-
Tweets1K
-
Followers287
-
Following278
-
Likes1K
@cyb3rops @MihaPecnik Very well put Florian!
I think AI coding hype follows roughly four stages: 1. Amazement You try it and can’t believe how much code it generates from a few prompts. 2. Expansion You start more and more projects because shipping suddenly feels cheap and fast. This is also the phase where people start convincing everyone around them: - coworkers - management - friends in other companies because nobody wants to “fall behind” in 6–12 months. That creates a massive snowball/FOMO effect. 3. The grind phase You realize the generated code has architectural issues, sloppy mistakes, weird abstractions, duplicated logic, broken edge cases, etc. So you start: - re-prompting - switching models - increasing reasoning effort - reviewing fixes - generating fixes for previous fixes And suddenly you spend your days reviewing AI-generated pull requests instead of building software. 4. Realization You realize AI coding increases output much faster than it increases certainty. The code still needs: - review - testing - ownership - architectural understanding - long-term maintenance Usually by expensive senior engineers. And the interesting thing is: this whole cycle can take many months or even more than a year because people become socially and professionally invested in the narrative themselves. Once teams, managers, and entire companies have been convinced that this is the future, it becomes psychologically and politically very hard to later say: “Actually, the ROI is much lower than we expected.”
This is what we've been seeing with every company we work with. Try justifying spending 100k on token spend when only 18k even makes it to a stable prod feature. In the rush to maximize AI token spend, companies are wasting over 44% on bug fixes
One thing I noticed while benchmarking LLMs on security event data: The models often overfit on narrative plausibility and environmental assumptions. If an artifact looks like a test, lab artifact or pentest remnant, the model may start inventing an "authorized testing" story around it and dismiss the event as a false positive - even when the technical indicator itself is clearly suspicious or intentionally malicious. Examples: - "EDRTest" - "PentestPersistence" - "EICAR_Check" - "InternalSecurityTool" A human analyst can fall for this too, but with LLM-based SOC workflows this becomes interesting at scale. An attacker could intentionally name persistence keys, services or binaries in a way that nudges the model toward a benign interpretation. What surprised me most: The model often correctly understands the technical artifact first ... and then talks itself out of escalating it. This is only one of many weird benchmark-design problems I ran into while testing LLMs on DFIR / detection-engineering data 🙂
@cyb3rops @nextronsystems Big news, congrats Florian!
@HackingDave @Binary_Defense What are the connectors you support? I assume some EDR / XDR / SIEM integrations are necessary to receive telemetry based on which to trigger alarms with NB. How do you position this product - it seems like a mix of SOAR and XDRs?
@nikitabier Need Cybersecurity topic ASAP
@HackingLZ No privacy concerns when applying for it? I paused my application process once I saw it requires biometric data. Maybe we will evaluate the enterprise path instead. However, I handed it over to our legal team for review.
I dont understand this - my experience is different. Are your referring to coding part? I dont use that much. But for CTI work, Claude is far superior than any other model currently. The OSINT techniques and report creations are truly way ahead of GPT or Grok (i dont use Gemini). It seems that Claude understands concepts of Cyber or at least CTI. I was following your posts about degradation, and just yesterday did another CTI Analysis and report creations with exact same prompts between the two, and Claude nailed it with the concepts and structure and the approach - I even used Sonnet for it.
Luckily techniques used to achieve AOBs remain same, because they are limited by the OS capabilities. Detecting malicious behaviour was important, but now will become cruicia. But it is not easy, you truly need to understand underlying systems and architectures, combined with adversary TTP knowledge, to craft such detections that produce high signal and low noise alerts.
Hot take: AI-driven adversaries operating inside your network in 2026 would be EASIER to catch than humans. LLMs hallucinate, can't distinguish honeypots from production assets, and lack adversarial intuition. Deploy deception. This is the one phase where the tech works in your favor. Wrote about it here: deobfuscated.dev/posts/phases-o…
Ivanti EPMM: two pre-auth RCEs (CVE-2026-1281 / CVE-2026-1340) actively exploited. 1,400+ instances still exposed. This isn't just server RCE: EPMM is your MDM control plane. Compromise here is a force multiplier. Patch, assess, hunt. In that order. deobfuscated.dev/posts/ivanti-e…
@auralix4 The one thing that does bother me with Claude is that I run out of context fast and I have to wait. I am on Plus plan though, not on Max, but might consider upgrading if I do decide to cancel ChatGPT sub (I still think that one is useful for more 'social' interactions).
