Since i'm still on the hellsite, here is my thread on the NPM dependency issues: x.com/AndrewMohawk...
But TL;DR there is so much FUD
This would only impact you if
-FRESH install between 9am-11.30am ET
-OR Package-lock.json created in that time
-Vuln packages in direct or transient dependencies
But TL;DR there is so much FUD
This would only impact you if
-FRESH install between 9am-11.30am ET
-OR Package-lock.json created in that time
-Vuln packages in direct or transient dependencies
AndrewMohawk⁽ⁿᵘˡˡ⁾ on X: "Lot of chatter about the QIX NPM compromise. TL;DR -- Dev was compromised ~9am ET ( https://t.co/bgOwN57xyz ) -- Malicious packages removed at ~11.30 ET ( https://t.co/XApcXgcQoK ) If you installed in this time please check your codebase." / X
Lot of chatter about the QIX NPM compromise. TL;DR -- Dev was compromised ~9am ET ( https://t.co/bgOwN57xyz ) -- Malicious packages removed at ~11.30 ET ( https://t.co/XApcXgcQoK ) If you installed in this time please check your codebase.
x.com
September 8, 2025 at 11:58 PM
Since i'm still on the hellsite, here is my thread on the NPM dependency issues: x.com/AndrewMohawk...
But TL;DR there is so much FUD
This would only impact you if
-FRESH install between 9am-11.30am ET
-OR Package-lock.json created in that time
-Vuln packages in direct or transient dependencies
But TL;DR there is so much FUD
This would only impact you if
-FRESH install between 9am-11.30am ET
-OR Package-lock.json created in that time
-Vuln packages in direct or transient dependencies
Feels so good to interact with the infosec community as a whole, I cant imagine why we have bad reputation as not being welcoming!
July 24, 2025 at 2:01 PM
Feels so good to interact with the infosec community as a whole, I cant imagine why we have bad reputation as not being welcoming!
expel.com/blog/poisons... pretty interesting using cross device sign in ( www.passkeycentral.org/design-guide... ) to bypass fido2 hurdle, effectively turning the hardware token into QR code and asking the user to scan it
July 20, 2025 at 5:21 PM
expel.com/blog/poisons... pretty interesting using cross device sign in ( www.passkeycentral.org/design-guide... ) to bypass fido2 hurdle, effectively turning the hardware token into QR code and asking the user to scan it
I made a submission!
June 24, 2025 at 12:33 AM
I made a submission!
Reposted by AndrewMohawk
My firstborn is trans 🏳️⚧️ nonbinary ⚧️ and a tattoo artist that now lives in California. They’re in Seattle for their brother’s graduation this week and brought their gear to give me a tattoo. There is a my other two tattoos are decorative but there is a meaningful story behind what I had them do. 1/
June 19, 2025 at 2:27 AM
My firstborn is trans 🏳️⚧️ nonbinary ⚧️ and a tattoo artist that now lives in California. They’re in Seattle for their brother’s graduation this week and brought their gear to give me a tattoo. There is a my other two tattoos are decorative but there is a meaningful story behind what I had them do. 1/
Reposted by AndrewMohawk
here's a framebuffer graphics demo (this has no practical purpose and I can't prove I'm not just like, playing a youtube video or something)
June 5, 2025 at 4:26 PM
here's a framebuffer graphics demo (this has no practical purpose and I can't prove I'm not just like, playing a youtube video or something)
Finally one of the models is useful to me. I give you my stance on WebAuthN. cc @Yubico
(Everyone at orgs I work at has a 5C + 5C NFC for phone and your org should as well)
(Everyone at orgs I work at has a 5C + 5C NFC for phone and your org should as well)
June 3, 2025 at 8:39 PM
Finally one of the models is useful to me. I give you my stance on WebAuthN. cc @Yubico
(Everyone at orgs I work at has a 5C + 5C NFC for phone and your org should as well)
(Everyone at orgs I work at has a 5C + 5C NFC for phone and your org should as well)
Whats the worst that could happen?
May 27, 2025 at 11:33 PM
Whats the worst that could happen?
Reposted by AndrewMohawk
Its finders keepers for one of these f-18s right?
May 11, 2025 at 11:30 PM
Its finders keepers for one of these f-18s right?
@kurtopsahl.bsky.social just said "The journey to stronger opsec begins with reducing the number of steps" and I fucking love it.
May 12, 2025 at 3:59 PM
@kurtopsahl.bsky.social just said "The journey to stronger opsec begins with reducing the number of steps" and I fucking love it.
Reposted by AndrewMohawk
She thinks the Library of Congress is like a local public library because it's got "Library" in the name and I can't emphasize enough that our country is being run by the stupidest people alive on the planet today.
Reporter: The president fired the Librarian of Congress. Why?
Leavitt: There were quite concerning things she had done at the Library of Congress in the pursuit of DEI and putting inappropriate books in the library for children.
