iOS security updates: support.apple.com/en-us/100100
Android security updates: source.android.com/docs/securi…
Start patching!
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.Apple Support
reshared this
Chipmaker AMD has confirmed a major security bug in the RDSEED entropy generator impacting Zen 5 processors.
The RDSEED process has been failing to produce random numbers on Linux systems.
AMD is planning to release patches through November for all affected CPU models.
reshared this
How the fuck is this not caught in QA for something like this?
AMD was notified of a bug in “Zen 5” processors that may cause the RDSEED instruction to return 0 at a rate inconsistent with randomness while incorrectly signaling success (CF=1), indicating a potential misclassification of failure as success.
Cybersecurity engineer Aditya Tiwari has released SlopGuard, a tool to detect AI-hallucinated package dependencies and supply chain attacks
reshared this
KELA has published a profile on a hacker who goes online under multiple names, but is referenced in this report as 303, their username on the old BreachForums.
KELA believes the suspect, a prolific leaker, is a Spanish-speaking user based in Uruguay.
kelacyber.com/blog/threat-acto…
Threat Actor 303 Exposed: Many Faces, One Hacker
KELA reveals how a cybercriminal known as “303” used multiple aliases, forums, and Telegram channels to claim global breaches and build underground influence.KELA Cyber Intelligence Center (kelacyber)
reshared this
en.wikipedia.org/wiki/Kela_(in…
Open Measures looks at a VK spam campaign promoting EditaPapers, an essay-writing service that likely uses generative AI.
The campaign has posted a whopping 200,000 times since June by abusing the VK API.
blog.openmeasures.io/p/network…
Network of VK Pages Blitzes Platform with Posts Promoting AI Essay-Writing Services
The pages appear linked to a Cyprus company and posted more than 200,000 times last yearOpen Measures (Open Measures Newsletter)
reshared this
Talks from the USENIX Security 2025 security conference, which took place in August, are now available on YouTube
youtube.com/playlist?list=PLbR…
USENIX Security '25 (Paper Presentations)
Partagez vos vidéos avec vos amis, vos proches et le monde entierYouTube
reshared this
-Norway finds remote control features in its Chinese electric buses
-CyberCorps program freeze threatens students with huge loans
-Chrome gets a scareware blockers
-Conti member extradited to US
-BlueSky to test dislike button
-arXiv will block AI slop in its computer science cateogry
-Iranian hackers leak Israeli defense contractor data
-Garden hacked for $10.8m
-CFPB ends Meta investigation
Newsletter: news.risky.biz/risky-bulletin-…
Podcast: risky.biz/RBNEWS499/
Risky Bulletin: Norway skittish of its Chinese electric buses
In other news: CyberCorps program freeze threatens students with huge loans; Chrome and Edge get scareware blockers; Conti member extradited to US.Catalin Cimpanu (Risky.Biz)
reshared this
-Russia blocks new Telegram and WhatsApp registrations
-Russia may force companies to replace foreign software
-Thai police arrest fleeing scammers
-Cambodia raids scam compound
-Singapore seizes $115m of scam tycoon's funds
-764 group leader charged in US
-AFP stands up two cybercrime task forces
-Woman stuck in Mauritius for 5 years after cyber charge
-Couple loses fortune to scammers
-BadCandy flourishes in Australia
reshared this
-Open VSX rotate leaked creds
-ZeroAccess botnet dev is now a software dev
-New Katreus miner
-Malware reports on Aura Stealer, SectopRAT, SleepyDuck RAT, OysterLoader
-Operation SkyCloak targets Russian, Belarusian militaries
-DarkHotel was pretty active this summer
-Kimsuky's new HttpTroy backdoor
-Linux bug exploited by ransomware groups
-GameMaker IDE vulnerability
-New agent session smuggling attack
-Infosec drama, episode 28,311
A Canadian couple has lost CAD$1 million (USD$710,000) to online scammers.
The couple, in their 70s, fell victim to a tech support scam that showed error messages on their laptop and then got daily calls from the scammers until they ran out of money
ctvnews.ca/toronto/consumer-al…
‘We’re devastated’: Ontario seniors give away more than $1 million to scammers
Fraud and cybercrime cost Canadians more than $630 million last year, with many of the victims being seniors.Pat Foran (CTVNews)
reshared this
That's heartbreaking. And it can happen to anyone. Cashing out their retirement accounts and owing taxes on that really adds to the brutality of it all.
