Toll payment text scam returns in massive phishing wave - An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged rec... https://www.bleepingcomputer.com/news/security/toll-payment-text-scam-returns-in-massive-phishing-wave/ #security #mobile
Recent searches
Search options
#security
660 posts413 participants36 posts today
Now updated in anticipation of the upcoming OpenBSD 7.7 release: "You Have Installed OpenBSD. Now For The Daily Tasks." https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html #openbsd #bsd #unixlike #newrelease #devops #development #sysadmin #networking #security
nxdomain.noYou Have Installed OpenBSD. Now For The Daily Tasks.
IT #security often fails due to the #carelessness and #incompetence of #users.
Probably this time too:
https://www.n-tv.de/politik/So-kam-der-Journalist-in-die-geheime-Signal-Gruppe-article25684560.html
Unfortunately, prematurely unsettling #headlines appeared on #ntv, among others: @ntv ‘How secure is the messenger service Signal?’ (https://www.n-tv.de/technik/Wie-sicher-ist-der-Messengerdienst-Signal-article25659217.html).
Dear stubborn #BigTech users: ‘This incident would also have happened if you had communicated via Pony Express or fax.’
Too bad the #press isn't communicating this clearly!
Hacker News Max severity RCE flaw discovered in widely used Apache Parquet
https://www.bleepingcomputer.com/news/security/max-severity-rce-flaw-discovered-in-widely-used-apache-parquet/
#ycombinator #computers #windows #linux #mac #support #tech_support #spyware #malware #virus #security #Apache #Apache_Parquet #Big_Data #RCE #Remote_Code_Execution #Vulnerability #virus_removal #malware_removal #computer_help #technical_support
Hiding elements that require JavaScript without JavaScript
https://0xda.de/blog/2025/04/hiding-elements-that-require-javascript-without-javascript/
#ycombinator #hacking #programming #software #infosec #security #dade #0xdade #python #cybersecurity #information_security #hackers
dade · Hiding elements that require JavaScript without JavaScriptI’ve tried my best to make sure that this site works great (or at least reasonably well) even without JavaScript, but when JavaScript isn’t available, it can be a little clunky to hide things that do require it. With a mere 7 lines (or a one-liner if you’re nasty), you can easily hide elements that require JavaScript so that you don’t end up with broken functionality visible to users who have JavaScript off.
US officials: Trump has been flooded with requests for trade talks https://www.politico.com/news/2025/04/06/trump-tariffs-request-trade-talks-00275510?utm_source=RSS_Feed&utm_medium=RSS&utm_campaign=RSS_Syndication #StateoftheUnion #Dumping/Duties #Manufacturing #Negotiations #Agriculture #Employment #Buildings #Chemicals #Companies #Inflation #Medicines #Currency #Security #Vaccines #History #Imports #Markets #Tariffs #TradeUK #Policy #Trade #Trade
“[The] endpoint the requests were sent to failed to check that the phone number specified in the request actually belonged to the user … an attacker [could] send a request with an arbitrary phone number to obtain incoming call records for that number.” 
https://www.securityweek.com/call-records-of-millions-exposed-by-verizon-app-vulnerability/
#Verizon #security
I generally find #Naughton well worth a swerve, but I do hope this alerts a few - even just that - people. Straightforward and a warning about releasing your data/information to people who undoubtedley will exploit it. If not now, in the future.
I would never provide genetic information to any commercial - or indeed public organisation without far more safeguards than appear now.
https://www.theguardian.com/science/2025/apr/05/genetic-data-breach-23andme-bankruptcy
The Guardian · Genetic data is another asset to be exploited – beware who has yours
Carding tool abusing WooCommerce API downloaded 34K times on PyPI - A newly discovered malicious PyPi package named 'disgrasya' that abuses legitimate WooCom... https://www.bleepingcomputer.com/news/security/carding-tool-abusing-woocommerce-api-downloaded-34k-times-on-pypi/ #security
Angry Nerds 242 - Lisette en Marcel lezen Reddit
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40 – Source: securityaffairs.com https://ciso2ciso.com/security-affairs-malware-newsletter-round-40-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Cybercrime #DataBreach #Security #hacking #Malware
CISO2CISO.COM & CYBER SECURITY GROUP · SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 40 – Source: securityaffairs.comSource: securityaffairs.com - Author: Pierluigi Paganini SECURITY AFFAIRS MALWARE NEWSLETTE
Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.com https://ciso2ciso.com/security-affairs-newsletter-round-518-by-pierluigi-paganini-international-edition-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Cybercrime #DataBreach #Newsletter #Security
CISO2CISO.COM & CYBER SECURITY GROUP · Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION – Source: securityaffairs.comSource: securityaffairs.com - Author: Pierluigi Paganini SECURITY AFFAIRS MALWARE NEWSLETTE
A flaw in Verizon’s iOS Call Filter app exposed call records of millions – Source: securityaffairs.com https://ciso2ciso.com/a-flaw-in-verizons-ios-call-filter-app-exposed-call-records-of-millions-source-securityaffairs-com/ #rssfeedpostgeneratorecho #informationsecuritynews #ITInformationSecurity #SecurityAffairscom #CyberSecurityNews #PierluigiPaganini #SecurityAffairs #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Security #hacking #Verizon
CISO2CISO.COM & CYBER SECURITY GROUP · A flaw in Verizon’s iOS Call Filter app exposed call records of millions – Source: securityaffairs.comSource: securityaffairs.com - Author: Pierluigi Paganini A now-patched flaw in Verizon ’s iOS Call Filter app exposed call records of
SAHEL | 
RUSSIA
Moscow Deepens Security Ties with Sahel Bloc
Russia to train troops, supply arms to Mali, Niger, Burkina Faso.
Junta-led states have expelled France, turned to Russian contractors.
Sahel Alliance seeks independence from ECOWAS & Western influence.
Looking for recommendations for open source cross platform MFA Authenticator that can be used on mobile or desktop.
We found Ente Auth which looks beautiful, but we’ve had some technical issues with it.
The internet seems to like Aegis but it’s Android only and we want one that runs on either main mobile platform.
Have you been looking for the same? Have a good recommendation?
Souviens 
You Have Installed OpenBSD. Now For The Daily Tasks. https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html refreshed in anticipation of the #openbsd 7.7 release #newrelease #development #freesoftware #libresoftware #security #securecode
nxdomain.noYou Have Installed OpenBSD. Now For The Daily Tasks.
The order of files in /etc/ssh/sshd_config.d/ matters (and may surprise you) https://lobste.rs/s/litpqn #devops #security
https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHConfigOrderMatters
lobste.rsThe order of files in /etc/ssh/sshd_config.d/ matters (and may surprise you) | Lobsters
Malware Found on npm Infecting Local Package With Reverse Shell, by @reversinglabs.com:
https://www.reversinglabs.com/blog/malicious-npm-patch-delivers-reverse-shell
ReversingLabsMalware found on npm infecting local package with reverse shellFor the first time, RL researchers discover malicious locally-installed npm packages infecting other legitimate packages.