Baited

40 minutes. From model resistance to live RCE on federal infrastructure."

🎣 #PacketHunters – One operator. Nine Gov agencies. 195 million records. Claude Code did the recon 💥

Cybersecurity Insights, PacketHunters / Claudia Galingani Mongini

Between December 2025 and February 2026, one attacker breached nine Mexican government organizations using a dual-AI workflow: Claude Code for live exploitation, GPT-4.1 for post-exploitation reconnaissance at scale. 75% of remote command execution was AI-generated. RCE on a federal server in 40 minutes. This is the PacketHunters breakdown, including defensive scripts and what the forgery system built afterward means for your incident response assumptions.

Cybersecurity Insights Decoded Opinion / Editorial

Decoded: six figures in security. One phone call.. embarrassing! Prove me wrong 😶

Cybersecurity Insights, Decoded, Opinion / Editorial / Claudia Galingani Mongini

Mandiant’s M-Trends 2025 confirms it. Voice phishing surged. Email phishing collapsed. Your stack is not the problem. The person who picked up the phone is. And nobody tested them.

Customer Stories / Case Studies Cybersecurity Insights PacketHunters

🎣 #PacketHunters – How crypto companies get owned? Three anonymized breach patterns and the OSINT surface they left behind

Customer Stories / Case Studies, Cybersecurity Insights, PacketHunters / Claudia Galingani Mongini

Smart contract exploits are declining. Human-layer attacks are not. In 2025, phishing led all crypto attack categories by incident count. We reconstructed three anonymized breach patterns (an exchange, a DeFi protocol, a Web3 startup) and built detection scripts around the OSINT surface each one exposed before the attack landed.

Cybersecurity Insights PacketHunters

🎣 #PacketHunters – More on pre-attack OSINT recon: how attackers map your infrastructure before touching it

Cybersecurity Insights, PacketHunters / Claudia Galingani Mongini

Your job postings just told an attacker which VPN you run. Your engineers’ LinkedIn certs identified your EDR. Certificate transparency logs exposed your internal subdomains. This is the recon phase — and it happens entirely before anyone touches your network.

Cybersecurity Insights Decoded

Decoded – Exposure is the attack before the attack

Cybersecurity Insights, Decoded / Claudia Galingani Mongini

Before a phishing email is written, attackers already understand your company. Using OSINT sources like LinkedIn, GitHub, and public infrastructure data, they map employees, tools, and internal patterns to craft believable attacks. This PacketHunters analysis explores how exposure fuels modern phishing reconnaissance.

Before a phishing email hits your inbox, your company has already been profiled.

Cybersecurity Insights PacketHunters

🎣 #PacketHunters – Exposure surface mapping: how much of your company is visible in 20 minutes?

Cybersecurity Insights, PacketHunters / Claudia Galingani Mongini

Before a phishing email is written, your company has already been profiled. Names, roles, email patterns, VPN portals, cloud providers — all gathered through open sources in under 20 minutes. In this PacketHunters breakdown, we map real organizational exposure using OSINT and Python, and show why phishing defense starts long before the first malicious link is sent.

Cybersecurity Insights Decoded

Decoded: Nerd Thoughts – They already know. You just don’t know they know. (entering the Exposure Month at Baited)

Cybersecurity Insights, Decoded / Claudia Galingani Mongini

March is about exposure. Not the embarrassing kind — the dangerous kind. Before any attacker sends a single phishing email, they already know your org inside out. OSINT, attack surface recon, open data trails.. this month we pull back the curtain on what’s visible, what’s exploitable, and why the scariest hacks start with a Google search.

We spent this month rethinking things most security teams assume are already solved.

Cybersecurity Insights Decoded

🧠 Decoded: The Catch – Rethinking cybersecurity (or why phishing, legacy systems, and identity drift still win)

Cybersecurity Insights, Decoded / Claudia Galingani Mongini

Phishing is not declining; it is evolving alongside identity sprawl and legacy infrastructure. This closing Decoded article examines why identity drift, fragmented governance, and underfunded awareness programs continue to expose organizations despite modern security tooling.

Release Notes

Release Note 0.1.1

Release Notes / Gianluca Aurelio

🆕 New Features 📖 In-App Interactive User Guide We’ve introduced a comprehensive in-app user guide designed to help you get the most out of every feature, without ever leaving the application. We want your experience to be as smooth as possible. Whether you’re just getting started or looking to dig deeper into specific features, the

Cybersecurity Insights Decoded

Legacy code, modern phishing: why COBOL is not the problem (nobody remembers how the machine thinks)

Cybersecurity Insights, Decoded / Claudia Galingani Mongini

A public tender from Sogei seeking COBOL programmers exposes a deeper issue: critical legacy systems still run modern economies. When knowledge disappears and governance lags behind, outdated environments become prime targets for phishing-driven takeovers. The real risk is not COBOL itself, but unmanaged identity and uncurated trust layered on aging infrastructure.