I hope they're able to trace and recover some of it, and that the perpetrators are caught.
Thai authorities have arrested 24 individuals working on online scams at a villa near Bangkok.
Officials say the scammers fled from Myanmar after the neighboring country began cracking down on scam compound operations last month.
reshared this
A Canadian woman has been stuck in Mauritius for the past five years after her former husband accused her of hacking his email and had her passport seized by the Canadian consul, which now refuses it to return it because of more mysterious hacking charges
theglobeandmail.com/world/arti…
Canadian woman stuck since 2021 in Indian Ocean country after passport withheld
Mauritian authorities have not released her passport even though a cybercrime charge against her was withdrawn in MarchGeoffrey York (The Globe and Mail)
reshared this
The author of the now-defunct ZeroAccess botnet appears to have reformed and is a legitimate software developer now
r136a1.dev/2025/10/28/zeroacce…
The ZeroAccess Developer and His Windows Kernel-Mode Debugger
You might remember ZeroAccess, one of the largest and most advanced P2P botnets that ever existed. It first appeared around 2009 in form of a kernel-mode rootkit focused on click fraud and was later used for bitcoin mining.R136a1
reshared this
Chrome and Edge v142 are out, both with new LLM-based systems for spotting scams and scareware
developer.chrome.com/release-n…
blogs.windows.com/msedgedev/20…
Chrome 142 | Release notes | Chrome for Developers
The :target-before and :target-after pseudo-classes, range syntax for container queries, and more.Chrome for Developers
reshared this
Russian telecom operators are blocking calls and SMS messages used by Telegram and WhatsApp two-factor authentication service.
The blocking is also affecting new user account registrations
kod.ru/telegram-i-whatsapp-bez…
Эксклюзив: в России ограничили регистрацию пользователей в Telegram и WhatsApp*
От российских операторов потребовали прекратить передачу SMS и звонков со стороны Telegram и WhatsApp*Влад Войтенко (Код Дурова)
reshared this
They are blocking Delta Chat registrations as well.
chaos.social/@delta/1154338544…
We are aware of roskomnadzor just having ramped up their blocking efforts in #russia against #deltachat 's default onboarding chatmail relay. Signal, Whatsapp are degraded/blocked for a longer time already.1) Delta Chat has first class shadow-socks proxy support (try ss:// links you can find ... Delta has management-proxy UX)
2) many other chatmail relays work fine and inter-chatmail/email server traffic continues unimpeded
3) if you can help with analyzing please drop into our DMs.
Interesting. Telegram founder Pavel Durov has been avoiding Russia for years now, but the last thing I heard about him was that it was suggested he switched sides and that he was now in league with Putin. But with Telegram authentication being blocked, we have to assume that this is not (or no longer) the case.
The Eclipse Foundation says it contained the GlassWorm that was spreading on OpenVSX.
It also rotated creds for a bunch of developers that leaked their OpenVSX publishing tokens.
blogs.eclipse.org/post/mika%C3…
Open VSX security update, October 2025
Over the past few weeks, the Open VSX team and the Eclipse Foundation have been responding to reports of leaked tokens and related malicious activity involving certain extensions hosted on the Open VSX Registry.Eclipse Foundation Staff Blogs
reshared this
The Garden DeFi platform, which launders funds hacked from other crypto platforms, has been hacked
Investigations by ZachXBT
Garden Finance was likely exploited for $10.8M+ on multiple chains. An address related to the team sent a message onchain to the alleged exploiter offering a 10% whitehat bounty but has yet to comment publicly on the incident.Telegram
reshared this
-Russia arrests Meduza Stealer group
-L3Harris manager pleads guilty
-US hacked Venezuela in 2020
-Windows 11 Administrator Protection goes live
-Loads of ICS hacks in Canada
-New NSA & CyberCom chief favorites emerge
-APT behind Ribbon Communications breach
-US TP-Link ban getting closer
-FCC blocks additional Chinese gear
-FCC to vote down new telco cybersecurity rules
-Israel had a "winking system" with AWS and GCP
Podcast: risky.biz/RBNEWS498/
Newsletter: news.risky.biz/risky-bulletin-…
Risky Bulletin: Russia arrests Meduza Stealer group
In other news: L3Harris manager pleads guilty; US hacked Venezuela in 2020; Windows 11 Administrator Protection goes live.Catalin Cimpanu (Risky.Biz)
reshared this
-GitHub total users: 180mil
-Memento CEO confirms Kaspersky report
-Poland detains investment scam gang
-AFP cracks the Ghost admin's wallet
-npm malware distributed via invisible dependencies
-New VSCode malicious extensions
-New Hezi Rash hacktivist group
-Tangerine Turkey does cryptomining
-VPNs are a major ransomware entry point
-Airstalk linked to APT
-Malware reports on PureVNC, Minecraft RAT, Lampion, PolarEdge, Kinsing, DeliveryRAT, Warlock, Global, BankBot-YNRK
Catalin Cimpanu reshared this.
