Chris Merkel
@chrismerkel.bsky.social
Cybersecurity / Infosec Leader, Teller of Rambling, Pointless Stories, Provider of Dubious Career Advice.
Professional alt, unprofessional posts.
Masto: @chrismerkel@infosec.exchange
Professional alt, unprofessional posts.
Masto: @chrismerkel@infosec.exchange
Reposted by Chris Merkel
Visualize all 23 years of BYTE magazine in all its glory, all at once:
November 11, 2025 at 6:18 PM
Visualize all 23 years of BYTE magazine in all its glory, all at once:
Reposted by Chris Merkel
I have another Reddit AMA scheduled! Tell your youts! www.reddit.com/r/SecurityCare...
Reddit - The heart of the internet
www.reddit.com
November 11, 2025 at 1:15 PM
I have another Reddit AMA scheduled! Tell your youts! www.reddit.com/r/SecurityCare...
Reposted by Chris Merkel
New from 404 Media: logins for Flock, the company behind the nationwide AI-camera network, are included in malware infections. Includes government and police accounts, meaning hackers could potentially break in. Senator Wyden asking FTC to investigate Flock
www.404media.co/flock-logins...
www.404media.co/flock-logins...
November 3, 2025 at 5:02 PM
New from 404 Media: logins for Flock, the company behind the nationwide AI-camera network, are included in malware infections. Includes government and police accounts, meaning hackers could potentially break in. Senator Wyden asking FTC to investigate Flock
www.404media.co/flock-logins...
www.404media.co/flock-logins...
Reposted by Chris Merkel
Adobe's launch of LLM inside Acrobat Reader is absolute dogshit. The one thing you want it for, which is to explain how to PDF, it doesn't know anything.
November 7, 2025 at 4:22 PM
Adobe's launch of LLM inside Acrobat Reader is absolute dogshit. The one thing you want it for, which is to explain how to PDF, it doesn't know anything.
Reposted by Chris Merkel
im not mad. please dont put in the newspaper that i got mad.
November 5, 2025 at 8:59 PM
im not mad. please dont put in the newspaper that i got mad.
Sadly, this looks like something that could be #cyberslop (thanks @doublepulsar.com) fodder.
C2 uses the OpenAI algo to store and retrieve JSON messages from a vector datastore. Far as I can understand this, they're not using LLM to carry out the attack, just using the API as a proxy.
C2 uses the OpenAI algo to store and retrieve JSON messages from a vector datastore. Far as I can understand this, they're not using LLM to carry out the attack, just using the API as a proxy.
Microsoft security researchers have discovered a new backdoor malware named SesameOp that uses the OpenAI Assistants API as a covert command-and-control channel.
Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware named SesameOp that uses the OpenAI Assistants API as a covert command-and-control channel.
www.bleepingcomputer.com
November 4, 2025 at 2:15 AM
Sadly, this looks like something that could be #cyberslop (thanks @doublepulsar.com) fodder.
C2 uses the OpenAI algo to store and retrieve JSON messages from a vector datastore. Far as I can understand this, they're not using LLM to carry out the attack, just using the API as a proxy.
C2 uses the OpenAI algo to store and retrieve JSON messages from a vector datastore. Far as I can understand this, they're not using LLM to carry out the attack, just using the API as a proxy.
Asking Mike Johnson a question about Trump is like asking ChatGPT to summarize a New York Times article. Bro is a human 404 error.
Raju: Last week, you were very critical of Biden, you said he didn’t even know who was pardoning. On 60 minutes, Trump admitted not knowing he pardoned a crypto billionaire guilty of money laundering. Is that also concerning?
Johnson: I don’t know anything about it.
Johnson: I don’t know anything about it.
November 3, 2025 at 5:45 PM
Asking Mike Johnson a question about Trump is like asking ChatGPT to summarize a New York Times article. Bro is a human 404 error.
Reposted by Chris Merkel
Amazon is helping fund a $300 million build of a ballroom for the White House.
Independent bookstores are donating to food banks and organizations that help with food insecurity.
They are not the same.
Independent bookstores are donating to food banks and organizations that help with food insecurity.
They are not the same.
October 30, 2025 at 4:01 PM
Amazon is helping fund a $300 million build of a ballroom for the White House.
Independent bookstores are donating to food banks and organizations that help with food insecurity.
They are not the same.
Independent bookstores are donating to food banks and organizations that help with food insecurity.
They are not the same.
If they take down the old domain, keys won't work. If they don't take down the domain, the accounts aren't actually "locked out", you're just being pushed through some flow to establish new ones.
Here's hoping it's a hard lockout, because anyone still there can get rekkkt.
Here's hoping it's a hard lockout, because anyone still there can get rekkkt.
X is warning that users must re-enroll their security keys or passkeys for two-factor authentication (2FA) before November 10 or they will be locked out of their accounts until they do so.
