惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

TaoSecurity Blog
TaoSecurity Blog
T
Troy Hunt's Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Vercel News
Vercel News
T
Threatpost
G
Google Developers Blog
T
Threat Research - Cisco Blogs
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
The Exploit Database - CXSecurity.com
H
Heimdal Security Blog
Google DeepMind News
Google DeepMind News
Cyberwarzone
Cyberwarzone
T
The Blog of Author Tim Ferriss
Know Your Adversary
Know Your Adversary
Hacker News: Ask HN
Hacker News: Ask HN
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Schneier on Security
B
Blog
V2EX - 技术
V2EX - 技术
NISL@THU
NISL@THU
C
CERT Recently Published Vulnerability Notes
W
WeLiveSecurity
C
Cybersecurity and Infrastructure Security Agency CISA
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Y
Y Combinator Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Spread Privacy
Spread Privacy
The Last Watchdog
The Last Watchdog
V
Vulnerabilities – Threatpost
N
Netflix TechBlog - Medium
Schneier on Security
Schneier on Security
F
Fortinet All Blogs
N
News | PayPal Newsroom
Attack and Defense Labs
Attack and Defense Labs
Blog — PlanetScale
Blog — PlanetScale
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
Microsoft Security Blog
Microsoft Security Blog
S
Security @ Cisco Blogs
人人都是产品经理
人人都是产品经理
爱范儿
爱范儿
P
Privacy & Cybersecurity Law Blog
P
Proofpoint News Feed
Project Zero
Project Zero
I
Intezer
罗磊的独立博客
H
Hackread – Cybersecurity News, Data Breaches, AI and More
酷 壳 – CoolShell
酷 壳 – CoolShell
博客园 - Franky
SecWiki News
SecWiki News
Martin Fowler
Martin Fowler

