Serhii Melnyk
@serhiimelnyk.bsky.social
Reposted by Serhii Melnyk
If quoting Peter Pomerantsev @peterpomerantsev.bsky.social and Eliot Higgins of Bellingcat @eliothiggins.bsky.social weren't enough, describing X as "a Russian nesting doll of bullshit" is all you need to know this will be a good read.
Definitely worth 5 minutes of your time, and a gift link too!
Definitely worth 5 minutes of your time, and a gift link too!
November 25, 2025 at 6:27 AM
If quoting Peter Pomerantsev @peterpomerantsev.bsky.social and Eliot Higgins of Bellingcat @eliothiggins.bsky.social weren't enough, describing X as "a Russian nesting doll of bullshit" is all you need to know this will be a good read.
Definitely worth 5 minutes of your time, and a gift link too!
Definitely worth 5 minutes of your time, and a gift link too!
Reposted by Serhii Melnyk
#ESETresearch discovered and analyzed a previously undocumented malicious tool for network devices that we have named #EdgeStepper, enabling China-aligned #PlushDaemon APT to perform adversary-in-the-middle to hijack updates to deliver malware. www.welivesecurity.com/en/eset-rese... 1/5
PlushDaemon compromises network devices for adversary-in-the-middle attacks
ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform adversary-in-the-middle attacks.
www.welivesecurity.com
November 19, 2025 at 10:12 AM
#ESETresearch discovered and analyzed a previously undocumented malicious tool for network devices that we have named #EdgeStepper, enabling China-aligned #PlushDaemon APT to perform adversary-in-the-middle to hijack updates to deliver malware. www.welivesecurity.com/en/eset-rese... 1/5
Reposted by Serhii Melnyk
Italy's defence minister urges the West to counter a growing number of potentially “catastrophic” Russian hybrid attacks. He calls it absurd that the West does so little. Italy has just released a hybrid-threat document, even though it does not border Russia. www.difesa.it/assets/alleg...
November 19, 2025 at 12:31 PM
Italy's defence minister urges the West to counter a growing number of potentially “catastrophic” Russian hybrid attacks. He calls it absurd that the West does so little. Italy has just released a hybrid-threat document, even though it does not border Russia. www.difesa.it/assets/alleg...
Reposted by Serhii Melnyk
Reposted by Serhii Melnyk
The OSS made an incredible TRAINING FILM, directed by JOHN FORD, about the dos and donts of nonofficial cover. It’s great!
m.youtube.com/watch?v=oJJf...
m.youtube.com/watch?v=oJJf...
World War 2 Spy Training Film: Undercover | OSS Film | ca. 1944
YouTube video by The Best Film Archives
m.youtube.com
November 18, 2025 at 11:10 PM
The OSS made an incredible TRAINING FILM, directed by JOHN FORD, about the dos and donts of nonofficial cover. It’s great!
m.youtube.com/watch?v=oJJf...
m.youtube.com/watch?v=oJJf...
Reposted by Serhii Melnyk
#OpEd It isn't the genealogy of Russia's elite that matters, but where they sit in the spider's web of Kremlin patronage, argues Sergei Shelin.
The Truth About Kremlin Elite Nepotism Isn't so Simple - The Moscow Times
Opinion | The investigative outlet Proekt released a blockbuster report into Russia’s elite, which found that 76% of 1,329 senior officials had “relatives who also work in government administration, ...
www.themoscowtimes.com
November 18, 2025 at 3:38 PM
#OpEd It isn't the genealogy of Russia's elite that matters, but where they sit in the spider's web of Kremlin patronage, argues Sergei Shelin.
Reposted by Serhii Melnyk
Bsides Pyongyang starts in 15 minutes if the Cloudflare gods cooperate.
youtube.com/@bsidespyong...
m.twitch.tv/bsidespyongy...
youtube.com/@bsidespyong...
m.twitch.tv/bsidespyongy...
BSides Pyongyang
🇰🇵 #BSidesPyongyang2025 :A free community cyber conference on Nov 18 2025 (Missile Industry Day) @ Lazarus HQ Pyongyang Roblox | 30th anniversary 🎂
youtube.com
November 18, 2025 at 3:14 PM
Bsides Pyongyang starts in 15 minutes if the Cloudflare gods cooperate.
youtube.com/@bsidespyong...
m.twitch.tv/bsidespyongy...
youtube.com/@bsidespyong...
m.twitch.tv/bsidespyongy...
Reposted by Serhii Melnyk
There's a Russian disinformation network operating from Mastodon to push content into BlueSky, it's a few hundred active accounts (they also exist directly on BlueSky natively too).
It probably costs more to run than the value it provides to whoever runs it, tbh.
cyberplace.social/@GossiTheDog...
