John (@bigbadw0lf) — bluesky.baby

I would like to throw my hat into the ring for DDG-X.

Burke++

22.12.2025 23:05 👍 1 🔁 1 💬 0 📌 0

What’s the over / under on how many Renhai‘s will be put to sea before this is canceled.

22.12.2025 22:47 👍 1 🔁 0 💬 1 📌 1

Like cmon

06.11.2025 13:33 👍 2 🔁 0 💬 0 📌 0

Was on my morning run and while listening to Words to Me by Sugar Ray I realized if you change the chorus to “Xi sings these words to me” it’s a song about the CCP working for reunification with Taiwan.

06.11.2025 13:31 👍 2 🔁 1 💬 1 📌 1

a man wearing a blue shirt that says #out on it ALT: a man wearing a blue shirt that says #out on it

16.10.2025 22:22 👍 2 🔁 0 💬 0 📌 0

what are we without the sauce

16.10.2025 22:16 👍 6 🔁 2 💬 1 📌 0

a man in a black shirt is standing in front of a white container ALT: a man in a black shirt is standing in front of a white container

16.10.2025 22:14 👍 4 🔁 0 💬 1 📌 0

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign Mandiant and Google have identified “Brickstorm,” a sophisticated, suspected China-linked hacking campaign targeting U.S. tech firms, legal organizations, and BPOs. The operation often goes undetected...

🚨🚨🚨 Google released a report on "Brickstorm" this morning — a next-level, suspected China-linked campaign targeting U.S. firms. Ultra-stealthy, 400+ day dwell times, focus on stealing IP, finding zero-days, and focused on long-term cyberespionage. cyberscoop.com/chinese-cybe...

24.09.2025 14:03 👍 68 🔁 48 💬 8 📌 1

a close up of a woman 's face with a purple shirt on . ALT: a close up of a woman 's face with a purple shirt on .

Not me losing my mind tracking ORBs lalalala I can't hear you over the sound of how many darned ORB networks there are 🫠

20.05.2025 11:03 👍 16 🔁 4 💬 2 📌 0

Patched IOT devices?

What a quaint idea.

20.05.2025 11:47 👍 1 🔁 0 💬 0 📌 0

Could I offer you another type of compromised network appliance in this trying time?

20.05.2025 11:30 👍 1 🔁 0 💬 1 📌 0

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs | Google Cloud Blog Russian government-backed group COLDRIVER is using LOSTKEYS malware to steal files and system information from NGOs and western targets.

I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.

cloud.google.com/blog/topics/...

07.05.2025 14:13 👍 18 🔁 14 💬 1 📌 1

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

Hot off the press is a new blog detailing our observations from in the wild exploitation of CVE-2025-22457 by UNC5221 including two newly observed malware families tracked as BRUSHFIRE and TRAILBLAZE.

cloud.google.com/blog/topics/...

03.04.2025 16:26 👍 15 🔁 7 💬 0 📌 5

🔥 new blog covering recent UNC3886 ops. Massive S/O to all the authors for dropping such a great blog.

12.03.2025 18:29 👍 9 🔁 1 💬 0 📌 0

Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog We discovered China-nexus threat actors deployed custom backdoors on Juniper Networks’ Junos OS routers.

Super happy this blog is finally released. Dive into the intricacies of backdoors targeting Juniper devices, veriexec bypass zero-day and other interesting TTPs, all with UNC3886, a China-nexus cyber espionage group as your guide!

cloud.google.com/blog/topics/...

12.03.2025 16:25 👍 7 🔁 4 💬 0 📌 1

I did get my second pair of Superblast 2s so not a total loss

08.03.2025 20:27 👍 0 🔁 0 💬 0 📌 0

The universe doesn’t want me to get a pair of the Vaporfly 4s

08.03.2025 20:23 👍 1 🔁 0 💬 1 📌 0

Divorced Dad Rock 👴 Playlist · Colin Frost · 171 items · 277.3K saves

Another absolute banger of a playlist open.spotify.com/playlist/3MG...

07.03.2025 17:15 👍 1 🔁 0 💬 0 📌 0

You Think You Hate This But You Don't Playlist · turkehbacon · 34 items · 2 saves

Friday playlist brought to you by all of @stonepwn3000.bsky.social’s favorite bands open.spotify.com/playlist/4B0...

07.03.2025 17:13 👍 3 🔁 0 💬 1 📌 0

What I feel is ashamed.

28.02.2025 17:49 👍 1042 🔁 108 💬 51 📌 8

Only 10, you doubt me brother

22.02.2025 17:12 👍 2 🔁 0 💬 0 📌 0

Is this the gabagool I keep hearing about

22.02.2025 16:56 👍 3 🔁 0 💬 1 📌 0

Plug*

22.02.2025 16:56 👍 2 🔁 0 💬 0 📌 0

Shameless plus as to why being able to track akas is so valuable

22.02.2025 16:55 👍 6 🔁 0 💬 1 📌 0

Submitted without comment

22.02.2025 16:44 👍 38 🔁 5 💬 1 📌 2

Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.

Today, Google Threat Intelligence is alerting the community to increasing efforts from several Russia state-aligned threat actors (GRU, FSB, etc.) to compromise Signal Messenger accounts.

cloud.google.com/blog/topics/...

19.02.2025 11:05 👍 167 🔁 118 💬 3 📌 15

a man is sitting at a desk in a dark room with his hands on his face . ALT: a man is sitting at a desk in a dark room with his hands on his face .

Are you taking notes on a criminal conspiracy?

14.02.2025 13:17 👍 2 🔁 0 💬 0 📌 0

14.02.2025 13:13 👍 1 🔁 0 💬 0 📌 0

The BadPilot campaign: Seashell Blizzard subgroup conducts multiyear global access operation | Microsoft Security Blog Microsoft is publishing for the first time our research into a subgroup within the Russian state actor Seashell Blizzard and its multiyear initial access operation, tracked by Microsoft Threat Intelli...

Fantastic work here from the MSTIC folks re: 74455. So many threads to pull.

www.microsoft.com/en-us/securi...

12.02.2025 19:15 👍 25 🔁 12 💬 0 📌 1

John

Latest posts by John @bigbadw0lf