Tootfinder

"In a matter of minutes, an attacker was able to mint tens of millions of Resolv’s unbacked stablecoins (USR) and extract roughly $25 million in value, triggering a sharp de-peg and forcing the protocol to halt operations."
https://www.chainalysis.com/blog/lessons-fro…

The Resolv Hack: How One Compromised Key Printed $23 Million
Web3 security lessons from the Resolv hack: how a compromised key enabled a $23M exploit, what went wrong, and how DeFi protocols can prevent similar attacks.

A new version of iPhone exploit kit DarkSword has been leaked on GitHub; iVerify co-founder Matthias Frielingsdorf says the exploits "will work out of the box" (TechCrunch)
https://techcrunch.com/2026/03/23/someone-has…

Someone has publicly leaked an exploit kit that can hack millions of iPhones | TechCrunch
Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers.

Really, the arrogant chucklefuck who was ready to deploy shitty LLM spew as “production-grade code” has been hacked by cavalier use of an LLM? Who would have thought?
“Vercel says some of its customers’ data was stolen prior to its recent hack”
https://tec…

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch
The app and website hosting company has found evidence of a second compromise of customer accounts after expanding its initial investigation following a breach in early April.

https://techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/

Someone has publicly leaked an exploit kit that can hack millions of iPhones | TechCrunch
Leaked "DarkSword" exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers.

Vercel says some customer accounts were compromised prior to its early-April breach, potentially through social engineering, malware, or other methods (Zack Whittaker/TechCrunch)
https://techcrunch.com/2026/04/23/vercel-says-some-…

Vercel says some of its customers' data was stolen prior to its recent hack | TechCrunch
The app and website hosting company has found evidence of a second compromise of customer accounts after expanding its initial investigation following a breach in early April.

Another attempt to gain publicity for an expensive toy?
"Anthropic investigates report of rogue access to hack-enabling Mythos AI"
https://www.theguardian.com/technology/2026/apr/22/anthropic-investig…

Life hack: an aluminum meat thawing tray will cool cookies much faster than a cookie cooling rack (you can just put the baking tray directly on the meat thawing tray)

Hack discovered at Dutch Ministry of Finance; Unclear if data was accessed
https://nltimes.nl/2026/03/24/hack-discovered-ministry-finance-unclear-data-accessed

More than half of the world’s governments have access to commercial spyware that can break into computers and phones to steal sensitive information, according to U.K. intelligence.
The U.K. National Cyber Security Centre plans to reveal its findings Wednesday, according to Politico.
The report suggests that the barrier to access this type of surveillance technology has fallen,
potentially making it easier for foreign governments and hackers to target U.K. citizens, compani…

UK government says 100 countries have spyware that can hack people's phones | TechCrunch
The U.K.'s cybersecurity chief warned that U.K. businesses and critical infrastructure are underestimating the threat from spyware attacks and other cyberthreats, with more governments having access to the powerful surveillance technology than ever.

@… Hi! Apologies I’ve been busy lately. The idea sounds cool! A few years ago I did a test of turning my “picotouch” into a linear slider MIDI controller. It was neat but a hack. To emulate the Continuum I think a touchscreen chip would be needed. Those have great resolution (and 2D!) but are a good deal more complex. I don’t have time to work on this, but please take …

from my link log —
Control shopping trolley wheel locks with your Phone!
https://www.begaydocrime.com/
saved 2026-02-21 https://dotat.at/:/AXRGY.html

Today I join an illustrious group of #Perl hackers at the Perl Toolchain Summit in Vienna. I'm mainly here as a local organizer, but I also plan to discuss and hack on a few things, eg containerizing `pause`.

The UK's GCHQ believes ~100 countries have procured cyber intrusion software, such as Pegasus, suggesting the barrier to get access to the tech is dropping (Mason Boycott-Owen/Politico)
https://www.politico.eu/article/u-k-intelligence-100-…

UK intelligence: 100 nations have spyware that can hack Britain
Security officials will warn there is an increasing cyber threat from nation states at a conference in Glasgow on Wednesday.

