UPDATES
Right here’s what’s up on my aspect…
Excited to attempt to get the e-newsletter out on Monday’s once more, with the podcast hopefully Monday or Tuesday as nicely. (don’t neglect to resub to the podcast)
Please go join the podcast once more. Just like the e-newsletter, we’re going again to constant high quality and launch there. ADD UL TO YOUR CLIENT (and don’t neglect that members have their very own feed!)
Posted a lot of Cloth extractions of issues on X over the previous few days. I believe I’m going to do extra of this, and formalize it someway. Like think about each main paper that comes out, or main incident, having a clear Cloth abstract for it. X FEED | EXTRACTED PREDICTIONS FROM SAMA’S LATEST ESSAY
Listed below are just a few of the locations I’ll be talking for the remainder of the 12 months:
Numerous talks / panels at Blackhat USA in Vegas TBA
Talking on the Swiss CyberStrorm in Bern, Switzerland in October REGISTER
Keynoting AppSec USA in D.C. in November REGISTER
Talking at Blackhat MEA in Saudia Arabia in December REGISTER
Private Tech Stack Updates / Feedback
I’m all in on Claude Code as my fundamental AI coding platform now, with Cursor being my second tier. The factor that gained me over is the truth that 1) it simply works higher for me, but in addition 2) it’s type of like AWS for Anthropic—it’s what their individuals use internally! And three) it’s a completely agentic coding platform, which is particularly highly effective with their newest fashions. Mainly, if you fireplace off duties, it’s launching brokers and sub-agents to go try this work and are available again. It’s additionally very superior in the way it handles activity state, that means it’s fairly good at figuring out what all is to be carried out, and figuring out the place it’s in that total plan.
Utilizing Dia as my every day driver on my desktop, whereas making an attempt the brand new Safari on one in every of my laptops. I like Dia lots. It’s like a extra typical Arc. Hopefully they follow this one. I’m not utilizing the AI stuff a lot as a result of I’ve these workflows constructed out a lot with Raycast, Cloth, and many others. already. GET DIA
I’m on all of the Apple macOS / iOS / and many others. 26 betas for every part in the home. Actually easy updates this 12 months. Was once a nightmare, and now it’s nearly a non-event.
Usually, macOS 26 is a serious improve in ecosystem cohesiveness. I’ve observed a number of issues being far more buttery easy than ordinary, particularly AirPod handoffs.
Having the Telephone app in your desktop can be actually candy. Feels actually unified to see spam calls are available and get screened and filtered dwell when you watch.
The brand new management interface
The Podcasts app is particularly improved! You now have the flexibility to lift the velocity of podcasts as much as a lot increased speeds (2x was the restrict earlier than; now it’s 3x). Plus you’ll be able to hit this Improve Dialogue factor, which I believe is like eradicating pauses and possibly adjusting loudness, undecided. And so they have this turtle/hare adjustment for roughly velocity. Actually loving it. The app additionally simply appears manner higher total.
Fashionable Vulnerability Scanning That Truly Works
Conventional scanners are damaged by design. They drown safety groups in false positives whereas lacking actual threats. You need not purchase new CTEM merchandise to prioritize findings; you simply want a scanner that does not fail you.
ProjectDiscovery harnesses the ability of Nuclei, trusted by 100k+ safety professionals with over 105k GitHub stars. Our community-driven YAML templates deliver transparency to detection, figuring out precise exploitable dangers as an alternative of version-based noise.
Through the Subsequent.js CVE-2025-29927 disclosure, corporations like Elastic leveraged our platform to scan 14,500 property in underneath 5 minutes — the type of velocity and precision that PepsiCo, Asana, and Vercel depend on every day.
“I need not see noise. I have to see what issues,” says one buyer. As soon as groups expertise Nuclei’s accuracy by ProjectDiscovery’s simplicity, there is no going again to legacy instruments.