Show HN

GitHub - steveking-gh/firmion: Firmion is DSL and engine for firmware image generation. GitHub - villagesql/villagesql-skills: Agent skills for VillageSQL - gemini-cli-extension; claude-code-plugin GitHub - flightdeckhq/flightdeck: Observability and control plane for AI agents. CSP Radar GitHub - Light-Heart-Labs/DreamServer: Turn your PC, Mac, or Linux box into an AI server. LLM inference, chat UI, voice, agents, workflows, RAG, and image generation. GitHub - Diplomat-ai/diplomat-agent-ts: What can your TypeScript AI agent do to the real world? Scan your code. See which tool calls have zero checks Code Block Selector - Visual Studio Marketplace Prometheus dependency graph — interactive showcase | Riftmap Show HN: I made a vi-like modal keyboard plugin for Figma GitHub - run-llama/liteparse: A fast, helpful, and open-source document parser GitHub - dalemyers/Roar: A macOS CLI tool for notifications GitHub - district-solutions/open-agent-tools-coder: Enables small-to-large self-hosted ai models to use local source code when running tool-calling agentic workloads. We actively data mine 20,900+ (2+ TB) popular github repos using large and small ai models to create reuseable: json, markdown and parquet files for local-first tool-calling models. GitHub - progapandist/stripeek: A local TUI proxy for real-time Stripe API debugging, built for navigating complex payloads fast. GitHub - sir1st/hermes-desktop: All-in-one cross-platform desktop app for Hermes Agent — bundles Python + hermes-agent + hermes-web-ui GitHub - astefanutti/shaderbang: Shebang for Shaders Show HN: Generate Claude Code Workflows using Spec Driven Development approach GitHub - nixys/nxs-universal-chart: The Helm chart you can use to install any of your applications into Kubernetes/OpenShift Show HN: AI agents for UK GDAD PCF roles and their skills The Two Pillars: Mixer Mode and Meta-Software in the Reorganization of Software Work After AI GitHub - JaiCode08/teleport-env What 1,000+ Harness Experiments Taught Me About Self-Improving Agents Show HN: Liiists, a Markdown-first, iOS and CLI list app SwiperTab – Get this Extension for 🦊 Firefox (en-US) GitHub - kouhxp/fftext: Summarize, explain, fact-check, or translate any text, URL, or file. No GPU. No cloud. One command GitHub - sweetpad-dev/sweetpad: Develop Swift/iOS projects using VSCode GitHub - dogmaticdev/IRON: IRON a.k.a. Intermediate Representation Object Notation is a Interpreter/Database that is used to create Programming Languages. GitHub - sjhalani7/vaen: Package your AI coding harness into a portable .agent file, and share it across repos, teams, & the community without ever having to copy-paste instructions, skills, MCP config, or secrets. Show HN: Gandalf the Grader Show HN: Citadeld – replay any CI failure locally from a single file GitHub - tdortman/cuSBF: High-Performance GPU Super Bloom Filter coral-ai/claude-code-token-xray at main · Coral-Bricks-AI/coral-ai GitHub - ulyssestenn/funes: Funes is a Git-based framework for LLM-managed knowledge work: an AI Librarian ingests raw sources, builds an interlinked Markdown knowledge base, and uses it to produce cited reports, analyses, and other outputs. GitHub - ThatXliner/gah: Git Add Hunk, built for agents to use GitHub - harmont-dev/harmont-cli: Command-line client for the Harmont CI platform GitHub - brooksmcmillin/mcp-authflow: OAuth 2.0 Authorization Server framework for MCP servers GitHub - javaid-codes/audit-supply-chain-agents GitHub - amorey/gochan: A small library of common channel architectures for Go, inspired by Rust GitHub - arifozgun/OpenGem: Free, Open-Source AI API Gateway with Gemini, OpenAI & Anthropic Compatibility in 1 file GitHub - Pranesh950/BioPetals: 🌸 Run BIOxAI models at home, BitTorrent-style. Fine-tuning and inference up to 10x faster than offloading GitHub - cnguyen14/bounty-doctor: Diagnose a GitHub bounty issue before you waste hours: detects honeypot scam repos, AI-bot attempt swarms, and stale contests. Show HN: CoreMCP – MCP Server for On-Prem DBs Show HN: KittyHTML – Render HTML/CSS as an inline image in your terminal GitHub - bingud/filemat: Web-based file manager Show HN: TruthLens – Free multi-signal deepfake image detector GitHub - apexlocal-jz/claude-usage-tray: Windows system-tray app showing your Claude Code rate-limit usage at a glance. Zero deps, ~300 lines of PowerShell. Cross-IDE (works regardless of VS Code, Cursor, plain terminal). Release v0.1.2.1 · kouhxp/yapsnap GitHub - noopolis/moltnet: Self-hostable chat network for AI agents. Pre-built bridges for Claude Code, Codex, and the Claws. Rooms, DMs, history. No Slack bots, no Matrix, no glue code. GitHub - tamerh/enju: Coordinating Humans, AI Agents, and Compute as Peers on a Shared Workflow Graph Show HN: Continuity-auth – Respect-weighted rate limits for the open web GitHub - luml-ai/luml: AI lifecycle platform where engineers and agents track experiments, train models, and ship to production. GitHub - mrdanielcasper/CoreTex: A UNIX-inspired, biomimetic, flat-file AI harness and knowledge engine. GitHub - clemg/pierre-github: Pierre's diffs.com and trees.software for Github GitHub - lyriks-io/unspaghettit: Behavior-driven AI development without prompt spaghetti. GitHub - sofumel/claude-handoff-revive: Resume Claude Code work after rate/usage/context limits without replaying the prior transcript. Auto-saves at 90%/95% usage. Plugin-installable, 10 languages. GitHub - dotexorg/saferpc: Typed, end-to-end encrypted RPC over any bidirectional