Matt Shelton
@mshelt.bsky.social
Cybersecurity Professional in Washington, DC area. Interests include AI, cloud security, critical infrastructure, and space security.
ex-Mandiant, ex-Google
ex-Mandiant, ex-Google
Ukraine used cheap drones running open-source ArduPilot to strike Russian military airbases—no civilian targets, no expensive systems.
www.404media.co/ukraines-mas...
www.404media.co/ukraines-mas...
Ukraine's Massive Drone Attack Was Powered by Open Source Software
Ukraine used ArduPilot to help it wipe out Russian targets. It wasn’t the first time and it won’t be the last.
www.404media.co
June 3, 2025 at 3:13 PM
Ukraine used cheap drones running open-source ArduPilot to strike Russian military airbases—no civilian targets, no expensive systems.
www.404media.co/ukraines-mas...
www.404media.co/ukraines-mas...
Excellent reporting by Matt Burgess on how threat actors are using AI to evolve their tradecraft. Deepfakes, scripted lures, and scam-as-a-service kits are turning low-skill criminals into high-impact threats. Bonus points for a clever title!
www.wired.com/story/format...
www.wired.com/story/format...
How to Win Followers and Scamfluence People
Format Boy makes a living teaching Yahoo Boys, notorious West African scammers, how to use AI and deepfake technology to ensnare their next victims.
www.wired.com
May 19, 2025 at 1:44 PM
Excellent reporting by Matt Burgess on how threat actors are using AI to evolve their tradecraft. Deepfakes, scripted lures, and scam-as-a-service kits are turning low-skill criminals into high-impact threats. Bonus points for a clever title!
www.wired.com/story/format...
www.wired.com/story/format...
To combat Chinese cyber threats, the U.S. must build a transparency culture around software flaws—normalizing CVEs, protecting security researchers, and requiring vendors to disclose vulnerabilities. Openness is a national security imperative.
www.lawfaremedia.org/article/adva...
www.lawfaremedia.org/article/adva...
Advancing Secure by Design Through Security Research
It is essential for U.S. policymakers to actively protect and promote the role of security research within an open and transparent ecosystem.
www.lawfaremedia.org
May 10, 2025 at 10:44 AM
To combat Chinese cyber threats, the U.S. must build a transparency culture around software flaws—normalizing CVEs, protecting security researchers, and requiring vendors to disclose vulnerabilities. Openness is a national security imperative.
www.lawfaremedia.org/article/adva...
www.lawfaremedia.org/article/adva...
Great work by NCSC on how AI impacts cyber threats. AI-enabled vulnerability research is going to shrink the time between discovery and exploitation. AI-as-a-service in the threat actor space will lower the barrier of entry even further for threat actors. www.ncsc.gov.uk/report/impac...
Impact of AI on cyber threat from now to 2027
An NCSC assessment highlighting the impacts on cyber threat from AI developments between now and 2027.
www.ncsc.gov.uk
May 7, 2025 at 2:28 PM
Great work by NCSC on how AI impacts cyber threats. AI-enabled vulnerability research is going to shrink the time between discovery and exploitation. AI-as-a-service in the threat actor space will lower the barrier of entry even further for threat actors. www.ncsc.gov.uk/report/impac...
Great essay on treating AI as a normal technology innovation. The authors make a good case for treating AI risk as less about preventing runaway super intelligence and more about ensuring AI adoption is safe, resilient, and use case driven.
knightcolumbia.org/content/ai-a...
knightcolumbia.org/content/ai-a...
AI as Normal Technology
knightcolumbia.org
April 27, 2025 at 5:18 PM
Great essay on treating AI as a normal technology innovation. The authors make a good case for treating AI risk as less about preventing runaway super intelligence and more about ensuring AI adoption is safe, resilient, and use case driven.
knightcolumbia.org/content/ai-a...
knightcolumbia.org/content/ai-a...
Russian cyber operations targeting Dutch maritime critical infrastructure in a Volt Typhoon-style attack.
therecord.media/dutch-mivd-r...
therecord.media/dutch-mivd-r...
Russia attempting cyber sabotage attacks against Dutch critical infrastructure
Kremlin-backed hackers have tried sabotage attacks against critical infrastructure in the Netherlands, the country's Military Intelligence and Security Service said in its annual report.
therecord.media
April 22, 2025 at 2:40 PM
Russian cyber operations targeting Dutch maritime critical infrastructure in a Volt Typhoon-style attack.
therecord.media/dutch-mivd-r...
therecord.media/dutch-mivd-r...