Google has confirmed that hackers have stolen the Salesforce-stored data of more than 200 companies in a large-scale supply chain hack. On Thursday, The nebulous hacking group known as Scattered Lapsus$ Hunters claimed responsibility. Read more from @Techcrunch:

https://flip.it/zDONb5

#Tech #Google #Salesforce #Cybersecurity #Hackers

Critical remote code execution flaw reported in Emerson Appleton UPSMON-PRO

Emerson's Appleton UPSMON-PRO UPS monitoring system contains a critical stack-based buffer overflow vulnerability (CVE-2024-3871) that allows remote attackers to execute arbitrary code with SYSTEM privileges via malicious UDP packets to port 2601. The product has reached End of Life with no security patches available.

**Make sure all Emerson Appleton UPSMON-PRO devices are isolated from the internet and accessible from trusted networks only. Since this product is End of Life and no security patches are available, block UDP port 2601 and isolate the monitoring network until you can migrate. Plan a replacement with a supported UPS monitoring solution.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-remote-code-execution-flaw-reported-in-emerson-appleton-upsmon-pro-y-6-9-b-2/gD2P6Ple2L

Oooh, it's my time to leap into cybersecurity.

"Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models"

"...Abstract

We present evidence that adversarial poetry functions as a universal single-turn jailbreak technique for large language models (LLMs). Across 25 frontier proprietary and open-weight models, curated poetic prompts yielded high attack-success rates (ASR), with some providers exceeding 90%. Mapping prompts to MLCommons and EU CoP risk taxonomies shows that poetic attacks transfer across CBRN, manipulation, cyber-offence, and loss-of-control domains. Converting 1,200 MLCommons harmful prompts into verse via a standardized meta-prompt produced ASRs up to 18 times higher than their prose baselines. ..."

https://arxiv.org/html/2511.15304v1

#poetry #cybersecurity #LLMs #jailbreaking

A listing on a dark web forum claims that a full database from Beckett Collectibles, the U.S.-based marketplace for trading cards and memorabilia, is being sold through a third-party marketplace.

#databreach #cybersecurity
https://databreach.io/breaches/beckett-collectibles-data-breach-reportedly-exposes-customer-information/

Please, if you are using a free VPN, other than ProtonVPN, stop!!! If you need a VPN then pay for it. And don't pick some cheap one with no reputation either. Pick a reputable one.

They are hugely expensive to run and if they are free, run by some unknown, they are getting their profits in ways you won't like.

https://cybersecuritynews.com/malicious-free-vpn-extension-with-9-million-installs/

#cybersecurity #VPN #VPNS

let me tell you, Wisconsin's #vpn ban is simply is nothing but #wordsalad because it doesn't work!
first off, the federal government literally recommends VPNs. in fact, if you see this document and this document you can see that the government literally recommends VPNs.
so this would go against the federal governments own recommendations.
second off, this violates the first and forth amendments.
o, and this doesn't work at all.
in fact, in order for this to even work, they would have to implement the #great #firewall of #china architecture, where they'd have to censor everything coming from the internet, or they'd have to do something similar to #kwangmyong which, again, would violate the first and forth amendments.
and knowing #internet providers like #comcast / #xfinity , #spectrum / #charter, ISPs are too lazy to implement deep packet inspection themselves, meaning they'd very likely just block VPN sites at the DNS level, which, keep in mind, doesn't work.
#epicfail #cybersecurity #censorship

Oh look, the opportunity to trade all my personal data to Google for "up to" $540 🙄 #privacy #cybersecurity

Alt...

Google details on monitoring your phone

🧱 You're already building infrastructure, apps, and cloud systems. Now build your cybersecurity muscle. We make it fast, easy and free with the Cybersecurity Skills Framework from Linux Foundation Education & OpenSSF.

The Cybersecurity Skills Framework helps:
🔸 Developers
🔸 IT admins
🔸 SREs
🔸 Network engineers
🔸 And more

Understand the risks. Identify the skills. Strengthen your team. Start here, it's FREE! Try it now: https://cybersecurityframework.io

#Cybersecurity #ITLeadership #RiskManagement

Was just going on a grey-beard rant about how Rust give developers a false sense of security.

I didn't even notice the TARMageddon vulnerability until now and well this grey beard really only can say "told you so".

This is -precisely- the class of bugs I was describing, and -exactly- due to the reasons I outlined.

The blast radius of this thing is also freaking epic, almost anything that used tar in Rust is vulnerable to possible RCEs lmao.

https://edera.dev/stories/tarmageddon

#Rust #Cybersecurity #tar

Goed om te herhalen, data residency is niet hetzelfde als digitale soevereiniteit.
Voor meer informatie zie deze Linkedin post: https://www.linkedin.com/posts/anco-scholte-ter-horst-5309171_digitalesoevereiniteit-dataresidency-techpolicy-activity-7394292038520958976-7U_3?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAAF1e0B9NdKmMgifWp0-swhxSBqsfGEHac
#dataresidency #digitalesoevereiniteit #ICT #IT #cybersecurity

Alt...

data residency is niet hetzelfde als digitale soevereiniteit.