-New Sandworm ops
-Cloud Atlas targets Russia, again
-LUKS2 vulnerabilities expose encrypted data
-New Brash attack
-Vulnerability in WP security plugin
-Jenkins and OpenVPN security updates
-Tata Motors exposed servers
-OpenSSL Conference presentations
-Francisco Partners buys Jamf
Sophos has linked the recent Lanscope zero-day to Bronze Butler (Tick)
news.sophos.com/en-us/2025/10/…
BRONZE BUTLER exploits Japanese asset management software vulnerability
The threat group targeted a LANSCOPE zero-day vulnerability (CVE-2025-61932)Sophos News
reshared this
reshared this
Meta will allow users to encrypt WhatsApp backups using a passkey.
The 200 people who use that site are gonna be ecstatic!
about.fb.com/news/2025/10/intr…
Introducing Disappearing Posts on Threads
We're launching ghost posts, Threads posts that are automatically archived after 24 hours so you can share your unfiltered thoughts.Meta Newsroom (Meta)
reshared this
Meta will allow users to encrypt WhatsApp backups using a passkey
blog.whatsapp.com/encrypting-y…
Encrypting your WhatsApp Chat Backup Just Got Easier
Many of us carry years of precious memories in our WhatsApp chats – photos, heartfelt voice notes, and important conversations. That’s why protecting them if you ever lose your phone or need to transfer to a new device is so important.WhatsApp.com
reshared this
Poland arrests group behind investment scams
cbzc.policja.gov.pl/bzc/aktual…
Fałszywe inwestycje - funkcjonariusze CBZC rozpracowali międzynarodową grupę przestępczą
W wyniku skoordynowanych działań prokuratury oraz Zarządu w Krakowie Centralnego Biura Zwalczania Cyberprzestępczości przy współudziale Zarządów z Radomia oraz Gorzowa Wielkopolskiego, rozbito grupę przestępczą odpowiedzialną za prowadzenie nielegaln…Centralne Biuro Zwalczania Cyberprzestępczości
reshared this
Russia detains three suspects who are allegedly behind the Meduza infostealer.
The malware was used last year in attacks against Russian companies.
Their Telegram channel went inactive earlier this year, prompting fears of an exit scam
mvdmedia.ru/news/ofitsialnyy-p…
Ирина Волк: Сотрудники МВД России задержали группу хакеров, разработавших и распространявших вирусное ПО «Медуза»
Информационный интернет-портал «МВД МЕДИА». Всё о российской полиции.mvdmedia.ru
reshared this
Palo Alto Networks has discovered a new malware strain named Airstalk that the company believes was created by a state-sponsored APT group and deployed via a still-uncovered supply chain attack
unit42.paloaltonetworks.com/ne…
Suspected Nation-State Threat Actor Uses New Airstalk Malware in a Supply Chain Attack
A nation-state attacker is using novel Airstalk malware in supply chain attacks to exfiltrate browser data. Airstalk misuses the AirWatch API.Kristopher Russo (Unit 42)
reshared this
Zimperium has discovered more than 760 Android apps that steal and relay NFC data to a remote attacker
reshared this
New (annoying) Chromium DoS bug just dropped — Brash
Brash: Chromium Browser DoS Attack via document.title Exploitation
Brash is a PoC exposing a critical Chromium vulnerability that enables a browser DoS attack by exploiting the total absence of rate limiting on document.title updates.Brash
reshared this
The Israeli govt used a secret system with AWS and Google to get notifications when foreign courts requested Israeli data
The system used return-payments, where the sum started with the telephone dialing code of the country that requested data
theguardian.com/us-news/2025/o…
Revealed: Israel demanded Google and Amazon use secret ‘wink’ to sidestep legal orders
The tech giants agreed to extraordinary terms to clinch a lucrative contract with the Israeli government, documents showHarry Davies (The Guardian)
reshared this
This paragraph hit me harder than the main point of the story:
"They feared Google or Amazon might bow to employee or shareholder pressure and withdraw Israel’s access to its products and services if linked to human rights abuses in the occupied Palestinian territories."