channel. GitHub - BeeZeeAgent/beezee: Agent harness orchestration Legato Next.js Boilerplate for Internal Tools · CoreUI GitHub - clark-labs-inc/clark-hash: Clark Hash, 32x smaller searchable sketches for embeddings GitHub - ZeroPointRepo/youtube-mcp: The fastest YouTube transcript + YouTube search MCP for AI agents. Try for free. Typing Mastery — climb toward 100+ WPM, deliberately GitHub - Andebugulin/Awareen GitHub - fayzan123/claude-workflow-composer: Visual desktop app for composing multi-agent coding workflows. Drag agents, attach skills and MCPs, wire handoffs, export to .claude/ GitHub - harshaneel/humanize: Best static AI text humanizer. Two research-grounded skills that work in any LLM (Claude, ChatGPT, Gemini, Codex): humanize beats perplexity-based detectors, ai-check produces forensic scoring with evidence-quoted flags. Nine levers, 50+ peer-reviewed sources, 2024-2026 detection literature. GitHub - StackOneHQ/stack-nudge GitHub - nodes-app/swift-markdown-engine: A native AppKit Markdown editor for macOS, built on TextKit 2 and bridged to SwiftUI. We hardened an LLM agent. Each defense we added made it more exploitable. GitHub - alkait/WhatsKept: Agent-queryable WhatsApp history from an iOS backup — a single Go binary. GitHub - octelium/cordium: Open-source, general-purpose sandbox platform for devs and AI agents that provides identity-based secure access to infrastructure without credentials. WAR.GOV/UFO Microfilm5 GitHub - scosman/videowright: Build animated explainer videos with your coding agent GitHub - dipankar/dscode: The code editor you can take apart. GitHub - zoharbabin/web-researcher-mcp: MCP server (Go) for AI assistants: web search, content extraction, academic/patent/news research. Multi-provider routing, 4-tier scraping, search lenses. Works with Claude, Cursor, and any MCP client. GitHub - ruvnet/RuView: π RuView turns commodity WiFi signals into real-time spatial intelligence, vital sign monitoring, and presence detection — all without a single pixel of video. GitHub - scanaislop/aislop: Catch the slop AI coding agents leave in your code: narrative comments, swallowed exceptions, as-any casts, dead code, oversized functions. 50+ rules across 7 languages (TypeScript, JavaScript, Python, Go, Rust, Ruby, PHP). Sub-second, deterministic, no LLM at runtime. MIT-licensed. GitHub - kouhxp/cheap-im: CPU-only voice agent approximating Thinking Machines' Interaction Models demo GitHub - unprovable/OrchidMantis: Orchid Mantis — standalone framework for Zero-Knowledge Proofs of eXploit (ZKPoX). GitHub - MarcellM01/TinySearch: Shrink the web for your local LLMs! GitHub - TangibleResearch/Halgorithem: A Algo designed to detect AI Hallucitions GitHub - DO-SAY-GO/freelang: I love freelang GitHub - CarpseDeam/Aura-IDE: An AI coding harness that shaped itself - Planner/Worker agents, repo awareness, surgical edits, validation, recovery, and safe diff approvals. GitHub - chojs23/concord: A feature-rich TUI client for Discord GitHub - tommyjepsen/awesome-ux-skills: UX & AI Product designs skills you can use today in Claude Code GitHub - aerf-spec/aerf: Agent Evidence Receipt Format (AERF) — an open specification for tamper-evident, independently verifiable records of AI agent actions. GitHub - kklimuk/docx-cli: CLI for AI agents (Claude, Codex) to read, edit, and comment on .docx files with full format fidelity. GitHub - Jwrede/tokentoll: Catch LLM cost changes in code review. Infracost for LLM spend. GitHub - samchon/ttsc: A `typescript-go` toolchain for compiler-powered plugins and type-safe execution + 500x faster lint integrated into compiler GitHub - Higangssh/homebutler: 🏠 Manage your homelab from chat. Single binary, zero dependencies. GitHub - olalie/tapmap: See where your computer connects and what stands out on a live world map. GitHub - Diplomat-ai/diplomat-agent: What can your AI agent do to the real world? Scan your code. See which tool calls have zero checks GitHub - Bajusz15/beacon: Open-source agent for secure remote access, monitoring, and deploys across home-lab and self-hosted machines like Raspberry Pi, N100, or any Linux server. Open web based TTY or tunnel Home Assistant and other local services securely without opening ports. BigTech AI News - Chrome 应用商店 GitHub - vinhnx/VTCode: VT Code is an open-source coding agent with LLM-native code understanding and robust shell safety. Supports multiple LLM providers with automatic failover and efficient context management. GitHub - michaelaz774/decision-engine: A decision operating system for startup founders, powered by Claude Code. Synthesizes wisdom from 25+ legendary founders and investors into interactive AI-driven decision frameworks. GitHub - Chrilleweb/dotenv-diff: Validate environment variable usage in your codebase GitHub - Lumen-Labs/brainapi2: BrainAPI is a knowledge graph–powered AI memory layer that transforms unstructured data into structured knowledge, enabling intelligent search, recommendations, and contextual memory for AI agents and applications. GitHub - familiar-software/familiar: Let AI watch you work. Familiar lets your AI update its memory, skills, and knowledge by watching your screen. GitHub - skorotkiewicz/rudo: A small, elegant dock for Wayland GitHub - muxshed/shed: One stream in, or many. Every destination, simultaneously. No cloud middleman, no per-channel fees, no limits. make sidebar/address bar rounded corner toggleable
HACKERS FOR GRANNY — A Call to Arms
Professor Sigmund · 2026-06-16 · via Show HN