Happy Saturday! Metacurity offers our free and premium subscribers a weekly digest of the best long-form (and longish) infosec-related pieces we couldn't properly fit into our daily news crush.
This week's selection covers
--The untouchable hacker god who destroyed psychotherapy patients,
--AI prompt injection is an unsolvable problem,
--Deepfakes are messing up Canada's justice system,
--What the hack of Russia's Unified Military Registry revea…

Best infosec-related long reads for the week of 1/17/26
The untouchable hacker god who destroyed psychotherapy patients, AI prompt injection is an unsolvable problem, Deepfakes are messing up Canada's justice system, What the hack of Russia's Unified Military Registry revealed, The US military needs to accelerate its tests of AI trustworthiness

Amnesty research: a government customer of spyware maker Intellexa hacked the iPhone of journalist Teixeira Cândido in Angola in 2024 via Predator spyware (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/2026/02/17/inte

Intellexa's Predator spyware used to hack iPhone of journalist in Angola, research says | TechCrunch
Amnesty International says it found evidence that a government customer of Intellexa, a sanctioned surveillance vendor, used its Predator spyware against a prominent journalist in Angola.

We found the cyber Amish :
#ai #cyberamish

Gehackt worden is één ding....
De gevolgen kunnen beheersen is toch wel een veel belangrijker tweede 'dingetje' ...
ChipSoft belooft week na hack nieuwe webpagina met informatie, maar site is down - Tweakers
#Chipsoft #hack #zorg

“The main goal of hackers is personal data that can be used for blackmail or manipulation. If the device has a microphone and camera, they can technically be activated for surveillance, even if it is programmatically prohibited.”
Hackers have learned to hack smart vacuum cleaners
https://

Hackers have learned to hack smart vacuum cleaners
It is impossible to visually determine a hack - the device continues to work properly

(Flashback, 2012) Real-life science closes in on Star Trek as scientists show they can to hack into blind people's visual cortex to let them 'see' https://www.dailymail.co.uk/sciencetech/ar

Real-life science closes in on Star Trek: TNG with new device to hack into blind people's visual cortex to let them 'see'
he Sensory Substitution Device, which uses an algorithm to translate visual data into sound, can actually activate the visual cortices of congenitally blind people, giving them the opportunity to see.

RE: https://mastodon.social/@CyReVolt/116097367817671544
Of course that's an excellent chance to try out the new React framework that is currently in alpha.
Starting with a horrible hack already. :D

Does anyone run automated test for your Hashtag#jira app? Is there any trick or hack to login into Jira with cypress, playwright or any other tool?

Reminding myself I am supposed to boost to help cool posts reach wider audience on Mastodon. The best NI hack in the absence of malicious AI algos, imo. People have always been gossip creatures. That's probably how that whole thing called civilisation started out.

Korean police arrested two high school students for the 2024 hack of Seoul’s public bicycle service “Ttareungyi”
https://www.chosun.com/english/national-en/2026/02/23/X4AOVZXXORHNLI5P5BOHMRZQRY/

Teenagers Behind 4.62 Million Ttareungyi Data Breach Identified as Minors
Teenagers Behind 4.62 Million Ttareungyi Data Breach Identified as Minors Teenagers exploited weak authentication to access 4.62 million user records, including IDs, addresses

Book extract: ex-Sony Entertainment CEO Michael Lynton recounts his role in sparking North Korea's 2014 hack, one of the worst cyberattacks in corporate history (Michael Lynton/Wall Street Journal)
https://www.wsj.com/te…

Radio buttons are not a viable way to manage state for UIs. If you’re using radio buttons for anything other than forms, you’re opening yourself to risk and your users to hassle.
https://css-tricks.com/the-radio-state-machine/#comment-1884181 (link to my comment ci…

The Radio State Machine | CSS-Tricks
One of the best-known examples of CSS state management is the checkbox hack. What if we want a component to be in one of three, four, or seven modes? That is where the Radio State Machine comes in.