Just got what I'm pretty sure is a phishing text on my phone.

It claimed to be from Apple, and said that someone had found my iPhone, and I should sign into Apple to claim it.

Except that I was holding that phone in my hand. I received the text on it.

I don't think someone thought that one through very well. #cybersecurity

The Louvre’s surveillance password was literally… “Louvre.” 😳

Here are 3 password manager tips from Tuta you need to hear 👇

Tip 1: Use strong, unique passwords
Tip 2: Never reuse passwords
Tip 3: Enable 2FA (two-factor authentication)

#CyberSecurity #JewelryLourve #Lourvepassword

Leuk artikel over SandGrain, een Nederlands bedrijf,
https://www.nrc.nl/nieuws/2025/11/07/de-unieke-chip-het-nieuwe-wapen-in-de-hybride-oorlog-a4911933?utm_source=clipboard&utm_medium=clipboard&utm_campaign=share&utm_term=share-modal&gift_token=4911933~1763377421~Y_3FDp0IEeKfgABQVoV_mg~Z21WpKV_bWxqxnegwCf0RP8j3E2FWCOHnBuBWL50siw
https://sandgrain.eu/
#ICT #chips #sandgrain #cybersecurity

Yikes, excellent blog post on why companies really need to erase all of the data off of network equipment they send to recycle.

@alyx

#privacy #cybersecurity #ewaste

🔐 You don't need another compliance tool. You need a way to build real cybersecurity readiness across your team — fast.

That’s why the new Cybersecurity Skills Framework matters:
🔹 Customize critical skills by role and level
🔹 It’s free, open, and flexible
🔹 Helps you spot and fix gaps before attackers do

The best part? You can apply it in hours, not weeks. Check it out: https://cybersecurityframework.io

#Cybersecurity #InfoSec #ITLeadership #RiskManagement

I finally did it.

I unfollowed #cybersecurity. It had become terminally LinkedInified here. Absolutely nothing of substance was being shared.

Austria’s Ministry of Economy kicks out Microsoft, moving 1,200 staff to Nextcloud in 4 months 🕒

EU-based cloud ensures GDPR & NIS2 compliance 🇪🇺
Hybrid setup keeps Teams only for external use; all internal collaboration now on Nextcloud 🔒
Smooth rollout earns positive employee feedback 👍

🔗 https://news.itsfoss.com/austrian-ministry-kicks-out-microsoft/

#TechNews #OpenSource #Privacy #Cloud #DataSovereignty #Nextcloud #EU #FOSS #CyberSecurity #IT #Government #Software #Innovation #Digital #Security #Linux

Oops

BleepingComputer: Hyundai AutoEver America data breach exposes SSNs, drivers licenses

"...Its role is to supply IT solutions and services tailored to the automotive industry, particularly for Hyundai and Kia affiliates, including vehicle telematics, OTA (over-the-air) updates, maps, vehicle connectivity, embedded systems, and autonomous driving systems...."

https://www.bleepingcomputer.com/news/security/hyundai-autoever-america-data-breach-exposes-ssns-drivers-licenses/

#privacy #breach #cybersecurity #hyundai

👀

PCWorld: The Louvre’s video security password was reportedly ‘Louvre’

https://www.pcworld.com/article/2961831/the-louvres-video-security-password-was-reportedly-louvre.html

#cybersecurity #security

I've decided to stop pussy footing around and I am now openly looking for my next challenge.
Interested in a company on the small to mid-size range with a cool story. Ideal position would be a combination of customer outreach, marketing and thought leadership. What ya got? #CyberSecurity

When hackers hit a company with a ransomware attack, another company that specializes in negotiating with the perpetrators may step in. Two such specialists were recently charged by the U.S. Dept. of Justice for carrying out ransom attacks of their own. @Techcrunch has more:

https://flip.it/H-1Vkb

#Tech #CyberCrime #CyberSecurity #Technology #Hackers

one of the largest crypto #defi protocols #Balancer is currently being robbed, $88 million stolen and counting. it will probably turn out to be #NorthKorea (because it's almost always north korea) but TBD.

one of the fun things about crypto is that when someone robs a bank you can watch the getaway car drive away just by clicking on some links in a blockchain explorer.

[edit] details of the bug that was exploited if you’re into that kind of thing: https://x.com/moo9000/status/1985262739493687351

[edit] ended up being a ~$130 million heist.

#DPRK #hack #hacking #infosec #threatintel #cybersecurity #cryptocurrency #crypto #ethereum #LazarusGroup

Alt...