It probably costs more to run than the value it provides to whoever runs it, tbh.
cyberplace.social/@GossiTheDog...
Kevin Beaumont (@GossiTheDog@cyberplace.social)
I dunno if anybody has done a write up of it but there’s a pretty big Russian disinformation operation that runs on the Fediverse
If you search on Mastodon for t.me/RussianBaZa you’ll find some of i...
cyberplace.social
November 15, 2025 at 11:46 AM
There's a Russian disinformation network operating from Mastodon to push content into BlueSky, it's a few hundred active accounts (they also exist directly on BlueSky natively too).
It probably costs more to run than the value it provides to whoever runs it, tbh.
cyberplace.social/@GossiTheDog...
It probably costs more to run than the value it provides to whoever runs it, tbh.
cyberplace.social/@GossiTheDog...
Reposted by Serhii Melnyk
I reviewed "Geopolitics at the Internet’s Core" by Fiona Alexander, Laura DeNardis, Ph.D., @nanettelevinson.bsky.social, & Francesca Musiani. It's not a tech spec for Internet Protocol—it's actually a cenotaph for a bygone era of consensus and freedom.
www.tarah.org/2025/11/17/a...
www.tarah.org/2025/11/17/a...
A Cenotaph for Internet Freedom: Reviewing “Geopolitics at the Internet’s Core” – Tarah Wheeler
www.tarah.org
November 17, 2025 at 7:32 PM
I reviewed "Geopolitics at the Internet’s Core" by Fiona Alexander, Laura DeNardis, Ph.D., @nanettelevinson.bsky.social, & Francesca Musiani. It's not a tech spec for Internet Protocol—it's actually a cenotaph for a bygone era of consensus and freedom.
www.tarah.org/2025/11/17/a...
www.tarah.org/2025/11/17/a...
Reposted by Serhii Melnyk
Watch full show
youtu.be/hH-DUX3X7gQ?...
youtu.be/hH-DUX3X7gQ?...
Anthropic Claude Code automating APT hacks, KnownSec leak, Chinese buses with remote access
YouTube video by Three Buddy Problem
youtu.be
November 16, 2025 at 2:08 PM
Watch full show
youtu.be/hH-DUX3X7gQ?...
youtu.be/hH-DUX3X7gQ?...
Reposted by Serhii Melnyk
Excited to have Michael E. van Landingham as a speaker this year! He specializes in political analysis of Russian leadership and their intelligence services.
His talk with Alex Orleans, is titled "'Oil into the Fire:' An Inside Look at SVR Cyberespionage".
www.cyberwarcon.com
His talk with Alex Orleans, is titled "'Oil into the Fire:' An Inside Look at SVR Cyberespionage".
www.cyberwarcon.com
November 10, 2025 at 9:18 PM
Excited to have Michael E. van Landingham as a speaker this year! He specializes in political analysis of Russian leadership and their intelligence services.
His talk with Alex Orleans, is titled "'Oil into the Fire:' An Inside Look at SVR Cyberespionage".
www.cyberwarcon.com
His talk with Alex Orleans, is titled "'Oil into the Fire:' An Inside Look at SVR Cyberespionage".
www.cyberwarcon.com
Reposted by Serhii Melnyk
It was recorded, and slides are now being shared....
Slides and videos from ATT&CKcon 6.0 are now posted in an easy to find way. Check out attack.mitre.org/resources/at... to check out our great talks (and Couch Talks) from October, or even check out past ATT&CKcons from that same page.
Slides and videos from ATT&CKcon 6.0 are now posted in an easy to find way. Check out attack.mitre.org/resources/at... to check out our great talks (and Couch Talks) from October, or even check out past ATT&CKcons from that same page.
MITRE ATT&CKcon - ATT&CKcon 6.0 | MITRE ATT&CK®
attack.mitre.org
November 7, 2025 at 6:13 PM
It was recorded, and slides are now being shared....
Slides and videos from ATT&CKcon 6.0 are now posted in an easy to find way. Check out attack.mitre.org/resources/at... to check out our great talks (and Couch Talks) from October, or even check out past ATT&CKcons from that same page.
Slides and videos from ATT&CKcon 6.0 are now posted in an easy to find way. Check out attack.mitre.org/resources/at... to check out our great talks (and Couch Talks) from October, or even check out past ATT&CKcons from that same page.
Reposted by Serhii Melnyk
Christo should stop listening to the Russian hackers he pays to get selectors from Russian telcos (and also probably Välisluureamet), because the SVR* and GRU absolutely hacked the DNC.
*come to @cyberwarcon.bsky.social on 19 Nov to hear more!
*come to @cyberwarcon.bsky.social on 19 Nov to hear more!