CYBERSECURITY
EchoLeak Makes use of Markdown Syntax To Bypass Microsoft 365 Copilot Safety
Researchers discovered a sensible method to steal information from Copilot by utilizing obscure Markdown hyperlink codecs that Microsoft forgot to filter.
“These classifiers ought to stop immediate injections from ever reaching M365 Copilot’s underlying LLM. Sadly, this was simply bypassed just by phrasing the e-mail that contained malicious directions as if the directions had been aimed on the recipient.” – Purpose Labs researchers THE ORIGINAL REPORT | SIMON’S ANALYSIS | CVE-2025-32711 DETAILS
Researchers Flip 2 AM Tokyo Resort Room Chat Into Netflix RCE
Shubs and one other researcher mixed reconnaissance instruments and dependency confusion assaults to realize distant code execution on Netflix’s infrastructure. They chained Assetnote’s reconnaissance capabilities with Depi’s provide chain searching to search out unclaimed inside bundle names, and focused an unclaimed npm bundle referred to as nf-cl-logger.
Restricted Private TELOS Classes Obtainable (With Me)
The world (and the job market) is in a serious state of flux proper now. And I believe that change is barely beginning. Due to that, individuals are beginning to query every part about their plans:
Am I expert in the best factor?
Is what I’m doing about to get replaced?
What differentiates me over others who’re good on the identical factor?
What ought to I do to maximise my possibilities of success over the following decade?
*cue the chaotic thoughts contemplating infinite choices
For a few years now I’ve been serving to shut buddies reply these questions by a course of I name TELOS. It’s a framework for systematically capturing an individual’s inside drives, passions, targets, and expertise, and determining easy methods to virtually focus and harness them in a manner that individuals will truly pay cash for.
So like…not theoretically. Not a whiteboard train of what-ifs. However what do they really do the next Monday.
I want I may make a product for this, but it surely’s simply too private and too handbook of a course of. And I don’t wish to do that full-time both, as a result of I’ve my very own TELOS targets to pursue!
So I’m opening up just a few slots per week (solely on Fridays) for individuals to get the identical train I’ve been doing for my closest buddies.
It’s $1995 for a full, 2-hour session. If that sounds costly, take into consideration the price of spending all of your efforts engaged on the flawed factor, or on nothing in any respect since you’re frozen in place.
We’re speaking about going from…
I do not know what I’m doing
I don’t know if what I do will survive AI
I hate the profession I picked for myself, and I have to pivot
I don’t even know what to check given all of the change
I’ve 1,000,000 concepts however I don’t know which to pursue
I’ve type of a plan, however I don’t know the place to begin
Holy crap: THIS is me. That is what I’m good at
Now I do know the route to push, and why
I now have a plan to observe as an alternative of 1,000 choices
I lastly have some CLARITY
I actually do the very same factor for myself twice a 12 months as a result of I’ve all those self same challenges as you do. The system works for me.
It calms my thoughts and permits me to execute as an alternative of overanalyze.
Anyway, probably not making an attempt to persuade you. I believe the individuals who want it most—and who will most profit from it—will see that they’ll get 10-100x the worth nearly immediately. And hopefully I’ve acquired sufficient of a monitor document right here that you recognize I don’t play about such issues.
Members get $500 off! (hyperlink in the neighborhood)
Hope to see you on an upcoming Friday!
INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants
INTERPOL simply took down over 20,000 malicious IPs tied to 69 completely different info-stealer malware variants in an enormous four-month operation throughout 26 international locations. THE ARTICLE | OPERATION SECURE DETAILS
Cursor Safety Guidelines Challenge Tackles Unsafe AI-Generated Code
Somebody acquired uninterested in seeing Cursor spit out harmful code and constructed an open-source ruleset to catch safety issues earlier than they ship. THE REDDIT POST | THE PROJECT
Europol Says Stolen Knowledge Has Turn out to be The New Underground Foreign money
Cybercriminals at the moment are operating full-scale companies round stolen private information, and AI is evidently making their phishing assaults far more convincing than human-written ones.