>> THREAT: INDUSTRIALIZED ELDER FRAUD
>> RESPONSE: COGNITIVE BATTLE v1.0

A Call to Arms


Field Notes by Professor Sigmund // 2026-06-14

I. The Problem

Every year, industrialized fraud syndicates extract over $64 billion from the global elderly population. These are not lone actors of yesteryear, hoping to scam a granny. Today they represent vertically integrated criminal enterprises operating from fortified compounds in Myanmar, Cambodia, and Laos — staffed by trafficked labor, funded by crypto laundering networks, and armed with military-grade technology.

Granny Against the Mekong River Fraud

Figure 1: Fortified compounds along the Mekong. Trafficked labor, military-grade attacks.

They deploy voice cloning that replicates a grandchild's voice from three seconds of scraped audio. They use real-time deepfakes to impersonate lovers and federal agents on video calls. They weaponize legitimate remote access tools such as Microsoft Quick Assist, AnyDesk, TeamViewer etc., to take control of a victim's computer while blacking out the screen. They run A/B-tested psychological scripts that exploit the biological decline of fluid intelligence in the aging brain.

The traditional advice - "don't click suspicious links" - is obsolete. The callous villain targeting our grannies has outpaced our defenses. Let's build the defense.

II. Lonely Victims

Beneath the glossy, albeit tragic, graphs and data about cybercrime aiming at our grandparents, there's a horrid truth swept under the rug: loneliness kills! Society is too busy sticking its nose into the tiny screens of doom to visit a lonely old neighbor who hasn't had a human interaction for days, if not weeks. The National Library of Medicine body of studies is devastating: in adults aged 65+, loneliness increased all-cause mortality by 14% (HR 1.14), social isolation by 35% (HR 1.35), and living alone by 21%.[1]

It's a small wonder that our grannies are now tech-savvy enough to reach for companionship online. Technology interventions can improve social connectedness in older adults. Published in Clinical Social Work and Health (2025),[2] this review found 65.4% of studies reported positive results in reducing loneliness through ICT. Smartphones, tablets, telecare, and even robotic pets showed measurable benefits. And yet, this is a double-edged sword: they are left to swim the digital oceans of sludge and bile, all too often falling prey to criminals using sophisticated psychological tricks.

Granny Amygdala Hijack

Figure 2: The amygdala hijack — a cortisol spike shuts down rational thought.

The Amygdala Hijack is among the most vicious. A single trigger — a grandchild in jail — sparks a cortisol spike that shuts down the prefrontal cortex, producing pure panic. The Authority Reflex is equally brutal: generational respect for authority, badge numbers, federal syntax, and the fear of reputational ruin that outweighs financial loss. Scammers hack attention. Scammers hack fear. Scammers hack trust. The end result: billions in life savings stolen from older Americans each year.

III. A Call to Arms

If you are a security researcher, a penetration tester, a reverse engineer, a Python developer, or a UI designer who gives a damn about your granny — this is your fight. So many of you geniuses are too busy making a buck, or, alas, "vibe coding" in the maddening era of AI BS, or simply doing the best you can, but damn it, we all can find a moment or two to help a granny, if only our own; a grandpa who sits in front of the computer, trying to cope with the loneliness old age brings to every single one of us, and help them out, one way or another. Would you let an abandoned puppy suffer at the edge of a road? No, you would not. Just because you do not see a granny crying after being scammed by some damn callous criminal on the other side of the world does not mean it is any less real. Use your knowledge, your passion, your heart. Yes, help them out.

The Blind Spots

Protecting Older Consumers 2024-2025: A Report of the Federal Trade Commission highlights a dramatic increase in older adults reporting losses of over $100,000 to scams.[4] Truly, what is this bullshit? The government can keep producing reports for our info, but they won't actually protect a granny's individual laptop. Let's step in, damn it. The Kill Chain is documented. The attack patterns are known. QuickAssist abuse, AnyDesk persistence, black screen attacks, registry manipulation, browser hijacking during remote sessions — that's already in Granny. We need more.

The Numbers

When Granny Kate, or any future build protecting the seniors, triggers the system, it builds the case. But the tool alone cannot do it. Session logs, registry state, network connections, the scammer's IP — they all need to be timestamped, tamper-evident, and court-ready. Or placed in a public repository accessible by law enforcement. Imagine 10,000 people, 1,000 savvy, 100 geniuses, helping out the granny. Do not snicker — there are fantastic people out there, and this is not some Pollyannish BS akin to "Bitcoin will feed the poor" nonsense. It is actionable. Federal prosecutors are actually putting these people in prison. In December 2025, two defendants pleaded guilty in federal court to a $1.49 million gold-bar "safekeeping" scam that stripped an 80-year-old Carlsbad woman of her life savings.[4]

Protecting Older Consumer Report Federal Trade Commission

Figure 3: FTC report on elder fraud prosecutions.