Leavitt: There were quite concerning things she had done at the Library of Congress in the pursuit of DEI and putting inappropriate books in the library for children.
May 10, 2025 at 7:57 PM
She thinks the Library of Congress is like a local public library because it's got "Library" in the name and I can't emphasize enough that our country is being run by the stupidest people alive on the planet today.
Reposted by AndrewMohawk
You wont know when I am absolutely destroying my docker swarm, but there will be signs.
April 7, 2025 at 4:26 AM
You wont know when I am absolutely destroying my docker swarm, but there will be signs.
I got Manus access and errr.. its struggling with a docker project, but the filenames are hilarious! Manus.. its just like us!
April 3, 2025 at 3:33 AM
I got Manus access and errr.. its struggling with a docker project, but the filenames are hilarious! Manus.. its just like us!
The life of crime is calling me!
April 3, 2025 at 1:19 AM
The life of crime is calling me!
Another day, another 9.x critical vuln that bypasses authentication/authorization flow :(
thehackernews.com/2025/03/crit...
But dont worry it's just the kubes ingress-nginx and not the nginx ingress controller often used for kubes. Stay safe out there 🙃
thehackernews.com/2025/03/crit...
But dont worry it's just the kubes ingress-nginx and not the nginx ingress controller often used for kubes. Stay safe out there 🙃
Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication
Five critical flaws in Ingress NGINX Controller expose 6,500+ clusters; update now to prevent unauthorized remote code execution.
thehackernews.com
March 24, 2025 at 7:52 PM
Another day, another 9.x critical vuln that bypasses authentication/authorization flow :(
thehackernews.com/2025/03/crit...
But dont worry it's just the kubes ingress-nginx and not the nginx ingress controller often used for kubes. Stay safe out there 🙃
thehackernews.com/2025/03/crit...
But dont worry it's just the kubes ingress-nginx and not the nginx ingress controller often used for kubes. Stay safe out there 🙃
Reposted by AndrewMohawk
In 25 years of covering national security, I’ve never seen a story like this: Senior Trump officials discussed planning for the U.S. attack on Yemen in a Signal group--and inadvertently added the editor-in-chief of The Atlantic. www.theatlantic.com/politics/arc...
The Trump Administration Accidentally Texted Me Its War Plans
U.S. national-security leaders included me in a group chat about upcoming military strikes in Yemen. I didn’t think it could be real. Then the bombs started falling.
www.theatlantic.com
March 24, 2025 at 4:11 PM
In 25 years of covering national security, I’ve never seen a story like this: Senior Trump officials discussed planning for the U.S. attack on Yemen in a Signal group--and inadvertently added the editor-in-chief of The Atlantic. www.theatlantic.com/politics/arc...
Found a cool animatronic eye 3D print and spent the weekend making it follow me around
March 24, 2025 at 5:11 AM
Found a cool animatronic eye 3D print and spent the weekend making it follow me around
I really hate that this is the release details we get for a *9.1 critical vuln* in a common js stack: www.cve.org/CVERecord?id...
I will be blocking all requests with the header `x-middleware-subrequest` rather than risk deploying a > 5pm release for something without any real details.
I will be blocking all requests with the header `x-middleware-subrequest` rather than risk deploying a > 5pm release for something without any real details.
Common vulnerabilities and Exposures (CVE)
www.cve.org
March 21, 2025 at 9:31 PM
I really hate that this is the release details we get for a *9.1 critical vuln* in a common js stack: www.cve.org/CVERecord?id...
I will be blocking all requests with the header `x-middleware-subrequest` rather than risk deploying a > 5pm release for something without any real details.
I will be blocking all requests with the header `x-middleware-subrequest` rather than risk deploying a > 5pm release for something without any real details.
Vibe coding my own rust ui for the rayhunter ( github.com/EFForg/rayhu... )
March 21, 2025 at 7:07 AM
Vibe coding my own rust ui for the rayhunter ( github.com/EFForg/rayhu... )
A short story in 4:
March 13, 2025 at 3:15 PM
A short story in 4:
Twitter is down! Maybe DOGE finally did something people agree with
March 10, 2025 at 6:18 PM
Twitter is down! Maybe DOGE finally did something people agree with
Looking at some of the other recent DPRK attacks I noticed docker being used with `--privileged` flag.
I also know that on mac there is a current issue with docker ( github.com/docker/for-m... ) and the workaround is to move things to /Library/PrivilegedHelperTools/.
I also know that on mac there is a current issue with docker ( github.com/docker/for-m... ) and the workaround is to move things to /Library/PrivilegedHelperTools/.
March 9, 2025 at 3:59 AM
Looking at some of the other recent DPRK attacks I noticed docker being used with `--privileged` flag.
I also know that on mac there is a current issue with docker ( github.com/docker/for-m... ) and the workaround is to move things to /Library/PrivilegedHelperTools/.
I also know that on mac there is a current issue with docker ( github.com/docker/for-m... ) and the workaround is to move things to /Library/PrivilegedHelperTools/.