"The April Fools' posts have since been deleted."
https://www.web3isgoinggreat.com/?id=hyperbridge-exploit

Nach verdächtigen Mails: Fairphone-Shop wohl nicht gehackt
Fairphone-Besitzer berichten von erhaltenen E-Mails mit verdächtigen Kaufbestätigungen. Fairphone geht derzeit nicht von einem Hack oder Datenleck aus.
h…

Texas sues TP-Link, alleging it allows China to hack into routers https://therecord.media/texas-sues-tp-link-china-allegations

It's been a year since North Korean hackers stole $1.5 billion from Bybit, and they completely got away with it, ha ha ha.
Bybit exploit 12 months on: the DPRK threat continues
https://www.elliptic.co/blog/bybit-exploit-12-months-on-the-dprk-threat…

Bybit exploit 12 months on: the DPRK threat continues
The Bybit hack was an inflection point, not a culmination. Elliptic research reveals how DPRK operatives may now be creating cryptoasset projects, not just infiltrating them.

Workout of the day.

FBI seizes pro-Iranian hacking group’s websites after destructive Stryker hack
https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/

FBI seizes pro-Iranian hacking group's websites after destructive Stryker hack | TechCrunch
The FBI and the Justice Department took down two websites linked to the pro-Iranian hacktivist group Handala, which last week hacked medical tech giant Stryker.

»SoundCloud-Hack — HIBP-Datenbank nimmt Daten von 30 Millionen Accounts auf:
Beim @… Dienst können Nutzer nun prüfen, ob sie von der Cyberattacke auf SoundCloud von Ende 2025 betroffen sind.«
Nun auch SoundCloud. Die Frage ist doch eigentlich, welche Webdienste wurden noch nicht angegriffen und gehackt? Auch "nur Metadaten" sag…

SoundCloud-Hack: HIBP-Datenbank nimmt Daten von 30 Millionen Accounts auf
Beim Have-I-Been-Pwned-Dienst können Nutzer nun prüfen, ob sie von der Cyberattacke auf SoundCloud von Ende 2025 betroffen sind.

Hack bij ChipSoft.
#chipsoft

Zorgleverancier ChipSoft geraakt door gijzelsoftware
Softwareleverancier voor de zorg, ChipSoft, is slachtoffer geworden van een hack met gijzelsoftware. Dit blijkt uit informatie die is ingezien door de Volkskrant. De website van het bedrijf, dat aan een groot aantal ziekenhuizen zorgsystemen levert, ligt plat. Een woordvoerder was niet te bereiken.

"What the Hack? – Deshalb sind Hacker mehr als Computer-Knacker2
https://www.br.de/mediathek/podcast/iq-wissenschaft-und-forschung/what-the-hack-deshalb-sind-hacker-mehr-als-computer-knacker/2115872

Book extract: ex-Sony Entertainment CEO Michael Lynton recounts his role in sparking North Korea's 2014 hack, one of the worst cyberattacks in corporate history (Michael Lynton/Wall Street Journal)
https://www.wsj.com/te…

Related to my earlier posts, this is a good demo of custom properties:
https://css-tricks.com/the-radio-state-machine/#utilize-custom-properties (anchor link)
But…
This demo does the same without WCAG violations:

The Radio State Machine | CSS-Tricks
One of the best-known examples of CSS state management is the checkbox hack. What if we want a component to be in one of three, four, or seven modes? That is where the Radio State Machine comes in.

*sigh* Ich muss wohl doch mal irgendwas an Hack schreiben um die #Mediathek nutzbar zu machen. Jedes mal, wenn man mit Hotkeys Tabs wechselt, captured deren Player einen Teil der Tastendrücke und springt wild im Video hin und her. Und da das bei mir oft längere Dokus sind such ich dann erst mal minutenlang wieder wo ich dran war -.-

A recent spate of espionage and cybercriminal campaigns has deployed phone-takeover tools,
embedded in infected websites,
to indiscriminately hack phones by the thousands.
And one new technique in particular
—capable of taking over any of hundreds of millions of iOS devices
—has appeared on the web in an easily reusable form, putting a significant fraction of the world's iPhone users at risk.

