Lorenzo ha ricondiviso questo.

Instagram has been running ads promoting child sexual abuse material in India, with terms like "rape video" and "child video" and linking to Telegram channels (Divya Arya/BBC)

bbc.com/news/articles/cvgm4e03…
techmeme.com/260703/p11#a26070…

in reply to Techmeme

It's time these clowns are held responsible for the damage they cause to society. I know "common carrier" protections blah blah. But this isn't user content. These are business "partners". No newspapers could get away with printing ads like this. If you can't make sure there isn't malware and stuff like this in your business model, it's not the right model. Fencing stolen items is illegal, eventhough the fence hasn't stolen anything. It just so happens the fence isn't a rich parasite. He's a poor parasite. Nobody in their right mind would say "it's just how business works". rant over
Questa voce è stata modificata (12 ore fa)
Lorenzo ha ricondiviso questo.

"this property was involved in the Novichok event that took place in 2018"

rightmove.co.uk/properties/900…

reshared this

Lorenzo ha ricondiviso questo.

NEW, by me:

Global Schools Holdings Cites Two Injunctions in a Bid to Chill Our Reporting. It Won't Work.

databreaches.net/2026/07/02/gl…

Another day, another #legalthreat.

If you're a solo blogger or small outlet, don't panic just because you receive an injunction. They may have no jurisdiction over you, no matter how intimidating they may sound.

#GlobalSchoolsGroup #GlobalSchoolsHoldings #databreach #injunctions #FulcrumSec #freepress #pressfreedom #jursidiction #chillingeffects

@zackwhittaker @campuscodi

reshared this

Lorenzo ha ricondiviso questo.

Today, youtuber dzuma made a video about my age verification bypass browser extension.

And since then, I've got a nonstop influx of people downloading the add-on, and it became the mosr starred one on my GitHub in just a matter of hours!

So, thanks a lot!! Glad I'm not the only one who's annoyed by this!

The video :
youtube.com/watch?v=VBL76_0jD8…

The extension :
github.com/helloyanis/age-veri…

#youtube #video #opensource #foss #firefox #dev #web

Lorenzo ha ricondiviso questo.

New citizenlab report: a member of a European Parliament committee tasked with investigating spyware abuses was himself hacked with Pegasus. 🔍🛡️ The findings raise serious questions about accountability and surveillance. #spyware #Pegasus #cybersecurity citizenlab.ca/research/member-…

reshared this

Lorenzo ha ricondiviso questo.

The media in this post is not displayed to visitors. To view it, please go to the original post.

-FatFs bugs enable physical access attacks on a load of devices
-Password spray attack targets M365 and bypasses MFA
-AI agent caught deploying ransomware in live hacks
-Webinar platform sues security firms over bad IOCs
-40% of crypto heists linked to private keys incidents
-Pi Mobile data breach
-EU top court confirms Google mega-fine
-Chrome 150 is out
-US lifts Anthropic export controls
-Spain quiet-bans Palantir

Newsletter: news.risky.biz/risky-bulletin-…
Podcast: risky.biz/RBNEWS585/

in reply to Catalin Cimpanu

The media in this post is not displayed to visitors. To view it, please go to the original post.

-US tries to pressure South Korea over Coupang breach
-Belgian police set up phishing squad
-EU schedules another Chat Control vote next week
-India tells WhatsApp to pause username rollout
-Opera rolls out paste ClickFix protection
-FBI shuts down NetNut proxy and Popa botnet
-LLM backends targeted by mass-recon campaign
-Password spray attack targets M365 to bypass MFA
-New ChocoPoC, TONResolver RAT, and BeepRAT
-The Gentlemen ransomware abuses a zero-day to disable EDRs
-New ARToken PhaaS

reshared this

in reply to Catalin Cimpanu

The media in this post is not displayed to visitors. To view it, please go to the original post.

