Matt Johansen
Friendly neighborhood cybersecurity guy | expect infosec news, appsec, cloud, dfir. | Long Island elder emo in ATX.
vulnu.com <- sign up for my weekly cybersecurity newsletter
- Every time I post 0days on IG I get DMs like this. I’ve become the harbinger of bad news.
- This recap from @jhaddix.bsky.social and @danielmiessler.bsky.social about RSA is solid. Also just love listening to practitioners talk, especially about AI. Real from the front lines reaction to this stuff. www.youtube.com/watch?v=XbMY...
- I'm absolutely drowning without a light at the end of the tunnel which is an awful combination.
- Dug deeper into this story and even looked through the source code briefly. youtu.be/KZS7uOG21Ig
- TeleMessage, the company behind the modified Signal client used by Trump admin officials, has been breached. Attacker claims the hack took "15-20 minutes" with minimal effort.
- I was coding at a coffee shop this week and a pop up DJ event happened around me. I thought about leaving but then I was just way to into it and had a very productive hour. Literal vibe coding.
- Are you even a hacker if you don’t e2e encrypt your coffee?
- Yeah boss. Finished the giant personification of North Korean threat actors. Made it really sexy just like you asked.
- Reposted by Matt Johansen[Not loaded yet]
- Nobody warned me a new version of Elder Scrolls Oblivion was coming out this week. Do we all just take the rest of the week off?
- Reposted by Matt JohansenAfter almost a week, negative responses to my 7k+ word investigation into DOGE's access at NLRB relies on a statement on there being no "official record" of DOGE's visit. Berulis never alleged DOGE funneled sensitive data to Russia. His disclosure relies on forensic evidence.
- why have a bug bounty when you can just ignore every researcher until they write a Medium post that goes viral
- Reposted by Matt JohansenHappy Friday everyone. Thanks for reading NPR.org this week. Wanted to take a second to also remind you: I interviewed whistleblower Dan Berulis to accompany my lengthy written story on NLRB. Hear from him in his own words: one.npr.org/i/nx-s1-5355...
- Hey I fucked up not looking for who broke that story There is *a lot* of noise around DOGE in the media, it's hard to follow I went straight to the testimony and started screenshotting and writing a summary thread, like I always do @jennamclaughlin.bsky.social's story is fantastic and I'm sorry.
- Reposted by Matt JohansenMy story breaking this news exclusively was 7K+ words and had almost all of this in it, and more: www.npr.org/2025/04/15/n...
- 🧵 THREAD: A federal whistleblower just dropped one of the most disturbing cybersecurity disclosures I’ve ever read. He's saying DOGE came in, data went out, and Russians started attempting logins with new valid DOGE passwords Media's coverage wasn't detailed enough so I dug into his testimony:
- Called out.
- we nearly lost the national vulnerability database youtu.be/fxrvx9fNc-c
- I hate it here
- They quoted some really good looking guy from vulnu.com here
- Common headline these days: “impending disaster delayed a bit.”
- I don’t know what happens if NVD and CVE face degradation
- Vuln Management teams about to have a bad week.
- career tip: learn to say “interesting...” when something is clearly on fire
- Reposted by Matt Johansen[Not loaded yet]
- Trump Whitehouse going after the former head of CISA (cybersecurity agency) Revoked his …and all of his coworkers???… security clearances. Official statement says it’s to ensure loyalty.
- Reposted by Matt Johansen[Not loaded yet]
- imposter syndrome gets quieter when you start mentoring someone turns out you know a lot more than you think
