Cybersecurity Feed

AI Cyber Defense Ops Course Launch!

Just Hacking Training livestream with Anton Ovrutsky to announce and celebrate his new course launch: "AI Cyber Defense Ops" available at https://justhacking.com

Anthropic says NO MORE OpenClaw!!

Getting Started With The Windows Registry

https://www.tcm.rocks/psap-y - We have several blue team certifications and are working on more training materials for the future! Check them out over at our website. The Windows Registry is artifact-rich - a literal treasure trove for evidence. But it's huge, and it's dense. So where do you even begin? Andrew Prince breaks down the Registry in this video and shows you how it can become one of the most powerful tools in your investigative toolkit. This video also includes a practical example of hunting for malware that is hiding directly inside of the Windows Registry. Like this video? Subscribe to never miss a new content drop from the TCMS team! #dfir #malware #blueteam #cybersecurity #digitalforensics #threathunting Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://www.tcm.rocks/acad-y Get Certified: https://www.tcm.rocks/certs-y Merch: https://www.bonfire.com/store/tcm-security/ Timestamps: 0:00 - Introduction 1:01 - Basic Registry Terminology 2:33 - Registry Hives 5:44 - Live and Offline Registry Hives 7:14 - MRU Lists and Timestamps 8:28 - Value Data Types 10:00 - Malware Demo 17:45 - Conclusion 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure

Extremely Easy Identity Management (with Fletcher Heisler!)

https://jh.live/authentik || Take a look at the cool stuff authentik is cooking up 😊 https://jh.live/authentik Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training See what else I'm up to with: https://jh.live/newsletter ℹ️ Affiliates: Learn how to code with CodeCrafters: https://jh.live/codecrafters Host your own VPN with OpenVPN: https://jh.live/openvpn Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense

The Payload Podcast #005 - AI with Shane Caldwell

the WORST hack of 2026

Axios, the most popular HTTP library with over 100 million weekly downloads, was just hijacked in one of the most sophisticated supply chain attacks in history. A hacker took over the lead maintainer's npm account, injected a phantom dependency that deploys a cross-platform remote access trojan in 1.1 seconds, and the malware erases itself leaving no trace. I break down exactly how it happened, explain what a supply chain attack is, and show you how to check if YOUR system is affected. npm supply chain attack, axios hacked, axios npm compromised, supply chain attack explained, npm install malware, remote access trojan, axios 1.14.1, plain-crypto-js, npm security, javascript security, open source security, postinstall script attack, supply chain hack 2026 TIMESTAMPS: 0:00 - npm install just became DANGEROUS 0:41 - How the attack happened 0:52 - What is Axios? (and why you probably have it) 1:39 - The account takeover 2:20 - The ONE line of code that did it all 3:06 - How it was discovered 3:32 - The postinstall dropper 4:08 - The RAT payload (Mac, Windows, Linux) 4:28 - The self-destruct (no evidence left) 4:40 - What IS a supply chain attack? 4:55 - The coffee analogy 5:51 - Are YOU affected? Let's check together 6:34 - Checking for the RAT on your system 6:51 - What to do if you're compromised 7:50 - Prayer 9:19 - BONUS: Pikachu explains supply chain attacks ALL COMMANDS, DETECTION SCRIPTS, IOCs, AND REMEDIATION: https://github.com/theNetworkChuck/axios-attack-guide Quick check: npm list axios npm list -g axios BAD VERSIONS: 1.14.1 and 0.30.4 SAFE VERSIONS: 1.14.0 and 0.30.3 One command that would have BLOCKED this attack: npm config set min-release-age 3 RESOURCES: Socket.dev (first to detect): https://socket.dev/blog/axios-npm-package-compromised StepSecurity deep dive: https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan GitHub Issue: https://github.com/axios/axios/issues/10604 Huntress Blog: https://www.huntress.com/blog/supply-chain-compromise-axios-npm-package John Hammond Video: https://youtu.be/A58cV17avpM John Hammond Livestream: https://www.youtube.com/watch?v=A-KpP-6Dt8E SUPPORT NETWORKCHUCK: NetworkChuck Academy: https://academy.networkchuck.com FOLLOW ME EVERYWHERE: Twitter: https://twitter.com/networkchuck Instagram: https://www.instagram.com/networkchuck TikTok: https://www.tiktok.com/@networkchuck Discord: https://discord.gg/networkchuck READY TO LEARN?? NetworkChuck Academy: https://academy.networkchuck.com YouTube Membership: https://www.youtube.com/networkchuck/join #npm #supplychain #cybersecurity

