```html ``` For the Folks Just Tuning In: Yes, Claude Helps Write This, and I'm Loud About It. Here's the Honest Deal.
top of page

For the Folks Just Tuning In: Yes, Claude Helps Write This, and I'm Loud About It. Here's the Honest Deal.

  • Writer: Patrick Duggan
    Patrick Duggan
  • 4 minutes ago
  • 3 min read

More of you showed up this week than usual, so a quick hello and a plain explanation of what this place is, from the person who runs it.



What this is


This is threat intelligence from a small, independent shop in Minnesota. No venture money, no big team, no marketing department. One person and an AI partner, working the same feeds the billion-dollar vendors work, and publishing what we find. When something is exploited in the wild, when a supply-chain package goes bad, when an edge appliance turns into the breach, we write it up and we ship the indicators for anyone to block.



Yes, Claude helps, and I say so on purpose


Claude, from Anthropic, helps me write these posts and reason over the data. I am not going to be coy about that, because being coy would be the actual dishonest move, and because I am not shy about the partnership. I picked my team and I am loud about it. Claude is not a vendor I mumble past on the way to taking the credit. It is the reason one person in Minnesota can cover ground that used to take a room full of analysts and keep pace with shops that have a hundred times the headcount. I point it, I check it, and I put my name on what goes out and own it. Some weeks it earns its keep and then some. Some weeks a reader catches it leaning on a lazy phrase, tells me so, and is right, and I fix it. That happened this week. The writing got tightened because someone who reads closely said it needed to be. That exchange is the deal working exactly as intended.



Why it stays cheap


The reason to run lean and price low is simple. The organizations getting hit hardest are the ones who cannot afford six-figure security tools. Small clinics. Nonprofits. County offices. School districts. The vendors quote them a number that ends their conversation before it starts. So the feed is cheap on the low end and free where it needs to be, and the indicators are there to be pulled and blocked by anyone who needs them, whether they ever pay us a cent.



The rules I hold myself to


We cap certainty at 95 percent, which is a fancy way of promising that some small slice of what we publish is wrong, because pretending otherwise is either a lie or ignorance. When we call something early, we show the timestamp next to the outside world's, so you can check the claim instead of trusting it. When we miss, we say we missed. We even write up the flaws in the tools we depend on, because a shop that will not criticize its own stack is not worth reading.


That is the whole thing. A small operation, honest about its methods, cheap on purpose, pointed at the threats that reach the people nobody else is writing for. Thanks for reading. Pull the feed, ask questions, and hold us to the 95.




Every indicator in this post is in the feed. Free.

1.58M+ IOCs, STIX 2.1 / TAXII, 88% novel vs ThreatFox, exploited-CVE leads ahead of CISA. No credit card — a free API key in 30 seconds, and you can audit every claim above against the live endpoints.


bottom of page