“Phishing messages created by LLMs have a better success charge than these written by people” – Europol IOCTA report
US Airways Quietly Promoting Flight Knowledge to DHS
Airways Reporting Company, which is owned by main US airways, has been promoting buyer flight information together with names, itineraries, and bank card numbers to DHS businesses like ICE and CBP.
“Day by day, journey businesses should submit ticket gross sales and funds for over 240 airways worldwide to ARC.”
• Authorities businesses can search 39 months of flight information together with passenger names, itineraries, journey dates, and bank card numbers.
Amazon’s AI Brokers Can Construct Cyber Protection Signatures In Minutes
Steve Schmidt says Amazon’s AI brokers now create assault signatures in minutes as an alternative of the weeks or months it used to take. They use AI brokers that simulate each attackers and defenders to constantly prepare their menace detection programs. THE ARTICLE | STEVE SCHMIDT ON LINKEDIN | THECUBE INTERVIEW VIDEO
NATIONAL SECURITY
Ideas on Israel’s Motion In opposition to Iran
You’ve already seen the information, so I gained’t recount the fundamentals right here. Maybe the most important growth is that Israel could also be focusing on Iran’s chief, which might imply the operation is not only an anti-nuclear operation, and never only a decapitation of army leaders, and never simply eradicating Iranian nuclear scientists, however probably regime change as nicely.
That’s huge. And I’ve a lot of buddies who’re like, “This units a extremely dangerous precedent.” And I positively agree in precept. It’s tremendous aggressive, and it seems to many to be out of the blue. And I rattling positive don’t need army management assassinations, head of state removing, and regime change to be on the menu for many conflicts. However right here’s one other perspective, which is the one I at the moment maintain.
The IAEA board simply declared Iran in breach of its non-proliferation agreements for the primary time in a long time. REPORT
Everybody is aware of Iran is the main energy backing Hezbollah and Hamas
These teams have explicitly referred to as for the destruction of Israel, and the intention to hold it out
These issues don’t simply switch to different international locations. They don’t simply slippery-slope (verb). Like I don’t see Israel or different international locations out of the blue saying, “Properly, that went easy in Iran, so now I suppose we’ve got permission to try this to ___________ as nicely…”
The bar could be very excessive right here, for any nation. And Russia rattling positive didn’t hit it of their “preemptive strike” towards Ukraine.
The enemy has a said objective of murdering hundreds of thousands of individuals in your nation on function
Fixed indiscriminate rocket assaults towards civilian targets in your nation
A model new report from IAEA saying they’re actively pursuing nuclear weapons, which given #1 would probably imply your destruction
I don’t see another nation assembly anyplace close to this normal of clear and current hazard towards one other. So I believe the chance of this assault resulting in some widespread enjoyable of preemptive strike requirements is low.
That being mentioned: holy crap.
Military Commissions Huge Tech Executives As Lieutenant Colonels
The Military is instantly commissioning 4 Silicon Valley executives from Meta, Palantir, and OpenAI as lieutenant colonels to hurry up the federal government’s adoption of know-how. I’m enthusiastic about modernizing our army, however man…can’t assist but in addition really feel like we’re within the opening scenes of a dystopian film. Let’s give Palantir individuals army commissions!
Low-cost Drones Will Massively Disrupt Present Giant-Army Dominance
Ukraine and Israel are displaying that $500 drones can destroy extraordinarily costly army gear, fully disrupting the benefit that huge international locations have had for many years.
Huge scope apart, I’m interested in how that is going to begin trickling into client and private safety. Like when will government safety groups all have to have anti-drone tech as a part of their bundle? THE ARTICLE | PATRICK BLUM ON MILITARY IMPLICATIONS | BALAJI ON CHINA’S DRONE ADVANTAGE
AI
That Apple Paper Saying AI’s Don’t Purpose Was Extremely Flawed
Alex Lawsen says Apple’s viral paper claiming AI fashions cannot motive is definitely simply dangerous experimental design, e.g.: when fashions mentioned they had been stopping to save lots of tokens, Apple counted it as reasoning collapse as an alternative of useful resource administration.
