THIS GUY AUDITED 926 CLAUDE CODE SESSIONS AND FOUND MOST OF THE TOKEN WASTE WAS ON HIS SIDE
everyone is blaming anthropic for the limits, so he decided to actually look at the data
858 sessions, 18,903 turns, and $1,619 estimated spend across 33 days
here's what he found:
1\ one default setting was burning 14,000 tokens per turn
Claude Code loads the full JSON schema for every tool into context at session start. whether you use them or not. 20,000 tokens of tool definitions sitting there on every single turn.
the fix: one line in your settings.json
"ENABLE_TOOL_SEARCH": "true"
context dropped from 45K to 20K instantly. across 858 sessions that one setting was wasting an estimated 264 million tokens
2\ cache expiry is the single biggest waste
54% of his turns came after a 5+ minute idle gap.
every one of those turns re-processed the entire conversation at full price which caused a 10x cost jump
you go grab coffee. come back 5 minutes later. type your next message. everything rebuilds from scratch. the context didn't change. you didn't change. the cache just expired.
12.3 million tokens wasted on idle gaps alone
3\ 42 skills loaded. 19 of them used twice or less across 858 sessions.
every one of those skill schemas sat in context on every turn eating tokens for nothing.
4\ 1,122 redundant file reads where the same file was read 3+ times
one session read the same file 33 times.
he ALSO built a full token auditor dashboard that shows you exactly where your waste is coming from
19 charts, opens in your browser, free AND open source
CVE-2025-55680 cldflt.sys EoP exploited in TyphoonPWN 2025
A direct bypass of @tiraniddo 's bug from 2020 (https://t.co/rufFO8D4dj) unpatched for 5 years
“The largest supply chain compromise in npm, Inc. history just happened, packages with a total of 2 billion weekly downloads just got turned malicious”
LinkedIn Post
https://t.co/dJ0tlPrSBJ
More info on hacker news
https://t.co/uncwjtFgxT
🚀 Just launched ShadowSeek at Black Hat Arsenal 2025! This new AI-powered binary security analysis platform is set to change how we find vulnerabilities in closed-source code.
Try here: https://t.co/bqQ1e9zFA8
#BinaryAnalysis#ReverseEngineering#LLM#Ghidra#SecurityResearch
NVIDIA research just made LLMs 53x faster. 🤯
Imagine slashing your AI inference budget by 98%.
This breakthrough doesn't require training a new model from scratch; it upgrades your existing ones for hyper-speed while matching or beating SOTA accuracy.
Here's how it works:
The technique is called Post Neural Architecture Search (PostNAS). It's a revolutionary process for retrofitting pre-trained models.
Freeze the Knowledge: It starts with a powerful model (like Qwen2.5) and locks down its core MLP layers, preserving its intelligence.
Surgical Replacement: It then uses a hardware-aware search to replace most of the slow, O(n²) full-attention layers with a new, hyper-efficient linear attention design called JetBlock.
Optimize for Throughput: The search keeps a few key full-attention layers in the exact positions needed for complex reasoning, creating a hybrid model optimized for speed on H100 GPUs.
The result is Jet-Nemotron: an AI delivering 2,885 tokens per second with top-tier model performance and a 47x smaller KV cache.
Why this matters to your AI strategy:
- Business Leaders: A 53x speedup translates to a ~98% cost reduction for inference at scale. This fundamentally changes the ROI calculation for deploying high-performance AI.
- Practitioners: This isn't just for data centers. The massive efficiency gains and tiny memory footprint (154MB cache) make it possible to deploy SOTA-level models on memory-constrained and edge hardware.
- Researchers: PostNAS offers a new, capital-efficient paradigm. Instead of spending millions on pre-training, you can now innovate on architecture by modifying existing models, dramatically lowering the barrier to entry for creating novel, efficient LMs.
Series on fuzzing open source software using fuzzuf by @RicercaSec
https://t.co/hqhtJFcWef
https://t.co/nd6EOhdaF1
https://t.co/Uib3p7mLJI
https://t.co/7FwDlO6HW9
#fuzzing#cybersecurity
Just published my latest blog on MCP & Security! Check it out and let me know your thoughts. 🚀🔒
https://t.co/efcp1OHp2r
#CyberSecurity#MCP#infosec#AI
tmpout vol3 - article a day #14
"rain king - silent syscall hooking on arm64 linux via patching svc handler"
wintermute shows us an interesting way of hooking syscalls that isn't commonly detected!
read here: https://t.co/owHhPmbNjF
So far I've written 559 pages to help the security community:
1. https://t.co/CqJcmTzygA
2. https://t.co/49XWAoYgb9
3. https://t.co/eVgSSSzBhQ
4. https://t.co/5b3zrZMZXk
5. https://t.co/JMqvn2wK67
6. https://t.co/7WKSDijTIb
7. https://t.co/V3rw0gSZfu
8. https://t.co/2Hv0XLMuqU
🚨🚨🚨 Whatever you were thinking about CVE-2023-20198 (#Cisco IOS EX) it's 100x worst.
We used @TalosSecurity IOC check and found ~30k implants.
That's 30k devices infected (routers, switches, VPNs), under the control of threat actors.
That's excluding rebooted devices.