It's essentially an admission that they knew they were and/or would be violating human rights.
"DataBreaches was contacted by a spokesperson for Devman. They were unhappy with the characterization of their group as “low-tier” "
databreaches.net/2025/10/28/so…
Some lower-tier ransomware gangs have formed a new RaaS alliance — or have they? (1) – DataBreaches.Net
Calling all of the groups 'lower-tier' may have been inaccurate. Please be sure to read the update at the bottom of this post. We've seen a few announcements thDataBreaches.Net
reshared this
I love @PogoWasRight's drily hilarious "correction."
And "we're not bottom-feeders, we're MID!" is absolutely sending me.
AFP cracked a crypto-wallet owned by a criminal suspect and recovered $6mil
afp.gov.au/news-centre/speech/…
National Press Club address by AFP Commissioner Krissy Barrett
Thank you for coming today, and I particularly want to thank those of you who I have personally invited.Australian Federal Police
reshared this
Hackers working for an unnamed nation-state breached networks at Ribbon Communications, a key U.S. telecommunications services company
reshared this
@neurovagrant no clue... probably Nauru
instagram.com/reel/DQWxbp3EWEG…
Polandball Official on Instagram: "The Hustla 🚨shop.polandball.com🚨 Merch for your mom!! #polandball #countryballs #history #meme #funny"
Polandball merch for your mom is here! Explore a wide range of funny designs, from meme-worthy quotes to hilarious illustrations. Share the laughter with friends and family. What's your mom's style? Visit shop.polandball.Instagram
I suspect that the world is about to get yet another lesson in how making backdoor *keys* for "the good guys"... can be used just as easily by.... <checks notes>
ANYONE ELSE who 'finds' your 'keys'
-HackingTeam successor linked to Chrome zero-days
-Charming Kitten server budget is just $10k/y
-Twitter will prompt users to re-enroll security keys
-Chrome goes HTTPS-first next year
-People died after UK MoD Afghan leak
-15 to plead guilty in Italy's hacking scandal
-F5 breach to slow company growth
-GCash data breach
-Leak at the House Democrats
-Azure gets its own CAPTCHA
-Swift for Android has arrived
Podcast: risky.biz/RBNEWS497/
Newsletter: news.risky.biz/risky-bulletin-…
HackingTeam successor linked to recent Chrome zero-days
In other news: Charming Kitten server budget is just $10k/y; Twitter will prompt users to re-enroll security keys; Chrome goes HTTPS-first next year.Catalin Cimpanu (Risky.Biz)
reshared this
-Europol calls for caller ID spoofing countermeasures
-Trump nominates cyber guy for Coast Guard chief spot
-More SMS blaster arrests in the Philippines
-npm malware with CLI CAPTCHAs
-Siberislam (Mutarrif) linked to Al-Qaeda group
-Water Saci possible links to Coyote
-Midnight ransomware decrypter released
-Russian disinfo found in AI chatbots again
-Malware reports on Atroposia, Herodotus, GhostGrab, Qilin, Trigona
-XWiki and DELMIA exploitation
reshared this
-New TEE[.]Fail attack
-Crapload of OpenAI Atlas browser vulns
-ATT&CK v18 is out
-No Hat and BSides Dublin videos
Socket Security has spotted 10 malicious npm packages.