The DOJ's "Save Our Seniors"[4] initiative has filed multi-district indictments against tech-support and government-impersonation rings responsible for $11 million in losses to seniors. The FTC's Criminal Liaison Unit routinely feeds civil evidence into federal wire-fraud and money-laundering prosecutions. But here is the hard truth: the single biggest obstacle to prosecuting these crimes is gathering admissible evidence when scammers hide behind VPNs, VoIP, and foreign jurisdictions. The Granny Kate movement, if it inspires action, closes that gap. Build your own. Beat us to it. The grannies win either way.

Kitboga fights the scammers. Jim Browning is a tireless cyber-security speaker on the front lines. Scam Ranger, Darknet Diaries (Jack Rhysider), Brian Krebs (KrebsOnSecurity), Scammer Payback, Pleasant Green — you would be in good company.

Translators

Grandmothers speak every language. The scripts targeting them are already localized. Our defense must be too.

Testers

Install it on your grandmother's computer. Watch what confuses her. Report back. The best bug report is "my grandma couldn't figure out how to dismiss the alert."

What We Do Not Need

  • Feature creep. This tool does one thing: detect and disrupt remote access scams targeting the elderly.
  • Moralizing. The covenant is a quality standard, not a prayer.
  • Vigilante justice. We detect. We alert. We do not hack back.

IV. The Research

This manifesto is backed by primary research:

📄 PDF DOCUMENT

The_Gray_Zone_Kill_Chain_XORD.pdf — Forensic analysis of industrialized fraud targeting the aging population. 14 pages, 40 citations.

The organized crime targeting our parents and grandparents, and, it should not be denied, any n00b or normal user not vigilant enough to protect themselves, is real. The pain of being scammed scars the soul or even destroys a life. Reports are sterile. Go to the granny, see a neighbor, help her out.

Yes, Granny Kate is a commercial product; the good Granny needs to eat. But it is given to you free for seven full days. You can reverse-engineer it, get inspired, and make something better. Install it on the granny's computer. Help her out.

~ Professor Sigmund Research Archive

V. Our Tool to Test: Granny Kate™

Granny Kate™ is a lightweight desktop application that runs on an elderly user's computer with their explicit consent. It is a cognitive shield, a session-aware monitor that detects the specific attack patterns documented in our Kill Chain research and intervenes before extraction occurs.

It is live. The full application is certified and distributed through the Microsoft Store. But you do not have to purchase the Granny to try it. The demo below is fully functional, though Windows will warn you because it is not Store-signed. The Store version is identical and installs clean. You'll have seven days. Run it against the fake-threat page to see how it works under fire.

⬇ Download Granny Kate Demo ▶ Open Fake-Threat Demo Page

VI. The Bottom Line

The adversary has industrialized. The defense must industrialize too.

A single Python script on a grandmother's desktop, running with her consent, monitoring for the five attack patterns that account for 90% of elder tech fraud — that is not a moonshot. That is an afternoon of code wrapped in a year of research.

The architecture is only the first line of defense but the community is the weapon.

Read the Kill Chain. Write a detection rule. Test it on your grandmother's computer.
Protect the people who raised us.

ENDNOTES:

Note: All research citations link to primary sources and XORD LLC internal forensics. No affiliate links are used in this document.

[1] Agni Nakou, et al. "Loneliness, Social Isolation, and Living Alone: A Comprehensive Systematic Review, Meta-Analysis, and Meta-Regression of Mortality Risks in Older Adults." Aging Clinical and Experimental Research, vol. 37, no. 1, 21 Jan. 2025.
https://doi.org/10.1007/s40520-024-02925-1

[2] Ruiz-Figueroa, Ismael, et al. "Diverse Digital Responses to Loneliness in Older Adults: A Systematic Review from a Social Work Perspective." Clinical Social Work Journal, vol. 54, no. 54, 16 Jan. 2025, p. pages 224–235 (2026).
https://doi.org/10.1007/s10615-024-00981-8

[3] Department of Justice. "Two Men Plead Guilty in $1.49 Million Scam Involving Bulk Gold Purchases." Justice.gov, 2026.
https://www.justice.gov/usao-sdca/pr/two-men-plead-guilty-149-million-scam-involving-bulk-gold-purchases

[4] Federal Trade Commission. Protecting Older Consumers 2024-2025: A Report of the Federal Trade Commission. Federal Trade Commission, Dec. 2025.
https://www.ftc.gov/system/files/ftc_gov/pdf/P144400-OlderAdultsReportDec2025.pdf