cje
banner
cje.io
cje
@cje.io
founder @bugcrowd && co-founder @disclose_io || hacker, entrepreneur, executive, advisor || عصا موسى || #w00w00
Pinned
cje @cje.io · Nov 14
threat actor = someone who wants to punch you in the face
threat = the punch being thrown
vulnerability = your inability to defend against the punch
risk = the likelihood of getting punched in the face
roses are red,
violets are blue,
Discombobulating…
You’re absolutely right!

#valentinesday
February 14, 2026 at 7:02 PM
roses are red,
violets are blue,
some poems rhyme,
but this one doesn’t.

#valentinesday
February 14, 2026 at 6:59 PM
Happy Friday... PATCH YO' IOS (EXPLOITATION ITW)

Apple security releases - Apple Support (SA) m.cje.io/4bTDrc3.
Apple security releases - Apple Support (SA)
This document lists security updates and Rapid Security Responses for Apple software.
m.cje.io
February 14, 2026 at 2:54 AM
The [un]prompted Con Agenda has dropped and it is LIT m.cje.io/4axb40O
Committee - [un]prompted
About Us
m.cje.io
February 13, 2026 at 2:12 PM
ok this is freaking cool... spaceraccoon/vulnerability-spoiler-alert-action: GitHub Action to alert on security patches before the CVE drops. m.cje.io/4a6lZjc
GitHub - spaceraccoon/vulnerability-spoiler-alert-action: GitHub Action to alert on security patches before the CVE drops.
GitHub Action to alert on security patches before the CVE drops. - spaceraccoon/vulnerability-spoiler-alert-action
github.com
February 10, 2026 at 2:24 AM
Undead by design: Benchmarking EOL operating systems www.runzero.com/resources/un...
Undead by design: Benchmarking EOL operating systems
Our latest report uncovers EOL operating systems still shambling through U.S. enterprises & millions of assets, revealing the risks that haunt our networks
www.runzero.com
February 7, 2026 at 6:13 AM
Under Pressure: Exploring the effect of legal and criminal threats on security researchers and journalists – DataBreaches.Net m.cje.io/46mghr0
DataBreaches.Net
Chad van Alstin reports: The U.S. Department of Health and Human Services Office of the Inspector General (OIG) released a report focused on a “large Southeastern hospital” that the agency said had…
DataBreaches.Net
February 7, 2026 at 12:27 AM
Sponsored: AI is critical to the future of cyber defence

The big idea: Adversary tradecraft is now 80-95% quality parity with the US... but they have 10-100x MORE operators. We can't hire our way out of that gap.

m.cje.io/4keZaNxhttps...
Sponsored: AI is critical to the future of cyber defence - Risky Business Media
In this sponsored interview, Casey Ellis chats to Edward Wu, founder of Dropzone AI about a recent Vanderbilt University report that revea [Read More]
m.cje.io
February 2, 2026 at 6:13 AM
this one’s for @dennisf.bsky.social
February 1, 2026 at 1:20 AM
Poor little guy... I hope he got his term sheet after all of that

San Francisco Mountain Lion Is Tranquilized and Captured for Release Elsewhere | KQED www.kqed.org/news/1207121...
San Francisco Mountain Lion Is Tranquilized and Captured for Release Elsewhere | KQED
The young mountain lion had been seen wandering in and around Pacific Heights in recent days. Officials carried it out in a cage, with plans to release it “to a more suitable habitat.”
m.cje.io
January 28, 2026 at 8:31 PM
Reposted by cje
January 24, 2026 at 5:32 AM
Risky Chinese Electric Buses Spark Aussie Gov't Review m.cje.io/4aa8EpQ
Risky Chinese Electric Buses Spark Aussie Gov't Review
Deployed across Australia and Europe, China's electric buses are vulnerable to hackers and sport a remote connection some consider a "kill switch."
m.cje.io
January 24, 2026 at 12:27 AM
Tickets Open: CrikeyCon 11 m.cje.io/45VRrxS
m.cje.io
January 18, 2026 at 12:27 AM
Reposted by cje
finally, we're living through precedented times
January 4, 2026 at 6:56 AM
Reposted by cje
For some reason I thought about Aloria today.

She was an inspiring woman, and this quote about her mental health struggles will always stick with me: “It’s a long hard road ahead sometimes, but that doesn’t mean that the journey isn’t going somewhere, and it isn’t worthwhile.”

A powerful reminder.
Beloved hacking veteran Kelly ‘Aloria’ Lum passes away at 41 | TechCrunch
Kelly "Aloria" Lum was 41 when she passed away in New York City. She was a beloved member of the cybersecurity community, particularly in the city.
techcrunch.com
December 30, 2025 at 12:32 PM
But the issue is not just about diverting young people from cyber crime today, Ellis believes. It is also about casting the net wider to better outsmart the criminal gangs and “future proof” the industry.

www.computerweekly.com/feature/Woul...
Would you hire a hacker? | Computer Weekly
At a time when cyber security breaches are on the up and skills remain in short supply, security experts believe we may be missing a trick by overlooking unconventional sources of talent.
m.cje.io
December 28, 2025 at 6:13 AM
2026 cybersecurity forecast: China's PLA centenary looms, AI turns anyone into a malware developer, and economic pressure pushes more people toward cybercrime. Shift-left finally start working—but only for modern code. The rest of the internet? A triage trash fire.

cje.io/2025/12/27/2...
December 28, 2025 at 12:27 AM
reminder: this is still a thing…

threats.disclose.io (opensource researcher threat repo) #39C3
December 27, 2025 at 11:19 PM
🚨🚨🚨 PATCH YO' MONGODB - PUBLIC POC AVAILABLE 🚨🚨🚨

m.cje.io/4q2Bi1Y
Merry Christmas Day! Have a MongoDB security incident.
Somebody from Elastic Security decided to post an exploit for CVE-2025–14847 on Christmas Day.
m.cje.io
December 27, 2025 at 1:39 PM
Update: China firmly opposes Japan's dangerous moves in cyber field
Update: China firmly opposes Japan's dangerous moves in cyber field-
m.cje.io
December 27, 2025 at 6:13 AM
HARDEN YO' N8N - [CVSS 10.0 RCE] Remote Code Execution via Expression Injection m.cje.io/4qhl2JX

cc: @networkchuck @danielmiessler @jhaddix
Remote Code Execution via Expression Injection
### Impact n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users dur...
m.cje.io
December 20, 2025 at 12:36 AM
Reposted by cje
Yesterday was the 30th anniversary of the release of Michael Mann's HEAT, a hacker movie classic. (Shoutout Kelso.) We did an episode on HEAT last year with the great @meggardiner.bsky.social (co-author of HEAT 2) and our friend @cje.io.

The podcast IS the juice!

youtu.be/b2cfEXeWSn0?...
Deciphering Heat
YouTube video by Decipher
youtu.be
December 16, 2025 at 2:46 PM