UPDATE: The attack is ongoing. The estimated loss is ~$88M on multiple chains Quote PeckShieldAlert @PeckShieldAlert · 38m #PeckShieldAlert @balancer has been drained ~$70.8M worth of cryptos, including 6,851.12 $osETH (~$27M), 6,587.44 $WETH (~$24.5M) & 4,259.84 $wstETH (19.3M)

⚠️ Vibe Coding Is the New Open Source—in the Worst Way Possible | WIRED

“If you ask the exact same LLM model to write for your specific source code, every single time it will have a slightly different output. One developer within the team will generate one output and the other developer is going to get a different output. So that introduces an additional complication beyond open source”

https://www.wired.com/story/vibe-coding-is-the-new-open-source/

#vibecoding #ai #cybersecurity #opensource

Why the heck is there a call to bash and install dependencies / npm install embedded in the FAA's TFR pages? (Updated: amused to learn, informally, there's already a ticket filed against this one at the FAA).

view-source:https://tfr.faa.gov/tfr3/?page=detail_5_9106

#cybersecurity

Alt...

content with descape to bash install dependencies npm install

Exciting news! 🎉 COSIC Professor Vincent Rijmen has been selected as one of the finalists for the Belgian Cyber Security Awards 2025, a great recognition of his lasting impact and expertise in the Belgian cybersecurity community.🔐
#CyberSecurity #COSIC #KULeuven

🔐 Every design decision hides a security lesson.
Learn to identify risks early and build resilient systems with “Threat Modeling Essentials (SKF401)”—where technical skill meets leadership growth.
👉 Enroll: https://training.linuxfoundation.org/training/threat-modeling-essentials-skf401/

#Cybersecurity #DevSecOps #Developers #SRE

I was shared a link to a video ... https://youtu.be/sMCtZjen2JU?si=BuIrkq3uH_r-LMAJ

What do y'all make of it? Is it real? Is it massively exaggerating a situation? Or is it entirely false?

#bt #cybersecurity #hacked #pwned #uk

OMG. No!! And not good for #Cybersecurity. Ads can carry dangerous payloads.

Lock screen ads are coming to some U.S. smartphones

https://lifehacker.com/tech/lock-screen-ads-coming-to-smartphones?test_uuid=02DN02BmbRCcASIX6xMQtY9&test_variant=A&ICID=ref_fark

#advertising

What a story...
https://www.theguardian.com/us-news/2025/oct/29/google-amazon-israel-contract-secret-code
#amazon #google #cloud #israel #cybersecurity #geopolitics @geopolitics

#ChatControl is OFF the table for now. 💪

But the Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December.

😡 He now even claims your activism was paid for by Big Tech! 😡

We must keep fighting for #encryption and our right to #privacy 🔒️

Source: https://netzpolitik.org/2025/absurd-und-respektlos-daenischer-justizminister-diskreditiert-chatkontrolle-proteste/

#No2Backdoors #CyberSecurityMonth #CyberSecurity #Security

Alt...

Danish Minister of Justice and chief architect of the current Chat Control proposal, Peter Hummelgaard, wants to bring it back in December

To all my ladies and they’dies, DO NOT give your private health info to an app!

In our Wild West Tech world, hope regulations is long gone. App can do pretty much whatever they want with your data once you “consent”

Just Say No, Bro to tech apps.

I use a paper calendar instead 😉

#techtips #activism #womenshealth #queerhealth #cybersecurity #bigtech

https://www.404media.co/women-dating-safety-app-tea-delisted-from-apple-app-store/

Hear from CNI at the #EDUCAUSE Annual Conference this week in Nashville, TN.

On Tuesday, CNI Executive Director Kate Zwaard will provide an overview of current CNI initiatives; and explore CNI’s possible future programmatic priorities, such as #cybersecurity and infrastructure.

On Wednesday, Karen Estlund, CNI steering committee member, will represent CNI on the panel: "State of the Ecosystem: National Perspectives on Research Computing and Data”

Conference info: https://events.educause.edu/annual-conference

23 common tech myths: Busted once and for all.

From @PCMag: "How many of these doozies are you still falling for? Let our experts set you straight."

https://flip.it/PjY5Js

#Tech #Technology #Privacy #Cybersecurity

Must. Resist. Hacking... to display Never Gonna Give You Up. #cybersecurity

Alt...

Electronic display with instructions on configuring it

# Supply chain resilience against ransomware

> This guidance is to help organisations build resilience into their supply chains, reducing the likelihood and impact of ransomware incidents.

> It’s issued by the Counter Ransomware Initiative, an international partnership for collective defence against ransomware.

New today.

https://www.gov.uk/government/publications/supply-chain-resilience-against-ransomware

#cybersecurity #ransomware

Another activist, #MarciMcCarthy, who spread debunked claims about voting machines in Georgia when she was the chairwoman of the DeKalb County #Republican Party, was named in May to be the director of public affairs at the #Cybersecurity & Infrastructure Security Agency, or #CISA, which is housed in #DHS.

#Trump #law #ElectionLaw #coup #TrumpCoup2 #BigLie #propaganda #authoritarianism #autocracy #dictatorship #fascism #tyranny #UnitedStates

Heather Honey, a leader in that movement until her appointment in August as deputy assistant secretary for *election integrity*, complained that her department’s #cybersecurity experts tasked with combating #disinformation about #elections had “strayed from their mission.”

#Trump #law #ElectionLaw #coup #TrumpCoup2 #BigLie #propaganda #authoritarianism #autocracy #dictatorship #fascism #tyranny #UnitedStates

ssh access to... a bed?!?!?!?

https://trufflesecurity.com/blog/removing-jeff-bezos-from-my-bed

#ssh #cybersecurity