I dont understand these people saying that codex is better than claude code. I literally started building a complete new project with both of them, using same copy/paste prompts. And not only Claude built a true-working application, but just the experience of building it - how it guides you with what it is doing, and asking you questions - is whole next level compared to Codex. I have to assume you guys are trolling, or just building some small-scale apps or scripts. Once I finished the project (completely vibe-coded with Claude, since codex couldnt produce working versions and many UI bugs), I duplicated the files and asked Codex to review the codebase and propose improvements. It did propose some tweaks and 'optimizations', but what it built, it broke the entire app, which wont launch. I guess this is just another perspective - and I hope someone actually does YT video side-by-side comparison, using exact same prompts to build a medium-scale app (lets say 10k LOCs) from scratch, so that we can all see more objective perspective. I use Claude Code in VS Code.
@sama Any improvements planned for Codex App, such to make it more like IDE? Feels weird that you cant actually see any code in the app. What about support to open the project in VS Code? Currently I only see Cursor as option.
The #Notepad++ supply chain attack had 3 infection chains over 6 months - each with entirely different IOCs. Most defenders only scanned for Chain #3. I dug into the #WinGUp source code and built a threat hunt playbook for what the IOC lists miss. deobfuscated.dev/posts/notepad-…
@joshm @diabrowser @browsercompany All nice and great, but we still ned SPACES on Dia. So cumbersome everyday to switch between profiles... was so seamless with Arc Spaces.
Mobile app. Some stuff we need extensions for to be built-in to Dia (adblocks, true-privacy pwd manager, Dia email, instead of reading other providers content, ..). Basically, make Dia one stop shop for everything and not rely on third-party software to extend those features which are typically used in browser (mail, pwd, adblocks, notion, …)
@joshm @puhlkit @ParkerOrtolani Fluidness and UX - UI design. AI is just nice to have. I also like the speed of the browser.
𝖈0𝖗𝖊𝖉𝖚... @c0redumped
3K Followers 2K Following Will be active at https://t.co/SBpInKIhAJ and mastodon https://t.co/6VCYi54iRS Same name ;)
b1t w1zArd @b1t_w1zArd
37 Followers 2K Following
Jorge Gibbs @V4ltzz
392 Followers 2K Following 🇲🇽 Cybersecurity professional | SOC Analyst | CTF player | DFIR, Threat Intelligence | I like to think like an attacker | Opinions are my own
Bodo_bushman @bodo_bushman
2 Followers 120 Following
Siya Lee @Imorou0884
13 Followers 302 Following
theonexc @theonexc1
0 Followers 5K Following
CyberSpooon @CyberSpooon
86 Followers 528 Following Incident Responder. I also like lifting and coffee.
Sa9lo @S49L0
0 Followers 2K Following
fatima2026 @fatima202606
2 Followers 529 Following
Rho @RhoMairabo
6 Followers 273 Following
spencer @techspence
17K Followers 3K Following 🛠️ Former Sysadmin, now Pentester | Microsoft MVP | Helping IT teams make their environment harder to attack | @SecurIT360 & @CyberThreatPOV
𝙽𝙴𝚃𝚁𝙴�... @netresec
9K Followers 851 Following Creators of #NetworkMiner, #CapLoader, #PolarProxy, #FlowCarp and #RawCap. https://t.co/CZliuI7uGK https://t.co/vC5XlufvIJ
trojan @Tr0jansec
10 Followers 243 Following THM Top 2% ~ SOC Analyst ~ Certified Ethical hacker ~ Bug bounty hunter
Szabolcs Schmidt @smica83
4K Followers 498 Following Threat Intel Specialist and Incident Responder. Private account. All opinions expressed here are mine only. https://t.co/7dQQO1JwUd
ThreatOpsX @ThreatOpsX
23 Followers 247 Following
Hex01 @Hexsn1per
229 Followers 5K Following I don’t break rules. I study why they exist and I listen to system until they confess. God is Great.
Elastic Security Labs @elasticseclabs
6K Followers 726 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
AmmarOsama @Ammar_Osama101
6 Followers 143 Following
lys @ly7ine
1K Followers 2K Following Freedom of Information for all people! Certified Red Team Sloperator. Call me for a good time 719-567-6742.