Famed Russian spy hunter Christo Grozev claimed on this podcast four months ago that North Korea hacked the Democratic National Committee in 2016 and passed the info to Russia, which in exchange divulged access to Bangladesh Bank. 🤔 #infosec Passage at 13m 31s:
www.youtube.com/watch?v=dimh...
www.youtube.com/watch?v=dimh...
November 7, 2025 at 7:58 PM
Christo should stop listening to the Russian hackers he pays to get selectors from Russian telcos (and also probably Välisluureamet), because the SVR* and GRU absolutely hacked the DNC.
*come to @cyberwarcon.bsky.social on 19 Nov to hear more!
*come to @cyberwarcon.bsky.social on 19 Nov to hear more!
Reposted by Serhii Melnyk
🚨 New from Socket Threat Research: 9 malicious #NuGet packages deliver time-delayed destructive payloads, designed to crash apps and sabotage industrial control systems.
Read the full analysis → socket.dev/blog/9-malic... #dotnet
Read the full analysis → socket.dev/blog/9-malic... #dotnet
9 Malicious NuGet Packages Deliver Time-Delayed Destructive ...
Socket researchers discovered nine malicious NuGet packages that use time-delayed payloads to crash applications and corrupt industrial control system...
socket.dev
November 6, 2025 at 8:38 PM
🚨 New from Socket Threat Research: 9 malicious #NuGet packages deliver time-delayed destructive payloads, designed to crash apps and sabotage industrial control systems.
Read the full analysis → socket.dev/blog/9-malic... #dotnet
Read the full analysis → socket.dev/blog/9-malic... #dotnet
Reposted by Serhii Melnyk
Check out my new interview with The Hacking Games! I discuss how I went from being arrested by the FBI to advising law enforcement on creating intervention programs, helping redirect young hackers before they end up in jail.
www.youtube.com/watch?v=Qs2Q...
www.youtube.com/watch?v=Qs2Q...
From Blackhat Hacker to Hero: Marcus Hutchins on Cybercrime and Redemption
From a curious teenage hacker experimenting in his bedroom in Devon, to malware writer, to international cyber hero. Nobody knows the path quite like Marcus Hutchins (@MalwareTechBlog) .
Marcus is…
www.youtube.com
November 6, 2025 at 6:54 PM
Check out my new interview with The Hacking Games! I discuss how I went from being arrested by the FBI to advising law enforcement on creating intervention programs, helping redirect young hackers before they end up in jail.
www.youtube.com/watch?v=Qs2Q...
www.youtube.com/watch?v=Qs2Q...
Reposted by Serhii Melnyk
Microsoft Incident Response – Detection and Response Team (DART) uncovered SesameOp, a new backdoor that uses the OpenAI Assistants API for command and control. DART shared the findings with OpenAI, who identified and disabled an API key and associated account. msft.it/63322tGbej
SesameOp: Novel backdoor uses OpenAI Assistants API for command and control | Microsoft Security Blog
Microsoft Incident Response - Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) as a mechanism for command-and-control (C2) communications. Instead of relying on more traditional methods, the threat actor behind this backdoor abuses OpenAI as a C2 channel as a way to stealthily communicate and orchestrate malicious activities within the compromised environment. To do this, a component of the backdoor uses the OpenAI Assistants API as a storage or relay mechanism to fetch commands and run tasks for the threat actor.
msft.it
November 3, 2025 at 5:26 PM
Microsoft Incident Response – Detection and Response Team (DART) uncovered SesameOp, a new backdoor that uses the OpenAI Assistants API for command and control. DART shared the findings with OpenAI, who identified and disabled an API key and associated account. msft.it/63322tGbej
Reposted by Serhii Melnyk
‼️ Update: the MIT-linked “AI-powered ransomware” report appears to have been taken offline. We updated our article to include an Internet Archive link to the original paper.
November 1, 2025 at 4:00 AM
‼️ Update: the MIT-linked “AI-powered ransomware” report appears to have been taken offline. We updated our article to include an Internet Archive link to the original paper.
Reposted by Serhii Melnyk
🧵 Across the world, democracy isn’t just under pressure, it’s facing epistemic collapse: a breakdown in the shared ability to know what’s true, to reason together and to hold power to account.
A new guest paper by @eliothiggins.bsky.social and @drnataliemartin.bsky.social explores how to fix it.
A new guest paper by @eliothiggins.bsky.social and @drnataliemartin.bsky.social explores how to fix it.
Verification, Deliberation, Accountability: A new framework for tackling epistemic collapse and renewing democracy
Demos is Britain’s leading cross-party think-tank. We produce original research, publish innovative thinkers and host thought-provoking events.
demos.co.uk
October 22, 2025 at 8:39 AM
🧵 Across the world, democracy isn’t just under pressure, it’s facing epistemic collapse: a breakdown in the shared ability to know what’s true, to reason together and to hold power to account.