How Digital Forensics Caught the BTK Killer

https://www.tcm.rocks/certs-y - We offer several blue teaming certs at TCM Security if you want to study up on DFIR and related topics! Here's a compelling case of digital forensics in action: the capture of the BTK Killer. Journey back to the early 2000s to find out how a floppy disc played an instrumental role in finally apprehending the killer - once and for all. Watch "A Practical Intro to Digital Forensics" here: https://www.youtube.com/watch?v=umB4WlfQ1JY Want to see more content like this? Make sure you subscribe to the TCM Security YouTube channel! #dfir #digitalforensics #truecrime #shortsfeed #shorts Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure

HUGE npm axios supply chain attack

https://www.huntress.com/blog/supply-chain-compromise-axios-npm-package https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan https://socket.dev/blog/axios-npm-package-compromised https://socket.dev/npm/package/plain-crypto-js/files/4.2.1/setup.js https://www.aikido.dev/blog/axios-npm-compromised-maintainer-hijacked-rat https://gist.github.com/joe-desimone/36061dabd2bc2513705e0d083a9673e7 https://github.com/axios/axios/blob/v1.x/.github/workflows/deprecate.yml Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training See what else I'm up to with: https://jh.live/newsletter ℹ️ Affiliates: Learn how to code with CodeCrafters: https://jh.live/codecrafters Host your own VPN with OpenVPN: https://jh.live/openvpn Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense

🚨 NPM axios Supply Chain Attack 🚨

( huge thanks livestream partner https://jh.live/specterops-stream )

OpenClaw......RIGHT NOW??? (it's not what you think)

Get your own VPS and set up OpenClaw: https://hostinger.com/ncopenclaw Use code NETWORKCHUCK! OpenClaw has 308K GitHub stars — more than React, more than the Linux kernel. But what IS it actually? I set it up on a VPS, gave it a Telegram bot, and watched it build a news briefing and server monitoring dashboard in minutes — something that took an entire n8n workflow video to do before. But I also kinda hate it. In this video, I cut through the hype and give you my honest take as someone who built the same thing with Claude Code before OpenClaw existed. In this video, you'll learn how to install OpenClaw on a Linux VPS in under 5 minutes, connect it to Telegram, build an AI news briefing agent and IT monitoring dashboard, understand the four pillars of OpenClaw (AI models, channels, memory, and tools), configure security with the built-in security audit, set up tool profiles and red lines, and decide if OpenClaw is right for you. Whether you're an AI enthusiast drowning in hype or a sysadmin curious about AI agents, this covers everything from one-line install to hardened security config. RESOURCES / LINKS: 🎓 NetworkChuck Academy (OpenClaw Course):https://ntck-ac.co/oc1 💻 GitHub Setup Guide (all commands): https://github.com/theNetworkChuck/openclaw-setup 🌐 OpenClaw: https://openclaw.ai 🛠️ ClawHub (Skills Directory): https://clawhub.com 🛠️ Hostinger VPS: https://hostinger.com/ncopenclaw 📺 n8n Automation Video: https://youtube.com/watch?v=ONgECvZNI3o ☕ NetworkChuck Coffee: https://networkchuck.coffee TIMESTAMPS: 0:00 - OpenClaw stressed me out (308K GitHub stars) 1:44 - Setting up OpenClaw in 5 minutes on a VPS 4:22 - Connecting Telegram and hatching your agent 7:30 - Project 1: AI news briefing (one sentence vs entire n8n workflow) 8:14 - Project 2: AI IT engineer monitoring your own server 9:34 - What IS OpenClaw actually? (gateway + 4 pillars) 15:07 - Tools, cron jobs, and heartbeats 17:08 - ClawHub skills, browser, and sub-agents 19:27 - Why everyone freaked out (my honest take) 20:55 - Securing your OpenClaw instance 30:01 - My verdict: how I actually use OpenClaw **Sponsored by Hostinger SUPPORT NETWORKCHUCK: ☕☕ COFFEE and MERCH: https://ntck.co/coffee READY TO LEARN?? 🔥🔥Join the NetworkChuck Academy!: https://ntck.co/NCAcademy 📚 CCNA Course: https://ntck.co/ccna FOLLOW ME EVERYWHERE: Instagram: https://www.instagram.com/networkchuck/ X/Twitter: https://x.com/networkchuck Facebook: https://www.facebook.com/NetworkChuck/ Join the Discord server: https://ntck.co/discord Some links in this description are affiliate links. If you buy through them, I may earn a small commission at no extra cost to you. #openclaw #aiagents #networkchuck