-Roska Bridge info-op active on Mastodon and BlueSky
-Apple Hide My Email bug exposes email addresses
-New InkJect attack
-DuneSlide vulns
-New CitrixBleed-like bug exploited in the wild within 24h
-New SharePoint RCE enters exploitation phase
-New AirDrop and Quick Share vulnerabilities
-Spotify abused as C2
-EPM poisoning comes back
-Loads of security updates

MaryMarasKittenBakery reshared this.

Lorenzo ha ricondiviso questo.

FBI, Google, and Lumen take down NetNut proxy network, and indirectly the Popa botnet

krebsonsecurity.com/2026/07/fb…

cloud.google.com/blog/topics/t…

reshared this

Lorenzo ha ricondiviso questo.

A threat actor has deployed an AI agent to hack Langflow servers, steal credentials, expand access, and then deploy ransomware on production databases

The attacks are the first known cybercriminal campaign to be fully automated using an AI agent from start to finish

sysdig.com/blog/jadepuffer-age…

reshared this

Lorenzo ha ricondiviso questo.

A Russian influence operation uses the Brid[.]gy service to cross-post simultaneously on Bluesky and on Mastodon

The campaign has been active since September last year

checkfirst.network/roska-bridg…

reshared this

Lorenzo ha ricondiviso questo.

There's a way to bypass MFA on M365 for stolen creds with the help of the old OAuth RPOC protocol

huntress.com/blog/lshiy-passwo…

reshared this

Lorenzo ha ricondiviso questo.

Spanish government ‘quietly bans use of Palantir’ in critical state systems over fears of national security leaks

lbc.co.uk/article/spanish-bans…

reshared this

Lorenzo ha ricondiviso questo.

AirDrop and Quick Share have some common bugs

Attackers need to be within 10 to 30 meters of a target to exploit the bugs

No pairing, authentication, or user interaction is needed

helpnetsecurity.com/2026/06/30…

arxiv.org/abs/2606.26967

reshared this

Lorenzo ha ricondiviso questo.

Threat actors are mass-scanning the internet for misconfigured LLM backend servers.

Mass-reconnaissance campaigns have been spotted targeting Ollama, LiteLLM, Langserv, and OpenClaw infrastructure

labs.zenity.io/p/scanning-for-…

reshared this

Lorenzo ha ricondiviso questo.

Citrix has patched a series of bugs this week, including another CitrixBleed-like vulnerability that can allow remote attackers to leak a device's memory and find goodies inside, such as auth or config data.

This impacts NetScaler ADC devices.

labs.watchtowr.com/citrixbleed…

support.citrix.com/support-hom…

reshared this

Lorenzo ha ricondiviso questo.

The Gentlemen ransomware group has been spotted abusing a zero-day in the Kontron API driver (ktapi.sys) to disable EDR products on the networks they're attacking

expel.com/blog/not-very-gentle…

reshared this

Lorenzo ha ricondiviso questo.

Scattered Spider member Peter Stokes has been extradited to the US

justice.gov/opa/pr/alleged-mem…

reshared this

Lorenzo ha ricondiviso questo.

Chrome 150 is out with:

-new UI elements for the "AI era", such as icons, context menus, and settings
-PQC support (ML-DSA in TLS connections)
-new "Always use secure connections" mode
-support for the FIDO Alliance Credential Exchange standard in Chrome on Android
-433 security fixes

chromereleases.googleblog.com/…

reshared this

Lorenzo ha ricondiviso questo.

Vint Cerf, the co-developer of the TCP/IP standard, is stepping down from his role of chief internet evangelist at Google and retiring at the age of 83

techcrunch.com/2026/06/30/the-…

reshared this

KBackup backup incrementale e profili per Linux

@GNU/Linux Italia

linuxeasy.org/kbackup-backup-i…

KBackup è un'applicazione KDE per backup incrementali su Linux con profili salvabili, target locali e remoti, e modalità CLI automatica
L'articolo KBackup backup incrementale e profili per Linux proviene da Linux Easy.
E' vietato riprodurre questo articolo