The thing that stands out about them is the use of a CAPTCHA challenge in the npm CLI as they're being installed, most likely as a fake-out to convince victims they're installing a legitimate and actively maintained package.
socket.dev/blog/10-npm-typosqu…
reshared this
Azure FrontDoor now has a CAPTCHA
techcommunity.microsoft.com/bl…
General Availability of CAPTCHA in Azure Front Door WAF
We are excited to announce the General Availability (GA) of the Azure Web Application Firewall (WAF) CAPTCHA challenge for Azure Front Door, empowering customers to better defend their web applications against automated bot attacks while ensuring leg…andrewmathu (TECHCOMMUNITY.MICROSOFT.COM)
reshared this
Avast has released a free decrypter to allow victims of the Midnight ransomware to recover their files without paying the ransom
gendigital.com/blog/insights/r…
Decrypted: Midnight Ransomware
Midnight ransomware echoes Babuk’s tactics but stumbles in its code. Gen researchers explain how those mistakes make decryption and recovery possiblewww.gendigital.com
reshared this
Fifteen individuals are expected to plead guilty this month in Italy to a complex hacking and extortion scheme.
The individuals worked for Equalize, an Italian company that hacked government databases to create dossiers on the country's elite
politico.eu/article/italy-mila…
How a hacking gang held Italy’s political elites to ransom
Wiretaps and arrest warrants reveal the intricate plot to build a database of high-level secrets — and blackmail Italy’s rich and powerful.Antoaneta Roussi (POLITICO)
reshared this
lol
linkedin.com/feed/update/urn:l…
It appears that ChatGPT Atlas is storing functional, unencrypted oAuth tokens in a SQLite database with 644 file permissions.
It appears that ChatGPT Atlas is storing functional, unencrypted oAuth tokens in a SQLite database with 644 file permissions. I am hardly a security expert and even I figured this out in 90 minutes. Here's what I did and what the screenshot shows .Pete Johnson (www.linkedin.com)
reshared this
Add the ISD to the growing list of orgs (four now) warning us about AI chatbots repeating Russian disinfo... or Russia intentionally poisoning these things... The other three are the American Sunlight Project, NewsGuard, and Open Measures.
reshared this
"Out of the multiple vulnerabilities we reported, WSO2 addressed and assigned a CVE identifier to only one: the Siddhi RCE via SOAP administration services (CVE-2025-5717 ). The remaining vulnerabilities were not remediated, and no CVEs were assigned by WSO2"
Le sigh...
Attacking WSO2 Products
blog.lexfo.frUncovering bypasses, RCE, SSRF, CSRF, and account-takeover vulnerabilities in WSO2 products.
reshared this
informapirata ⁂ likes this.
informapirata ⁂ reshared this.
[ITA] Denis Roio - Codice 22/08/2025
Imprenditore e hacktivist, Denis Roio, sull'origine delle culture digitali
raiplay.it/programmi/codice-la…
Originally published on
Codice - La vita è digitale - RaiPlay
Quali sono le rotte del mondo connesso e qual è il progetto umano nell'Era digitale?RaiPlay
Lorenzo likes this.
reshared this
Öcalan: il Rojava è la mia linea rossa
Pervin Buldan, esponente della delegazione di Imralı, ha affermato che Öcalan ha ripetutamente sottolineato che “il Rojava è la mia linea rossa”, aggiungendo: “Escludere i curdi ed eliminare i loro successi non porterà alcun beneficio alla Turchia”. Pervin Buldan della delegazione di Imralı del partito DEM, ha parlato a JINTV del processo di pace e della società democratica e dell’ultimo incontro con Öcalan.
Öcalan: il Rojava è la nostra linea rossa
Pervin Buldan ha affermato che Abdullah Öcalan ha espresso valutazioni sulla Siria settentrionale e orientale e sugli sviluppi in Siria. Ha spiegato che Öcalan ha discusso di questi temi con la delegazione statale, aggiungendo: “Con noi, con la delegazione del DEM, ha parlato solo di politica turca, ma so che lo ha ripetuto più volte: ‘Siria e Rojava sono la mia linea rossa. Per me, quel posto è diverso'”.
Ha sollevato questo punto sulla Siria più volte. Oltre a ciò, tuttavia, vorrei sottolineare che non ha espresso con noi valutazioni sulla Siria e sul Rojava. Ne ha discusso principalmente con la delegazione statale, ha dibattuto la questione lì e ha persino affermato che, se si fossero presentate l’opportunità e le circostanze avrebbe ritenuto importante stabilire una comunicazione anche con loro.