CyberChick @warriors_mom
14K Followers 15K Following Military family. CEO, Christian, Conservative. Cyber Done Right! We Are The Decentralized Internet 🛜 ✝️ Defend Digital Freedom https://t.co/eK0qOO0c2G
Magnus Bergenram @HomeMagnusB
15 Followers 1K Following
Anglo Sigma @AngloSigma
444 Followers 4K Following Dad Wagie Farmer Founder Engineer Architect 🇺🇸 Free Market Capitalist
HERMON @HERMON32306469
0 Followers 118 Following
ITs'aaMeCheri @jolybacon1
7 Followers 464 Following
Duane @duanegran
763 Followers 4K Following Infosec, geek, he/him. I tweet about technology and culture. Occasionally I do so with wit.
SupItsWill @SupItsWill1
211 Followers 7K Following
tjepl @tjepl
225 Followers 3K Following
Knran II @kranankm
39 Followers 569 Following
Adam @AdamMooney97
25 Followers 433 Following
Sun_K @sunbelt_kerio
37 Followers 1K Following
Case @DiskBreaker
3 Followers 393 Following
NN @notmenothem
8 Followers 835 Following
Bones 🏳️🌈�... @drb0n3z
4K Followers 7K Following Co-Owner of @VIP_Wrestling / Trained ref @dfw_all_pro / Cybersecurity / Nerd / 100% disabled vet / Opinions are invalid
Vishal SR @vishal__sr
89 Followers 464 Following infosec | endpoint security | uems | cricket | BSOD
alexandre cunha costa @alexand88374567
87 Followers 2K Following
Cyber Nauta @MarocNauta
167 Followers 7K Following
NASA Moon Base @NASAMoonBase
71K Followers 33 Following Building humanity's first outpost on the lunar surface.
Candor @Caaandor
5K Followers 3K Following Graphic Designer @bumgieofficial // @ateliernode7 // @MarathonTheGame Creator // 1/2 of the Marathon Rat Designer Duo 🐀 ❤️ @UnluckyRose • .00223
Ziegler @Ziegler_Dev
77K Followers 31 Following Game Director - MARATHON , Former Game Director - VALORANT. My statements and views are my own and do not reflect those of any current or past employer.
Bungie Store @BungieStore
474K Followers 37 Following Gear, accessories, and collectibles worthy of Guardians. For Customer service: https://t.co/aH6CozIwHP
Marathon HQ @MarathonGameHQ
11K Followers 7 Following //// Your Headquarters for everything @MarathonTheGame //// Welcome to Tau Ceti IV
Bungie @Bungie
2.6M Followers 331 Following News, updates, and community love from the developers of @DestinyTheGame and @MarathonTheGame. For status updates about the game, follow @BNGServerStatus.
Marathon @MarathonTheGame
172K Followers 5 Following Infil into the dark sci-fi world of Tau Ceti IV. From the makers of Halo and Destiny. Content shown may need purchase. Dates/Content may change. ESRB: Teen
NVIDIA @nvidia
2.6M Followers 47 Following The official handle for NVIDIA. Blog: https://t.co/JAn5eKOTBT Support: https://t.co/6ln5FVnA2o All our social media: https://t.co/Uc56dL57Dh
Kostas @Kostastsale
20K Followers 394 Following I like building things that solve real problems, working across cybersecurity, product, and research | 🇬🇷🇨🇦
Path of Exile @pathofexile
413K Followers 288 Following Path of Exile and Path of Exile 2 are Action RPGs from Grinding Gear Games, set in the dark fantasy world of Wraeclast. Available on PC and Consoles.
ARC Raiders @ARCRaidersGame
335K Followers 11 Following A multiplayer, extraction adventure, set in a lethal future Earth, ravaged by a mechanized threat known as ARC.
Orion Browser ✴︎ ... @OrionBrowser
2K Followers 16 Following On macOS, iOS, iPadOS, Linux and Windows soon™. Supporting Chrome, Firefox and Safari extensions on mac. Limitless customization. Privacy by default since 2021.