X: Re-enroll 2FA security keys by November 10 or get locked out
X is warning that users must re-enroll their security keys or passkeys for two-factor authentication (2FA) before November 10 or they will be locked out of their accounts until they do so.
www.bleepingcomputer.com
October 29, 2025 at 1:40 AM
If they take down the old domain, keys won't work. If they don't take down the domain, the accounts aren't actually "locked out", you're just being pushed through some flow to establish new ones.
Here's hoping it's a hard lockout, because anyone still there can get rekkkt.
Here's hoping it's a hard lockout, because anyone still there can get rekkkt.
Reposted by Chris Merkel
🛰️🌎🧪🚀
Got time to spare?
Plenty (wait too much actually) of International Space Station stuff here...
issinrealtime.org
Got time to spare?
Plenty (wait too much actually) of International Space Station stuff here...
issinrealtime.org
ISS in Real Time
Explore 25 years onboard the International Space Station.
issinrealtime.org
October 28, 2025 at 1:56 AM
🛰️🌎🧪🚀
Got time to spare?
Plenty (wait too much actually) of International Space Station stuff here...
issinrealtime.org
Got time to spare?
Plenty (wait too much actually) of International Space Station stuff here...
issinrealtime.org
Reposted by Chris Merkel
The NPR Network is your trusted source for reliable, accessible and fact-checked information. And now you can make sure we show up in your Google results.
How to make NPR and your local station your preferred news source on Google
The NPR Network is your trusted source for reliable, accessible and fact-checked information. And now you can make sure we show up in your Google results.
n.pr
October 27, 2025 at 2:56 PM
The NPR Network is your trusted source for reliable, accessible and fact-checked information. And now you can make sure we show up in your Google results.
Founders can cook up all kinds of smart ideas but seem completely blind to basic functionality like an offline mode.
October 21, 2025 at 5:56 PM
Founders can cook up all kinds of smart ideas but seem completely blind to basic functionality like an offline mode.
Reposted by Chris Merkel
TECH STARTUP: We're thrilled to announce our new app which gives you the power to kill anybody in the world
TECH STARTUP, A MONTH LATER: We hear you and we understand. Today we're making several significant changes to Anonymurder's terms of use
TECH STARTUP, A MONTH LATER: We hear you and we understand. Today we're making several significant changes to Anonymurder's terms of use
October 20, 2025 at 2:40 PM
TECH STARTUP: We're thrilled to announce our new app which gives you the power to kill anybody in the world
TECH STARTUP, A MONTH LATER: We hear you and we understand. Today we're making several significant changes to Anonymurder's terms of use
TECH STARTUP, A MONTH LATER: We hear you and we understand. Today we're making several significant changes to Anonymurder's terms of use
@downdetector.bsky.social is so slow in the speedtest app. You would think they would make it perform as well as the standalone app they want people to stop using
October 20, 2025 at 1:39 PM
@downdetector.bsky.social is so slow in the speedtest app. You would think they would make it perform as well as the standalone app they want people to stop using
Block, don't engage and don't engage with people who screenshot them and rage post.
October 18, 2025 at 5:24 PM
Block, don't engage and don't engage with people who screenshot them and rage post.
Reposted by Chris Merkel
They call this their “small-government, big-lunch’” group photo.
October 17, 2025 at 9:33 AM
They call this their “small-government, big-lunch’” group photo.
Reposted by Chris Merkel
AI was already a circle jerk technology, makes sense to just own it.
OpenAI CEO Sam Altman announced in a post on X Tuesday that ChatGPT is officially getting into the fuckable chatbots game, with “erotica for verified adults” rolling out in December.
🔗 www.404media.co/chatgpt-erot...
🔗 www.404media.co/chatgpt-erot...
ChatGPT’s Hail Mary: Chatbots You Can Fuck
As recent reports show OpenAI bleeding cash, and on the heels of accusations that ChatGPT caused teens and adults alike to harm themselves and others, CEO Sam Altman announced that you can soon fuck t...
www.404media.co
October 14, 2025 at 10:57 PM
AI was already a circle jerk technology, makes sense to just own it.
Reposted by Chris Merkel
Colbalt Strike out there like
October 10, 2025 at 9:07 PM
Colbalt Strike out there like
Reposted by Chris Merkel
Reposted by Chris Merkel
New from 404 Media: the Discord hack is every users' worst nightmare. Yesterday the hackers started posting Discord users' selfies, identity documents, email addresses, phone numbers, more. I watched in real time. This is risk of tech storing ID for age verification
www.404media.co/the-discord-...
www.404media.co/the-discord-...
The Discord Hack is Every Users’ Worst Nightmare
A hack impacting Discord’s age verification process shows in stark terms the risk of tech companies collecting users’ ID documents. Now the hackers are posting peoples’ IDs and other sensitive informa...
www.404media.co
October 9, 2025 at 3:28 PM
New from 404 Media: the Discord hack is every users' worst nightmare. Yesterday the hackers started posting Discord users' selfies, identity documents, email addresses, phone numbers, more. I watched in real time. This is risk of tech storing ID for age verification
www.404media.co/the-discord-...
www.404media.co/the-discord-...