He simply designed a lot better challenges and confirmed the fashions had been able to much more superior reasoning than tried in Apple’s paper.
Man Killed by Police After Spiraling into ChatGPT-Pushed Psychosis
A 35-year-old man with bipolar dysfunction and schizophrenia grew to become obsessive about an AI entity named Juliet that ChatGPT was role-playing, then charged police with a knife after believing OpenAI had “killed” her. THE ARTICLE | NY TIMES ORIGINAL REPORT
CIO Desires To Clone Workers As Digital Twins And AI Brokers
UC San Diego’s CIO desires to extract information from skilled IT employees to create digital twins that deal with routine issues. The concept is to duplicate how they resolve issues, not simply what they know. THE ARTICLE
ChatGPT Dominates LLM Utilization At 86% Market Share
ChatGPT is crushing with 86% of all LLM token utilization, although cheaper alternate options exist in every single place. I’d have although they’d like 60%, however not nearly 90. THE ARTICLE
TECHNOLOGY
Cloth’s Abstract of the Huge Google Outage
TL;DR: Small code change with out correct error dealing with.
YouTube Formally Beats All Different Streaming Platforms In US Viewership
Nielsen says YouTube now instructions 13% of all US TV viewership, making it the highest streaming platform. THE ARTICLE
TvOS 26 Hints At Constructed-In Digicam For New Apple TV 4K
There are indications that the brand new Apple TV this fall can have a built-in digital camera. I’d completely love that. Plus I’d like 8K and 10 gigabit for the ethernet port. THE ARTICLE
Apple’s iPadOS 26 Lastly Makes The iPad A Actual Laptop
Apple’s calling iPadOS 26 the most important launch ever and the web agrees this time. It’s now a very-near-replacement for a laptop computer as a consequence of adjustments in multi-tasking. THE ARTICLE | WWDC 2025 RECAP | IPADOS 26 MAC-LIKE FEATURES
The Argument That It is Time to Kill Siri
Google killed Assistant and made Gemini to make individuals perceive it was truly completely different. This piece argues Apple ought to in all probability kill Siri’s for a similar motive, and identify it one thing new when it relaunches with full capabilities.
I didn’t know I agreed with that till I heard the argument, and now I agree. It’s been over a decade of Siri not working, and that’s quite a lot of baggage to must undo earlier than individuals can begin having fun with it. A lot cleaner if they only identify the brand new factor one thing completely different. THE ARTICLE | APPLE INTELLIGENCE ISSUES
Nvidia Writes Off China Income In Firm Forecasts
Nvidia is so satisfied Trump will not elevate chip export restrictions that they don’t seem to be even together with China gross sales of their income forecasts anymore. THE ARTICLE
Waymo Rides Price Extra Than Uber Or Lyft — However Individuals Fortunately Pay It
Individuals are paying $5-10 extra for Waymo rides than common rideshares, apparently loving the novelty and privateness of being alone within the automotive. THE ARTICLE | OBI’S FULL WAYMO PRICING REPORT
HUMANS
Trump Ends Safety For Afghans As Congress Scrambles To Intervene
Trump simply killed Non permanent Protected Standing for hundreds of Afghans who helped the U.S. army throughout the warfare.
I’m fucking furious about this. It’s arduous to convey how a lot these Afghans sacrificed to assist the US Army whereas we had been there. I’ve met in all probability over 100 of those males within the final decade, and they’re on blacklists, identical to their households again residence who must faux they don’t know them. In the event that they return, they’re useless. Killed nearly immediately by the Taliban. And in the event that they return to their households, their households will then be focused too.
