Winnona 💾

🚨 NEW PAPER on the 0day Supply Chain 🚨: I gathered open source data & interviewed Gov employees, VR and China researchers to figure out what the zero day marketplace looks like in the U.S. and how it compares to China. Key findings below ⬇️ 0/🧵 atlanticcouncil.org/in-depth-resea…

New research reveals detailed analysis of DPRK VPN infrastructure used by North Korean operatives abroad. According to technical analysis published by NK Internet Watch, "Hangro" appears to be a specialized VPN client that enables North Koreans overseas to establish secure…

"No, I can't hack into Roblox to get you more money!" 😂 Ibrahim, an Associate Researcher in our Basebands team, had a great time last week at his former primary school in Tower Hamlets, speaking to some Year 5s about hacking and VR.

im so pumped to be talking through some fun north korean malware with @stuartjash at #OBTS v8 🤠 it's truly a goated lineup and i'm very humbled to be speaking along side so many sick researchers (also dw i will be dressed up in a blues clues onesie for the talk)

Call for Sponsors! #BSidesNoVA Join us in peak fall foliage in Northern Virginia on October 10-11 for *the* premier #InfoSec event in the DMV! Get your company's brand in front of some of the best folks in our professional community! bsidesnova.org/become-a-spons…

One good thing coming out of the current administration: the US is actually forcing the UK to back down on backdoors. arstechnica.com/tech-policy/20…

State of Statecraft is happening on October 28, 2025 in Brussels, Belgium. If you have a story to tell, our CFP closes Sept 1. CFP: stateofstatecraft.com/cfp Register: stateofstatecraft.com Fill out the CFP, get registered... then get your ass to Brussels. #what_is_sos

Was a ton of fun to talk about the 0day market and Pall Mall at @SummerC0n! Thanks for having me and hack the planet 🤘✨💕

opsec like bedrock

Submit your talk!

Honored to join District Con’s CFP review board, led by the infallible @__winn. Submit submit submit!

looking for a junkyard submission for @DistrictCon for an RCE in a vape in an EOL product that expels all of the vape juice into vapor

‼️“alignment w CCP priorities offers privileged access to state resources, regulatory favor, and expanded commercial opportunities [to hackers]."‼️ NEW great report on Chinese civil military fusion and cyber militias by Kieran Green @ @Margin_Research margin.re/mobilizing-cyb…

I’m so excited to have an amazing team to work with on Year 1! Please reach out with ideas for what you can add to make it an amazing line up of content, or any questions!

Thanks to @riskybusiness @tomatospy and @TheGruq for featuring my paper in their episode today! Totally agree on the points - to be clear, strategic obstacles can be a good thing, for economic security and national security. ;) youtube.com/watch?v=XoCVcd…

insane lineup!!

woo!! Excited to read everyone's submissions to @DistrictCon this year 🔥🔥

@__winn captured in words what I had only ever been able to wonder about. It is also extremely validating to see these ideas corroborated by other SMEs and US government officials. Full paper: atlanticcouncil.org/in-depth-resea…

On today’s Lawfare Daily, @jshermcyber sits down with @__winn to discuss the offensive cyber industry, the private sector and individual players, and the government procurement pipelines in the United States and China. lawfaremedia.org/article/lawfar…

July 3rd RedDrip7 Cyber Threat Intelligence, in conjunction with Beijing-based Qi An Pangu Lab, released details on a state-sponsored group who is playfully named "NightEagle" a/k/a APT-Q-95 APT-Q-95 is named "NightEagle" is because it "moves as fast as an Eagle", and only…

submit to districtcon.org/junkyard 🐞