A Possible US Government iPhone-Hacking Toolkit Is Now in the Hands of Foreign Spies and Criminals
A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.

De väljer, inte otippat, den lösning som skulle skada mest vid ett hack. Inte den mindre invasiva modell som ex @… har talat om i sin pod. Är det eg skydd eller spårning de vill ha?

The Fulu Foundation, a group founded by repair advocate and YouTuber Louis Rossmann, which pays out bounties to people who can remove user-hostile features on connected devices, is now offering a potential payout of $10,000 to encourage hackers and tinkerers to disable software features that require Ring devices to send data to Amazon.

A $10K Bounty Awaits Anyone Who Can Hack Ring Cameras to Stop Sharing Data With Amazon
The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon—without breaking the hardware.

Letzten Herbst fand ein Hackathon statt, mit dem Ziel, eine Software zu entwickeln, die Menschen in der Solidarischen Landwirtschaft (#Solawi) hilft, möglichst einfach Beitragsrunden für ihre Mitglieder zu organisieren.
Herausforderung: Es gib vier verschiedene Typen von Beitragsrunden (auch "Bieterunden" genannt).
Es geht dabei um eine Methode, sämtliche Kosten eines Betrie…

HACK-THE-DIFFERENCE-Hackathon
Unser Hackathon bringt Acker und Hacker zusammen, für solidarische und offene digitale Tools für die bäuerliche Landwirtschaft

Texas AG Ken Paxton sues TP-Link, alleging it deceptively markets its products as secure while allowing the CCP to hack into consumers' devices (The Record)
https://therecord.media/texas-sues-tp-link-china-allegations

Texas sues TP-Link, alleging it allows China to hack into routers
Attorney General Ken Paxton announced the lawsuit on Monday and said it is the first of several that will be filed this week against companies affiliated with China's government.

Dies erklärt Einiges! (Auge @…, die Sache mit der Schulter)
https://www.derstandard.at/story/3000000316044/w…

Wie man als Frau endlich Liegestütze schafft
Für viele Frauen sind Liegestütze der "Endgegner". Trotz gezielten Trainings bekommt man sie fast nicht hin. Auf TikTok gibt es nun einen Hack, wie man sie schafft. Und der soll tatsächlich funktionieren, sagt ein Experte

@… <https://codeberg.org/small-hack/open-slopware/pulls/230> your description of FreeBSD as slopware is offensive.
&l…

They had to hack the traffic cameras? We buy the cameras ourselves and hang them on our doors in the West. @… https://m.ai6yr.org/@ai6yr/116168854186551062

Take a leisurely scan of today's Metacurity to check out the top infosec developments you should know, including
--Ransomware negotiator cops to conspiring with cybercrims against US companies,
--NSW official charged in data breach involving sensitive documents,
--UK man faces 22 years in US prison for $8m hacking scheme,
--Hack of French government identity website might have exposed users' data,
--Bundesbank pres. wants level playing field for Mythos, L…

Ransomware negotiator cops to conspiring with cybercrims against US companies
NSW official charged in data breach involving sensitive documents, UK man faces 22 years in US prison for $8m hacking scheme, French gov't identity website hack might have exposed users' data, Bundesbank president wants level playing field for Mythos, Lovable downplays data exposure, much more

Your #retirement fund should not be #crypto.
https://www.web3isgoinggreat.com/?id=fake-le…

It feels obvious that llm's have no place in free and open source software. Apparently it isn't, at least not to everyone. I recently became interested in exploring the scope of the problem after finding out that both Vim and Neovim not only don't have policies banning llm contribution, but already contain fairly significant amounts of llm generated code.

