Week Notes 2026-21
Date Published: 2026-05-25
📅 Week of 2026-05-18 - 2026-05-24
🕒 Current
- Reading: Hunting Cyber Criminals by Vinny Troia
- TryHackMe Jr Penetration Tester path
🎥 Watched
- NahamSec - This GitHub README Hijacks Your AI and Spreads Like a Virus
- Talking Sasquach - I Built My Own Cyber Deck and It Looks INSANE! (Pi Flux Build)
🎧 Listened
- Cyberwire Daily Podcast
- 5/15 - One email could be all it takes.
- What's Next for the Proposed HIPAA Security Rule Overhaul? This is fantastic to hear. HIPAA should be getting changes for things like mandatory MFA, encryption, etc. Healthcare should have some of the best security controls in place given the sensitivity of the data they have, and I'm glad it will likely be getting enforced.
- 5/18 - The M5 just met its memory problem.
- Never-ending’ AI slop strains corporate hacking reward schemes This so unfortunate. Bug bounty programs are getting flooded with AI garbage, which dramatically increases triage time for actual researcher reports. Not only that, but open source projects like curl and Nextcloud had to shut down their programs because they don't have the time to weed through all the AI garbage. Hopefully we can find a way forward that blocks things like this, allowing actual reports to get the priority.
- 5/19 - CISA secrets left sitting on GitHub.
- 5/20 - The cost of trusting the extension ecosystem.
- 5/15 - One email could be all it takes.
👨💻 Hacked
- Completed TryHackMe rooms:
- Pentesting Fundamentals
- Defensive Security Intro
- Offensive Security Intro
- Careers in Cyber