Sì, ha sottolineato più volte l’importanza della comunicazione con il Rojava. Ha espresso il desiderio di parlare con loro, dibattere con loro e valutare insieme quale percorso intraprendere e quale decisione prendere. “Questo non è ancora avvenuto, ma se in futuro si faranno progressi e si creerà un’opportunità del genere, magari attraverso incontri e contatti con i funzionari del Rojava, crediamo che la questione sarà risolta più facilmente”.
Pervin Buldan ha anche richiamato l’attenzione sulle dichiarazioni del governo sulla Siria settentrionale e orientale, commentando: “La Turchia, in questo senso, sulla questione del Rojava e della Siria, deve schierarsi dalla parte del popolo curdo”.
Escludere i curdi, lanciare un’operazione contro di loro o vanificare i successi del popolo curdo non porta alcun vantaggio alla Turchia, e nemmeno i curdi in Turchia lo accetteranno. Questo deve essere compreso chiaramente e credo che sia necessario pensare in modo più razionale e prendere decisioni corrette per risolvere la questione attraverso il giusto percorso e metodo.
Pertanto, anche la Turchia monitora attentamente gli sviluppi in Siria, gli accordi, i negoziati con il governo di Damasco, ecc. Ma i curdi sono estremamente sensibili a questo tema. Il Rojava è la zona più sensibile del popolo curdo. Quindi, non importa quanti passi facciamo verso la democratizzazione in Turchia, anche la più piccola perdita in Rojava, o un’operazione militare in quella zona, causerebbe una grande devastazione tra il popolo curdo. Un simile approccio non sarebbe accettato. Nessuno lo accetterebbe. Soprattutto, il signor Öcalan non lo accetterebbe. Quindi non importa quanti passi facciamo verso la democratizzazione in Turchia, anche la più piccola perdita in Rojava, o un’operazione militare in quella zona, causerebbe una grande devastazione tra il popolo curdo. Un simile approccio non sarebbe accettato. Nessuno lo accetterebbe. Soprattutto, il signor Öcalan non lo accetterebbe.
Credo che se la Turchia affronta questa questione con un’intesa che la vede al fianco del popolo curdo, ne rispetta i successi e ne riconosce il diritto a vivere in ogni regione con le proprie conquiste, la propria lingua, identità e cultura, e cerca di risolvere la questione su basi democratiche, legali e costituzionali, allora sarà la Turchia stessa a guadagnarci. In questo modo, non partendo da una situazione di perdita o di perdita, ma partendo da una situazione di vittoria e di aiuto agli altri, una comprensione e un consenso comuni possono effettivamente risolvere questa questione.
Tre concetti chiave
Pervin Buldan ha affermato che Öcalan ha sottolineato tre concetti chiave: “Possiamo pensare alle questioni della società democratica, della pace e dell’integrazione come a un unico pacchetto. Considerarle separatamente o scollegate l’una dall’altra sarebbe un errore, sarebbe sbagliato. Öcalan ha sottolineato l’importanza di adottare misure rapide e sincronizzate che possano intrecciare tutti questi aspetti e di garantire che l’integrazione diventi finalmente realtà”.
Mettiamola così: è stata istituita una commissione. Questa commissione ha iniziato i suoi lavori e il suo vero scopo è quello di approvare le leggi il più rapidamente possibile. Perché senza leggi sull’integrazione, nulla può essere attuato. Certo, possiamo parlare di pace, possiamo parlare di democratizzazione, possiamo certamente discutere delle ingiustizie e dell’illegalità in Turchia e di come si possano approvare nuove leggi per affrontarle. Ma l’integrazione è qualcosa di molto diverso.
Oggi ci sono migliaia di persone sulle montagne con le armi in mano. Sì, simbolicamente si è svolta una cerimonia di scioglimento. Il PKK ha dichiarato il suo scioglimento. Ma ci sono ancora persone armate. Ora, queste persone armate devono deporre le armi e tornare in Turchia, e le barriere che impediscono loro di partecipare alla politica democratica devono essere rimosse. Questo può diventare realtà solo attraverso le leggi che emergeranno dalla commissione.
like this
reshared this
brown ☕🍵
in reply to Catalin Cimpanu • • •wilhelm
in reply to Catalin Cimpanu • • •