I submitted a proposal for a lightning talk for #FOSDEM . It's about .... from street-level hack to open cultural production.
https://pretalx.fosdem.org/fosdem-2026

Don't miss today's Metacurity which is jam-packed with a host of intense cybersecurity developments, including
--Texas AG sues TP-Link, saying it allowed the CCP to hack routers,
--A hacker gained access to a French national bank database with 1.2m accounts,
--Microsoft 365 Copilot bug summarized confidential emails,
--DEF CON bans Epstein's hacking associates,
--Deutsche Bahn operations disrupted by cyberattack,
--Polish army bans Chinese cars,…

Texas AG sues TP-Link, saying it allowed the CCP to hack routers
A hacker gained access to a French national bank database with 1.2m accounts, Microsoft 365 Copilot bug summarized confidential emails, DEF CON bans Epstein's hacking associates, Deutsche Bahn operations disrupted by cyberattack, Polish army bans Chinese cars, much more

The FBI Is Using AI to Hack Targets https://www.404media.co/the-fbi-is-using-ai-to-hack-targets/

@… @… Uh, High Security. Genau so macht man das. Zur Sicherheit benenne ich die Datei noch in pwd.geheim um. Dann kann man sie mit Excel nicht mehr öffnen. Life-Hack!

Und wenn sich die Nazis auf den Kopf stellen: Die Ex-DDR wird nie wieder die Monokultur werden, die sie mal war.
Meine Mutter macht neuerdings zusätzlich Kreuzkümmel und #Sumach/#Sumak an ihre vegetarischen Königsberger Klopse. Und das habe ich weder vorgeschlagen noch aus NRW mitgebracht.
Außerdem war das Veggie-Hack heute auf Erbsenbasis und das scharfe Paprikapulver geräuchert. Nicht i…

#Caturday

Life Hack for those without unlimited downloads:
If you go over your limit, make sure to reupload that data so you don't get charged extra! :blobcatthinksmart:

RE: #Chipsoft #hack

Dit klinkt niet goed....
https://tweakers.net/nieuws/245735/criminelen-hackten-it-dienst-overheid-nl-omvang-onbekend-door-slechte-logging.html?utm_source=dlvr.it&utm_medium=mas…

'Criminelen hackten IT-dienst overheid NL, omvang onbekend door slechte logging'
Criminelen hebben afgelopen zomer een belangrijke IT-dienst van de Nederlandse overheid gehackt. De organisatie levert onder meer diensten aan een ministerie en de Autoriteit Persoonsgegevens. Door slechte logging zou bovendien onduidelijk zijn wat de omvang is van de hack.

My moment of clarity in the last few weeks was coming back to “Oh right, copyright is a hack, and one that is not serving us, particularly us on the margins”
The moral rights of authorship and the way we situate our legal process of ownership are, actually, kinda at odds. And it entirely misses the idea of a commons, both as community and as a cultural base to draw from.
I've long believed that we, collectively, should own our culture — to have modern myths be Copyright 1972 LucasFilm, the traditional songs we sing Copyright 1922, now owned by Warner/Chappell Music is one of the things I find repugnant about the situation we find ourselves in.
That said, reconciling that with the behavior of the AI companies, _particularly_ the American ones? It's hard. Google abuses its monopoly position; Microsoft has forced harmful and terrible tooling on people at every turn; OpenAI is run by someone who actively despises art and does not understand it; and Anthropic is run by a guy who is trying to make sure the apocalypse has a pleasant demeanor and doesn't offend any corporations on the way. All of the above have scraped the web with no active consent — and that's largely fine, that's what putting things in common _is_, that's the beauty of the open information world we have the remnants of — but also actively evading measures people put in place to stop it and with absolutely no willingness to engage with the process. Extracting from the commons _is_ the tragedy of the commons.
It does not mean that enlarging the commons with the resulting tools is bad. The doctrine of original sin is a Christian concept I do not subscribe to. The concept of 'fruit of the poisonous tree' is a legal tool to fix power relations not a moral stance. They're worth understanding, but they are not absolute moral stances that are self-evident.
These are not harmless tools, but so too putting hard regulation and corporate, legalistic scrutiny on everything has a vastly negative impact: it is a yoke on human creativity and community to the reins of capital.
And, so too, disruption has huge costs. We are, apparently, committed to doing things the worst possible way. One can just hope that we capture the good too, because the ride has started and it's rather late to get off.