A new guest paper by @eliothiggins.bsky.social and @drnataliemartin.bsky.social explores how to fix it.
A new guest paper by @eliothiggins.bsky.social and @drnataliemartin.bsky.social explores how to fix it.
Reposted by Serhii Melnyk
Cybersecurity awareness month is now over. If you are still aware of cybersecurit, you are living in the past.
November 1, 2025 at 10:40 AM
Cybersecurity awareness month is now over. If you are still aware of cybersecurit, you are living in the past.
Reposted by Serhii Melnyk
A leak meant to expose North Korea’s hackers may have done more damage to Western intelligence instead.
The Leak That Targeted the Leakers
At this year’s DEF CON conference, hackers thumbing through copies of Phrack thought they were reading about a North Korean leak. Few realized they might
warontherocks.com
October 30, 2025 at 1:00 AM
A leak meant to expose North Korea’s hackers may have done more damage to Western intelligence instead.
Reposted by Serhii Melnyk
🚨New RUSI report, “RUSI Cyber Sanctions Taskforce: Countering State-Backed Cyber Threats” by Gonzalo Saiz is out now.
RUSI Cyber Sanctions Taskforce: Countering State-Backed Cyber Threats
This paper reports on the first meeting of the RUSI Cyber Sanctions Taskforce, focusing on the role of sanctions in countering cyber state threats, and highlighting their potential to disrupt maliciou...
www.rusi.org
October 28, 2025 at 9:53 AM
🚨New RUSI report, “RUSI Cyber Sanctions Taskforce: Countering State-Backed Cyber Threats” by Gonzalo Saiz is out now.
Reposted by Serhii Melnyk
@christogrozev.bsky.social back with latest in his investigation series on GRU Unit 29155
+ youtu.be/tRqcJV0Z55c
+ youtu.be/tRqcJV0Z55c
Russia's Spy Hotel | Unit 29155 - Episode 5
YouTube video by The Christo Files
youtu.be
October 25, 2025 at 8:16 PM
@christogrozev.bsky.social back with latest in his investigation series on GRU Unit 29155
+ youtu.be/tRqcJV0Z55c
+ youtu.be/tRqcJV0Z55c
Reposted by Serhii Melnyk
“German politicians are making serious accusations against the Alternative for Germany (AfD) party. They allege the party is studying the country's critical infrastructure — in the interests of the Kremlin,“ using parliamentary inquiries to gather detailed information on IT, transport, water etc.
Is Germany's far-right populist AfD spying for Russia? – DW – 10/26/2025
German politicians are making serious accusations against the Alternative for Germany (AfD) party. They allege the party is studying the country's critical infrastructure — in the interests of the Kre...
www.dw.com
October 26, 2025 at 8:32 AM
“German politicians are making serious accusations against the Alternative for Germany (AfD) party. They allege the party is studying the country's critical infrastructure — in the interests of the Kremlin,“ using parliamentary inquiries to gather detailed information on IT, transport, water etc.
Reposted by Serhii Melnyk
🇰🇵 Joint Statement of the Multilateral Sanctions Monitoring Team (MSMT) on the Report Covering DPRK Cyber and IT Worker Activities www.state.gov/releases/off... PDF: msmt.info/Publications... cc @gate15.bsky.social @campuscodi.risky.biz @mattburgess1.bsky.social #cybersecurity #NorthKorea
Joint Statement of the Multilateral Sanctions Monitoring Team (MSMT) on the Report Covering DPRK Cyber and IT Worker Activities - United States Department of State
The text of the following statement was released by the Governments of the United States of America and Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, the Republic of ...
www.state.gov
October 22, 2025 at 1:01 PM
🇰🇵 Joint Statement of the Multilateral Sanctions Monitoring Team (MSMT) on the Report Covering DPRK Cyber and IT Worker Activities www.state.gov/releases/off... PDF: msmt.info/Publications... cc @gate15.bsky.social @campuscodi.risky.biz @mattburgess1.bsky.social #cybersecurity #NorthKorea
Reposted by Serhii Melnyk
"Recorded Future intelligence shows that the Russian government’s relationship with cybercriminals has evolved from passive tolerance to active management"
www.recordedfuture.com/research/dar...
www.recordedfuture.com/research/dar...
Dark Covenant 3.0: Controlled Impunity and Russia’s Cybercriminals
Explore how Russia’s cybercriminal ecosystem evolved under Operation Endgame—where state control, selective enforcement, and criminal alliances collide.
www.recordedfuture.com
October 23, 2025 at 4:46 PM
"Recorded Future intelligence shows that the Russian government’s relationship with cybercriminals has evolved from passive tolerance to active management"
www.recordedfuture.com/research/dar...
www.recordedfuture.com/research/dar...