Welcoming Megan to TCM! | Cybersecurity | AMA

Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure

3 Reasons IoT Security Will Explode in 2026

https://www.tcm.rocks/pipa-y - Become a certified IoT & hardware hacker! We are proud to offer the Practical IoT Pentest Associate (PIPA), a beginner-friendly cert that will help you start ethically testing devices in no time. Will IoT and firmware hacking blow up in popularity this year? According to Andrew Bellini, there’s a strong chance, and here's a few key reasons why: 1.) The EU Cyber Resilience Act, pushing manufacturers to take IoT security more seriously 2.) The rapid rise of AI-powered devices 3.) Growing interest in drone hacking All signs point to a potentially major shift in the landscape. What do you think; are we about to see IoT hacking take off? Don’t forget to subscribe to the TCM Security YouTube channel so you never miss a content drop. Check out our beginner-friendly hardware hacking course in the TCM Security Academy here: https://www.tcm.rocks/hh-y #iot #hardwarehacks #ai #iotsecurity #hacking   Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure

Project Helix Walkthrough: Blue Team CTF

https://www.tcm.rocks/psaa-y-2026 - Explore our selection of blue teaming certifications while they're still on sale! The PSAA (Practical SOC Analyst Associate) as well as the PSAP (Practical SOC Analyst Professional) can be purchased for 20% off. Just apply the code SPRINGFLASH26 - and make sure you buy before 11:59 PM ET March 20th! Last week, we hosted our first EVER blue team CTF! Project Helix was a CTF that required participants to put their investigative and forensics skills to the test. There were actually several ways to solve this particular Pluribus-inspired challenge. Andrew Prince walks through Project Helix from scenario to solution in this video. Did you miss this CTF? Don't worry; we have several others on the way later this year! #dfir #forensics #ctf #ctfwalkthrough #blueteam Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure

ChatGPT For The Dark Web

https://jh.live/flare-032026 || Manage threat intelligence and your exposed attack surface with Flare! Try a free trial and see what info is out there: https://jh.live/flare-032026 Learn Cybersecurity and more with Just Hacking Training: https://jh.live/training See what else I'm up to with: https://jh.live/newsletter ℹ️ Affiliates: Learn how to code with CodeCrafters: https://jh.live/codecrafters Host your own VPN with OpenVPN: https://jh.live/openvpn Get Blue Team Training and SOC Analyst Certifications with CyberDefenders: https://jh.live/cyberdefense

State of the Cybersecurity Workforce, JHT / WiCyS RSAC Preview

Just Hacking Training Livestream with Lynn Dohm of WiCyS and Will Markow of FourOne Insights! Thursday, March 19 at 1:00pm Eastern Time https://justhacking.com

Bloodhound OpenGraph

Justin Kohler joins the party to dig into BloodHound OpenGraph! Big thanks to livestream partner SpecterOps https://jh.live/specterops-stream

BIG DAY TODAY

( huge thanks livestream partner https://jh.live/specterops-stream )

BIG DAY TODAY

( huge thanks livestream partner https://jh.live/specterops-stream )

can AI eat its own tail? 🤖

( big thanks livestream partner https://jh.live/specterops )

The Importance of Forensic Soundness

https://www.tcm.rocks/socl2-y - Next week is SOC Level 2 Live Training! This exclusive instructor-led training focuses on incident response, threat hunting, and other advanced SOC topics. Get 20% off the live training (as well as certs) as part of the FLASH SALE we're doing this week! Your code to save is SPRINGFLASH26 - and you can also receive 50% off your first payment to the TCM Security Academy. What is forensic soundness and why is it so critical to DFIR? And what distinctive advantage does it have over physical forensics? In this short, Andrew Prince walks through the concept and how it differs from its more traditional counterpart. Subscribe to never miss a content drop from the TCMS team! #dfir #cybersecurity #forensics #digitalforensics #blueteam Sponsor a Video: https://www.tcm.rocks/Sponsors Pentests & Security Consulting: https://tcm-sec.com Get Trained: https://academy.tcm-sec.com Get Certified: https://certifications.tcm-sec.com Merch: https://merch.tcm-sec.com 📱Social Media📱 ___________________________________________ X: https://x.com/TCMSecurity Twitch: https://www.twitch.tv/thecybermentor Instagram: https://www.instagram.com/tcmsecurity/ LinkedIn: https://www.linkedin.com/company/tcm-security-inc/ TikTok: https://www.tiktok.com/@tcmsecurity Discord: https://discord.gg/tcm Facebook: https://www.facebook.com/tcmsecure