Only 30 seconds to hack any OpenCLAW instance... no credentials needed.
100% Darwin Award CVE. 😝
✅ If you're running OpenClaw, you probably got hacked in the last week : sysadmin
https://www.reddit.com/r/sysadmin/comments/…

„Wir hätten ihnen vorgeschlagen: 200 Euro“, sagte der Vorsitzende Richter. Davon könnten alle „schön abends essen gehen, schöne Flasche Wein dazu“.
Soviel sind am OLG Hamburg offenbar Daten wert, die bei einem Hack von Unternehmen geklaut wurden.
https://www.heise.…

Einige der zuletzt hier besonders häufig geteilten #News:
Nach verdächtigen Mails: Fairphone-Shop wohl nicht gehackt
h…

The entire machinery of online discourse around building and creating has been so thoroughly captured by entrepreneurial "logic"
that we've lost the language to describe what it feels like to simply make a thing that helps someone,
give it away, and move on with your life.
I've been feeling this for a while now, and I suspect a lot of folks who have the itch to build feel it too, even if they haven't articulated it.

The Noble Path
It is a truth universally acknowledged that an indie hacker in possession of a widget must be in want of a business model... Every tool is a startup now. Every script is a SaaS product. Every neat little hack you cobbled together on a Sunday afternoon to solve your own

AI penetration testing company CodeWall says its agent was able to hack into one of Bain's internal AI tools, following a similar hack at McKinsey (Ellesheva Kissin/Financial Times)
https://www.ft.com/content/e73ddecf-8c41-4ecb-ada3-77a163c8d69f

Life hack: an aluminum meat thawing tray is like 10x better than a cookie cooling rack for cooling desserts like cookies or cakes and stuff
Plus it’s obviously handy for thawing meat

US Tells Companies to Secure Microsoft System After Stryker Hack
https://www.bloomberg.com/news/articles/2026-03-19/us-tells-c…

Om welke software gaat het bij Chipsoft?
In de Play Store staan deze: ( HiX Specialist)
Android-apps van ChipSoft BV op Google Play
#Chipsoft #hack

https://www.wsj.com/tech/cybersecurity/sony-north-korea-hack-the-interview-michael-lynton-28a04475
This is a Hollywood-dishy, name-dropping, and fun read by the former CEO of Sony Entertainment on how he greenlighted The Interview,…

CISA warns US companies to follow Microsoft's recommendations for fortifying Intune, a tool to manage staff access, after a cyberattack on Stryker last week (Margi Murphy/Bloomberg)
https://www.bloomberg.com/news/articles/20

Einige der zuletzt hier besonders häufig geteilten #News:
Nach verdächtigen Mails: Fairphone-Shop wohl nicht gehackt
h…

The telcos keep falling.
Dutch telecom provider Odido has been hit by a major cyberattack. Criminals gained access to a file containing the data of 6.2 million accounts.
https://nos.nl/artikel/2602080-hack-bij-odido-gegevens-miljoenen-kl…

Hack bij Odido, gegevens miljoenen klanten in handen van criminelen
Onder de gegevens vallen onder meer volledige naam, adres en woonplaats, mobiele nummer, klantnummer, e-mailadres, rekeningnummer, geboortedatum en nummers en geldigheidsdatum van identiteitsbewijzen.

