exposed instances were scanned(!)
@kotka2457 if you're wearing a suit, then tropical wool. if you're wearing a sport coat, then mock leno in the summer or tweed in the winter. all three of these materials are naturally wrinkle resistant, which is useful for travel.
Totally unnatural work flow. The gentleman in this video clearly has no idea how the elderly (as he references, "Grandma") use technology.
Here is a more realistic approach.
1. Grandma notices font is too small. She has a difficult time seeing and/or reading the text.
2. Grandma incorrectly asserts Mark Zuckerberg, CEO and Founder of Facebook (now Meta) has developed this computer and blames him for defaulting to such small font. "Ugh, that idiot Zuckerforge* makes the text too damn small. Nobody can see this!"
3. Grandma picks up the laptop and places the camera directly up to her mouth and says, "Alexis, make the font big". When nothing happens she raises her voice, "ALEXIS, MAKE THE FONT BIG". Alexis doesn't respond.
4. Grandma, becoming increasing frustrated, remembers that Alexis is for Amazon, not Microsoft, so she corrects herself. "Siri, make the font big, please". She anxiously waits for a reply but nothing happens again. "SIRI MAKE THE FONT BIG". Siri ignores her pleas.
5. Grandma, exhausting all options, decides to call her children and/or grandchildren for assistance. The conversation begins discussing technology but quickly derails into something else such as the weather, sports, trivia, or (most likely) family gossip.
6. Grandma concludes her troubleshooting by calling Mark Zuckerforge a "stupid Italian" (she falsely believes he's Italian) and decides to stop using the device. Grandma is deeply prejudice to Italians because of an argument she got into with an Italian couple in 1973
#WeekendDieShots!
Thanks to @RetroNora7734 for sending over some Russian ICs. Today, I started with the 16K × 1-bit Dynamic RAM made in Moldova probably at “Mezon” factory.
A 🧵…
The lid was really solid… had to open it like a fish can…
What happens between pressing power and seeing Linux? This post explains it in plain English so weird boot issues finally make sense.
https://t.co/K3Xto0OVeY
As detection engineers we are limited by the capabilities of the tooling we work with, be it the query language or the collected telemetry and even our own knowledge of topics.
The way one models a detection is also directly influenced by their role in the chain, the type of detections they are building and the targeted audience / product.
A couple of questions you might ask are:
- Are you Servicing a single client or multiple.
- Are your detections alerts or are they building blocks for and serve as signals.
- Are you building detections for one product or are you ingesting multiple points and correlating them.
And many more
Now the question is, should you limit your thinking to the limits of your tooling / telemetry or should you expand beyond that?
The answer is the latter. While your output might be limited by those constraints, your understanding should not be.
Instead of running a malware and "checking the logs", and grabbing the strings you "feel" are best/unique.
Dig deeper, into the inner workings. Understand how telemetry is generated and what are the triggers.
Instead of checking if there's a log. Change the mentality to something like "there should be 5 events generated when this occurs, from these providers". And when they are not, understand why.
Learn how to think in telemetry, operations and signals, and most importantly beyond your tooling.
If you work in DevOps read this post-mortem. If you don't work in DevOps, send this to your coworkers that do. Trust me, it's important they read this.
https://t.co/GJZzlEm5a2
In 2020, I solved a gnarly reverse engineering challenge in PlaidCTF. Only 9 teams solved.
It's a huge pile of Typescript. Everything is named after a fish.
The catch? There's no code, only types. How do they perform computation using just the type system?
(Spoiler: Circuits!)
The Russians are outnumbered in FPVs and repurpose downed Ukrainian FPVs.
Now they complain that these are often infected with computer viruses.
Variants include burning out the USB port, preventing reflashing, or hijacking the repurposed FPV and revealing the operator location.
I am excited to announce the first conference dedicated to the offensive use of AI in security! Request an invite at https://t.co/8b06FXfVQB.
Co-organized by RemoteThreat, Dreadnode, & DEVSEC.
The Call for Papers opens Tuesday, March 25, 2025, and will remain open until Friday, July 18, 2025. Talks will include:
- Autonomous AI-based security testing
- Semi-autonomous offensive cyber operations
- AI-based vulnerability research and discovery
- Exploit development acceleration using AI
- Offensive security tool and capability development with AI
- AI-based target identification and analysis
- OODA workflows and multi-stage orchestration
- Offensive agentic AI frameworks and specialized models
Thank you to @Dreadnode for providing the initial seed funding boost to help make this dream a reality!
Tracked by Microsoft as Blizzard threat actor groups, Russian threat actors launch campaigns with intelligence gathering and espionage as their main motivation. Their campaigns focus on industries that can provide them access to intelligence related to support for Ukraine, such as government, non-government organizations, IT, and education.
Notably, the Russian threat actor Secret Blizzard has been observed to use techniques and infrastructure associated with other threat actors. Secret Blizzard used the tools and infrastructure of at least six other threat actors, both state-sponsored and cybercriminal, in their espionage operations. As @sherrod_im discusses with Microsoft security researchers in this podcast episode, while the technique allows Secret Blizzard to establish a foothold on networks of interest with relatively minimal effort and prevent proper attribution, the dependency on another threat actor’s operational security may also result in unintended exposure of Secret Blizzard activity.
Read our blog posts on Blizzard threat actor groups here: https://t.co/YlfYPJ8obP
Listen to their discussion on Russian nation-sponsored threat activity in this episode of the Microsoft Threat Intelligence podcast: https://t.co/NtY04tnKEf