🪤 AI Coding Assistants Secretly Copying All Code to China - Schneier on Security
informapirata ⁂ :privacypride:
and 1 other
boosted
Il guasto di Microsoft Teams che ha bloccato le immagini nelle chat enterprise
#CyberSecurity
https://insicurezzadigitale.com/il-guasto-di-microsoft-teams-che-ha-bloccato-le-immagini-nelle-chat-enterprise/
Il guasto di Microsoft Teams che ha bloccato le immagini nelle chat enterprise
#CyberSecurity
https://insicurezzadigitale.com/il-guasto-di-microsoft-teams-che-ha-bloccato-le-immagini-nelle-chat-enterprise/
Claudius Link
boosted
Today we are going to play Potato Pirates 2 - Enter the Spudnet at work.
It's a fun board game with a little bit of cyber security mixed in.
It's a test run. I want to play that at the girls day this year. The girls (and boys) day is a special day in Germany, there kids are encouraged to experience jobs, that are biased towards certain gender. For example information technology or child care.
This is the third year my employer participates and offers a broad experience of jobs in computer science. PO, Scrum master, cyber security, developer.
So far we got very positive feedback from the young people and I hope that we can reduce the gatekeeping in these jobs.
If you are a little bit older and want to play that game or learn more about cyber security without previous experience, maybe the @OSCo is something for you.
It's an un-conference in the open space format focused on cyber security. I'm one of the organizers and our goal is to reduce gatekeeping and to create a safe space for everyone, regardless of experience, age, gender, religion, skin colour or disability.
The open security conference 2026 is scheduled for 5-8 November 2026 in the SeminarZentrum Rückersbach (Germany):
https://opensecurityconference.org/
#infosec #computerscience #cybersecurity #osco #girlsday #girlsandboysday
Today we are going to play Potato Pirates 2 - Enter the Spudnet at work.
It's a fun board game with a little bit of cyber security mixed in.
It's a test run. I want to play that at the girls day this year. The girls (and boys) day is a special day in Germany, there kids are encouraged to experience jobs, that are biased towards certain gender. For example information technology or child care.
This is the third year my employer participates and offers a broad experience of jobs in computer science. PO, Scrum master, cyber security, developer.
So far we got very positive feedback from the young people and I hope that we can reduce the gatekeeping in these jobs.
If you are a little bit older and want to play that game or learn more about cyber security without previous experience, maybe the @OSCo is something for you.
It's an un-conference in the open space format focused on cyber security. I'm one of the organizers and our goal is to reduce gatekeeping and to create a safe space for everyone, regardless of experience, age, gender, religion, skin colour or disability.
The open security conference 2026 is scheduled for 5-8 November 2026 in the SeminarZentrum Rückersbach (Germany):
https://opensecurityconference.org/
#infosec #computerscience #cybersecurity #osco #girlsday #girlsandboysday
Michael Graaf
boosted
Why do LLMs fall for prompt injection attacks that wouldn’t fool a fast-food worker?
In this piece, Fastly Distinguished Engineer Barath Raghavan and security expert Bruce Schneier explain how AI flattens context—and why that makes autonomous AI agents especially risky.
A sharp, practical take on AI security. 🍔🤖: https://spectrum.ieee.org/prompt-injection-attack
Why do LLMs fall for prompt injection attacks that wouldn’t fool a fast-food worker?
In this piece, Fastly Distinguished Engineer Barath Raghavan and security expert Bruce Schneier explain how AI flattens context—and why that makes autonomous AI agents especially risky.
A sharp, practical take on AI security. 🍔🤖: https://spectrum.ieee.org/prompt-injection-attack
Seth of the Fediverse
boosted
Undressed in 30 Seconds: The $5 App Turning Your HeadShot Into Porn
🛑 STOP. Do you have a public selfie?
Your Profile is Public. Your Nudes Are Not. 😱 The AI Scam Coming for Everyone!
https://www.nbloglinks.com/undressed-in-30-seconds-the-5-app-turning-your-headshot-into-porn/
#CyberSecurity #AI #Deepfakes #OnlineSafety #TechRegulation #DigitalBlackMail
Undressed in 30 Seconds: The $5 App Turning Your HeadShot Into Porn
🛑 STOP. Do you have a public selfie?