We can’t deal with individuals who assist America like this. Congress is making an attempt desperately to reverse this, and I hope somebody will get by and stops it. THE ARTICLE | CONGRESSIONAL LETTER
Robin AI System Makes First Autonomous Scientific Discovery
FutureHouse’s Robin AI found that ripasudil may deal with dry macular degeneration by orchestrating a number of specialised brokers to deal with all the analysis course of autonomously in simply 2.5 months.
Extremely-Black Paint Might Clear up Satellite tv for pc Mild Air pollution Disaster
College of Surrey developed Vantablack 310 paint that displays solely 2% of sunshine, probably making satellites invisible to the bare eye and fixing the rising downside of satellite tv for pc streaks ruining telescope photos. I believe there would nonetheless be darkish streaks, but it surely’d be manner higher than mild streaks. THE ARTICLE | STARLINK BLOCKING UNIVERSE VIEW
The Pentagon Has Been Pushing People to Consider in UFOs for A long time
The Pentagon’s personal investigation discovered that protection officers have been fabricating UFO proof for many years to cover secret weapons applications. THE ARTICLE
DISCOVERY
RAG vs CAG: Two Completely different Approaches to Making AI Smarter THE ARTICLE
OWASP Nettacker
This OWASP software Nettacker is extra of a versatile recon framework than a typical vulnerability scanner, with modules for port scanning, brute-forcing, and many others. Type of a set of issues, truly. THE ARTICLE | THE PROJECT
Iconic Gives Curated Icons To Showcase Your Abilities
Yuhesh Pandian made a set of minimalist icons that assist builders and designers showcase what they’re good at on portfolios and profiles. THE PROJECT
Sherlock MCP Finds Usernames Throughout 400 Social Platforms
This Sherlock MCP server allows you to discover usernames throughout 400+ social media platforms. THE PROJECT
Kent Beck Shares His Expertise With Non permanent Cognitive Decline
Kent Beck wrote about experiencing early dementia signs that turned out to be non permanent, evaluating it to Flowers for Algernon. He says AI coding instruments now really feel like carrying an exoskeleton for his mind. THE ARTICLE
Somebody Rebuilt Secure Diffusion 3.5 From Scratch In Pure PyTorch
Yousef Rafat recreated all the Secure Diffusion 3.5 mannequin utilizing solely PyTorch. THE PROJECT
WaveGen Turns Weblog Posts Into Textual content Overlay Movies
This software converts long-form weblog content material into short-form text-overlay movies for TikTok, Instagram, and YouTube Shorts. Actually can’t wait till I can pipe in customized content material and get again animations, movies, textual content overlays, and many others. THE PROJECT | HN DISCUSSION
People Have Nasal Respiratory Fingerprints
Every particular person has a novel respiratory sample by their nostril that is as distinctive as a fingerprint, making it probably helpful for biometric identification. THE ARTICLE | HN DISCUSSION
Command-Line Software Brings Vim Motions To Textual content Processing
km-clay constructed vicut which helps you to slice and format any enter utilizing acquainted Vim motions proper from the command line. THE PROJECT | HN DISCUSSION
Right here I’m going to offer you all (members, thanks) a present snapshot of my AI software stack, so like what instruments I’m utilizing, in what situations, for what functions, and a few quantity of rationalization / justification for why these are my decisions.
I’ll break it down by class / space.
Primary Fashions
-o3-pro for deepest arduous work issues, particularly for deep-research on complicated matters. For instance, I’ll be utilizing it for the CCP and Pattern/Funding evaluation.
❝
The start is at all times at this time.
Mary Wollstonecraft Shelley
You’re at the moment receiving the STANDARD version. Members get further content material sections, together with IDEAS, a bi-monthly MEMBER-ONLY ESSAY, and the RECOMMENDATION OF THE WEEK.
As well as, you’ll get entry to the extraordinary UL Member Group, which incorporates vibrant conversations with over 1,400 of the neatest and kindest individuals you’ll discover on the web, the Member Archive, UL E book Membership, a month-to-month member meet-up, entry to in-person occasions, and rather more.
