Mastodon Digest
for the past
scorer
threshold
Posts

I am thinking about starting a weekly infosec gossip podcast. I feel like this is an underserved segment

What might end up mattering more than who gets to the "singularity" or quantum leap first is market share, and one thing we've seen reliably from China is they are very good at securing market share through govt subsidies and flooding the market with cheaper alternatives. The sticker shock that organizations investing in AI are now feeling is a result of AI companies finally charging something approximating their real costs to provide the service. Meanwhile, Chinese AI companies can continue to subsidize the cost of their tokens probably indefinitely.

🚨University endpoint security access allegedly listed for sale

A forum actor claims to be selling super-admin access to an endpoint security and EDR console managing more than 230 Windows devices at an unnamed university.

The listing says the access includes policy management, remote scanning, software deployment, device control, patching, and password-management capabilities. The actor openly markets it for ransomware deployment, data theft, and mass surveillance.

The access is listed for $500, described as slightly negotiable.

This claim is currently unverified.

πŸ’₯ Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: darkwebinformer.com/pricing

It doesn't take a genius to figure out that a lot of companies smarting from the increasing costs of AI tokens might start to look for cheaper alternatives, and that those alternatives increasingly are going to come from our adversaries.

As we start to care more about our software supply chain risks, seems like it's also getting more challenging for organizations to understand the provenance of the AI code they are relying on. From a CNBC story about how lawmakers are trying to figure out how to curb the growing adoption of Chinese AI models by homegrown companies:

"Cursor, which will be acquired by Elon Musk's SpaceX for $60 billion, built its Composer 2 model using Chinese AI model Kimi, which was developed by Moonshot AI."

cnbc.com/2026/07/08/chinese-ai

πŸš¨πŸ‡ΊπŸ‡ΈπŸ‡¨πŸ‡¦πŸ‡ͺπŸ‡Ί Threat actor offering top dollar for corporate network access

A forum user is seeking corporate access tied to organizations in the United States, Canada, Europe, and other regions.

The buyer says offers for US and Canadian targets start at $20,000, while European access starts at $100,000, with other locations open to negotiation. Suppliers are also promised an additional 5% on completed deals.

The listing requires at least Domain User privileges and claims the buyer works with a well-known partner program that can provide verification when needed.

This listing is currently unverified.

πŸ’₯ Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: darkwebinformer.com/pricing

Boosts

Hey, I'm going to give this a try. #Fedihire

I have written tons of blogs, whitepapers, books, and ad copy for tech companies about cybersecurity and general enterprise IT. See my portfolio: kimcrawley.com

I used to make a comfortably liveable income. But since the Gen AI menace, my livelihood has been destroyed and I can't pay my rent. I'm now writing Kickstarter funded self published books to survive.

I could really use proper writing gigs, though.

Some of the bestselling cybersecurity books, such as The Pentester Blueprint, were partly or completely written by me.

Please email kim.crawley at stopgenai dot com, or message me on Signal via crowgirl.84

Screenshot

WHAT is this notification????????

Google