Your Profile is Public. Your Nudes Are Not. 😱 The AI Scam Coming for Everyone!
https://www.nbloglinks.com/undressed-in-30-seconds-the-5-app-turning-your-headshot-into-porn/
#CyberSecurity #AI #Deepfakes #OnlineSafety #TechRegulation #DigitalBlackMail
🪤 1-Click RCE To Steal Your Moltbot Data and Keys
https://depthfirst.com/post/1-click-rce-to-steal-your-moltbot-data-and-keys
「 The app works by requiring users to confirm their activity at regular intervals via email. If those confirmations stop, the system automatically releases prewritten messages to designated recipients. The messages are encrypted in the user’s browser before being uploaded, meaning the server only stores ciphertext and cannot read the contents, or, in other words, follows a zero-knowledge design 」
https://linuxiac.com/lastsignal-is-a-new-open-source-dead-mans-switch-you-can-self-host/
Travis F W
boosted
"AI agents—specifically tools like Claude Code—are inherently vulnerable to a "nightmare" security flaw: Indirect Prompt Injection"
#AI #CyberSecurity #PromptInjection #AIAgents #LLM #Programming #InfoSec #TechSecurity #ClaudeCode
alcinnz
boosted
Scrolls 27 is now out! As usual it has a bunch of awesome #indieweb, #fediverse and #infosec / #cybersecurity goodies!
https://shellsharks.com/scrolls/scroll/2026-02-02
Everyone mentioned below is directly featured in this week’s article. Thank you all for such awesome stuff!
@cory @mathewi @manipulatedstars @mre @villapirorum @helveticablanc @someodd @stefan @autonomic @dtm @adam_caudill @soatok @autonomysolidarity @thelinuxcast @brennan @gleick @tg @sphakos @afb @ravachol @mboelen @simoncarstensen @alabut @dawid
Scrolls 27 is now out! As usual it has a bunch of awesome #indieweb, #fediverse and #infosec / #cybersecurity goodies!
https://shellsharks.com/scrolls/scroll/2026-02-02
Everyone mentioned below is directly featured in this week’s article. Thank you all for such awesome stuff!
@cory @mathewi @manipulatedstars @mre @villapirorum @helveticablanc @someodd @stefan @autonomic @dtm @adam_caudill @soatok @autonomysolidarity @thelinuxcast @brennan @gleick @tg @sphakos @afb @ravachol @mboelen @simoncarstensen @alabut @dawid
Taggart
and 1 other
boosted
And it's out!
Zack Whittaker and I have released our report on the pilot survey we conducted to increase awareness about threats security researchers and journalists who report on cybersecurity and cybercrime experience.
We are grateful to all those who responded to the survey and shared a bit of their experiences. Based on what we found in a pilot survey with a non-random sample, I really think we need to do a bigger study that can also do a deeper dive into some questions.
You can read the report in html or download the .pdf version:
pdf: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf
In conjunction with the release of the report, I've also added a new "Threats" category to DataBreaches.net.
You can also read some overview comments from Zack at
https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/
My post explaining how this all started is at https://databreaches.net/2026/02/02/threats-results-of-a-pilot-survey-on-threats-and-a-new-category-on-databreaches-net/
#cybersecurity #securityresearch #legalthreats #threats #criminals #databreach #vulernabilities #malware #lawsuit #survey
@zackwhittaker @campuscodi @amvinfe @jgreig @dangoodin @GossiTheDog @lawrenceabrams @euroinfosec
jbz
boosted
⚠️ Notepad++ Hijacked by State-Sponsored Hackers
「 The exact technical mechanism remains under investigation, though the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests 」
https://notepad-plus-plus.org/news/hijacked-incident-info-update/
And it's out!
Zack Whittaker and I have released our report on the pilot survey we conducted to increase awareness about threats security researchers and journalists who report on cybersecurity and cybercrime experience.
We are grateful to all those who responded to the survey and shared a bit of their experiences. Based on what we found in a pilot survey with a non-random sample, I really think we need to do a bigger study that can also do a deeper dive into some questions.
You can read the report in html or download the .pdf version:
pdf: https://databreaches.net/wp-content/uploads/security-researcher-journalist-threats-survey-2026.pdf
In conjunction with the release of the report, I've also added a new "Threats" category to DataBreaches.net.
You can also read some overview comments from Zack at
https://this.weekinsecurity.com/new-survey-reveals-how-security-researchers-and-journalists-experience-legal-and-criminal-threats/
My post explaining how this all started is at https://databreaches.net/2026/02/02/threats-results-of-a-pilot-survey-on-threats-and-a-new-category-on-databreaches-net/
#cybersecurity #securityresearch #legalthreats #threats #criminals #databreach #vulernabilities #malware #lawsuit #survey
@zackwhittaker @campuscodi @amvinfe @jgreig @dangoodin @GossiTheDog @lawrenceabrams @euroinfosec
⚠️ Notepad++ Hijacked by State-Sponsored Hackers
「 The exact technical mechanism remains under investigation, though the compromise occured at the hosting provider level rather than through vulnerabilities in Notepad++ code itself. Traffic from certain targeted users was selectively redirected to attacker-controlled served malicious update manifests 」
https://notepad-plus-plus.org/news/hijacked-incident-info-update/