DogeDesigner @cb_doge
1.9M Followers 1K Following
SpaceXAI Memphis @SpaceXAIMemphis
28K Followers 11 Following
Jared Isaacman @rookisaacman
407K Followers 455 Following Keeping busy on and off the planet. Personal account. Follow @NASAAdmin for official updates as I serve under POTUS as NASA Administrator 🇺🇸
Cyber Security News @The_Cyber_News
67K Followers 285 Following World’s #1 Largest Cyber Security News 📰 Platform For Security Professionals. Get Latest #CybersecurityNews #HackingNews, #Cyberattack, #Threats & #breaches
Fox_threatintel @banthisguy9349
16K Followers 288 Following Just a person who is against cyber crime and dictators like Putin
Matic Jerman @JermanMatic
21 Followers 289 Following
Squiblydoo @SquiblydooBlog
5K Followers 98 Following Creator of Debloat and https://t.co/tIYqmw6pxt Support: https://t.co/l9kCPRoD2y Join the Debloat/CertGraveyard discord: https://t.co/ZcWIqa6ZA9
Dirk-jan @_dirkjan
30K Followers 207 Following Hacker at @OutsiderSec. Researches AD and Azure (AD) security. Likes to play around with Python and write tools that make work easier.
Claude @claudeai
1.6M Followers 2 Following Claude is an AI assistant built by @anthropicai to be safe, accurate, and secure. Talk to Claude on https://t.co/ZhTwG8dz3D or download the app.
Anthropic @AnthropicAI
1.5M Followers 2 Following We're an AI safety and research company that builds reliable, interpretable, and steerable AI systems. Talk to our AI assistant @claudeai on https://t.co/FhDI3KQh0n.
Ivan Krstić @radian
12K Followers 870 Following Head of Security Engineering+Architecture (SEAR) at Apple. I don’t speak for my employer.
Aikido Security @AikidoSecurity
12K Followers 1K Following Secure everything devs build, ship & run. 🌐 https://t.co/xLANl2VLwq ⭐️ https://t.co/qEhI9gQLeo Get developers back to building.
Dinohacks @nhegde610
789 Followers 3K Following Researcher. Malware Analyst. Part time threat hunter. Part time blogger and passing interest in AI
Karsten Hahn @struppigel
26K Followers 781 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Varys @_ChezDaniela
3K Followers 6K Following Somewhere in between foodie, wine lover and security geek Python 💙|Personal tweets|GSNA/GPEN/GCFR | cancer survivor
Igor Babuschkin @ibab
110K Followers 885 Following CEO & Co-Founder @river_ai_inc. Previously @xAI, Research & Engineering
eric zakariasson @ericzakariasson
78K Followers 589 Following @cursor_ai & tinkering. https://t.co/udyDUjFI0i
Dia @diabrowser
30K Followers 1 Following Meet Dia, the AI browser that brings your tabs to life. From your friends @browsercompany
Mike Shinoda @mikeshinoda
942K Followers 8 Following New Album From Zero Out Now | @LinkinPark | @FortMinor | @ZigguratsNFT | https://t.co/9zlrpVAxUa | Text: 310.935.0302 | https://t.co/5vMS2mp3yL
Critical Thinking - B... @ctbbpodcast
26K Followers 87 Following A 'by Hackers for Hackers' podcast focused on technical bug bounty content. Exploits, techniques, stories, bounties. Hosts: @rhynorater, @rez0__, @gr3pme
mokusou @Mokusou4
713 Followers 180 Following ✝️ | 🇯🇵 | bug bounty hunter |🗣 日本語, English, Français | So Sakaguchi
Justin Gardner @Rhynorater
38K Followers 2K Following Christian | Full-time Bug Bounty Hunter | Host of @ctbbpodcast | Advisor @CaidoIO | 4x LHE MVH | 🗣️ English, 日本語 | ♥️ @mariahchan_ ♥️
Zen @zen_browser
28K Followers 7 Following Welcome to a calmer internet. → 🔗 https://t.co/PRmlkqzjHW → 💚 https://t.co/mBbJVZXcvu → 📦 https://t.co/zFmm8WqfgT
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Mehmet Ergene @Cyb3rMonk
14K Followers 454 Following Learn Threat Hunting, Detection Engineering, DFIR, and KQL https://t.co/uAlYlXIXot @BluRavenSec Microsoft Security MVP #ThreatHunting #DataScience
sixtyvividtails @sixtyvividtails
4K Followers 400 Following Currently working as an independent GUID merchant. Fully licensed. I acquire, produce, and sell high-quality GUIDs.
Graham Helton (too mu... @GrahamHelton3
12K Followers 662 Following senior red team engineer @snowflake | former grocery store bagger He/him :wq!
JS0N Haddix @Jhaddix
177K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec






