/4
In 2022 maakte NPO Doc er een documentaire over.
Dodelijke zorg | NPO Start
#chipsoft #hack

Ik zal wel de enige zijn, maar het Odido lek van mijn gegevens is niet mijn grootste zorg. als het gaat om bescherming van mijn gegevens. Vooral ook niet betalen lijkt me. Weggaan bij Odido kan natuurlijk wel 🙂
#odido #hack

/2
De hack bij Booking lijkt ernstiger als de hackers ook boeking informatie hebben ingezien (buitgemaakt).
Booking.com is gehackt: je boekingsgegevens liggen mogelijk op straat
https://www.dutchcowboys.nl/cybercrime/datalek-bij-bookingcom-hackers-weten-mogelijk-je-boekingsgegevens

A mass hacking campaign targeting iPhone users in Ukraine and China
used tools that were likely designed by U.S. military contractor L3Harris, TechCrunch has learned.
The tools, which were intended for Western spies, wound up in the hands of various hacking groups,
including Russian government spooks and Chinese cybercriminals.
Last week, Google revealed that over the course of 2025, it discovered that a sophisticated iPhone-hacking toolkit had been used in a series …

A suite of government hacking tools targeting iPhones is now being used by cybercriminals | TechCrunch
Security researchers say exploits used by governments to hack into iPhones have been found to be used by cybercriminals. They warned of an emerging market for "secondhand" exploits.

A hack of the L.A. city attorney’s office compromised 7.7 terabytes of sensitive LAPD records.
Leaked materials contain discovery documents typically kept private, such as witness names, medical information and unredacted criminal complaints now available online.
https://www.latimes.co…

Trove of sensitive LAPD records leaked in suspected hack
Sensitive LAPD records, including officer personnel files and documents from Internal Affairs investigations, are among the materials believed to have been seized in a breach last month involving the L.A. city attorney’s office.

/2
Ojaaa....
Klagende ziekenhuizen, toch blijven ze zakendoen met Chipsoft
#chipsoft #hack

Russian state hackers likely behind wiper malware attack on Poland’s power grid https://therecord.media/russia-eset-sandworm-poland-hack

Security researchers at Jamf found that Predator spyware can prevent iOS video and microphone recording indicators from appearing. 
https://appleinsider.com/articles/26/02/19/iphone-camera-microphone-dot-can-be-suppressed-if-yo…

Predator spyware exploits SpringBoard to block iOS camera & microphone lights
Apple's camera and microphone indicators are supposed to tell iPhone users when the microphone or camera are on, but after a device is fully compromised with kernel-level access by another hack, Predator spyware can prevent those from appearing.

“Honoring Mobile OS Text Size”
https://adrianroselli.com/2026/02/honoring-mobile-os-text-size.html
Looks at the new HTML thing proposed from CSSWG (yeah, not confusing) and tries to merge Safari’s propriety hack with Google’s CSSWG proposal and Canary impl…

Honoring Mobile OS Text Size
If your users scale the text size in Android or iDeviceOS, that doesn’t always affect the size of text on a web page. It’s a function of browser and authored code, as opposed to a standardized approach. That may be changing. Support The current state of affairs in the three…

A profile of Benjamin Brundage, a 22-year-old college senior who helped uncover the Kimwolf botnet, which launched 26,000 DDoS attacks targeting 8,000 victims (Robert McMillan/Wall Street Journal)
https://www.wsj.com/tech/kimwolf-hack-resi

Wat grappig ...
Volgens de NOS ben ik hacker..
(Of een hacker heeft exact dezelfde tekst gebruikt.. )
Nepmails van CJIB in omloop: 'Verband met Odido-hack aannemelijk'
https://nos.nl/artikel/2607755-nepmails-van-cjib-in-omloop-verband-met-odido-hack-aannemelijk

Sources: the FBI has declared a recent China-linked hack of a system, which contained pen register and trap and trace surveillance returns, a "major incident" (John Sakellariadis/Politico)
https://www.politico.com/news/2026/04/01/fbi-ha…

Don't leave for the weekend until you've checked out today's Metacurity for the most critical infosec developments you should know, including
--International operation takes down massive cybercrime proxy network SocksEscort,
--Telus probes purported ShinyHunters hack,
--Stryker cyberattack by alleged Iran-aligned hacking group continues to disrupt operations ,
--Leidos CTO John Solly ID'ed as DOGE SSA data thief,
--GAO finds gaps in CMMC program, …

International operation takes down massive cybercrime proxy network SocksEscort
Telus probes purported ShinyHunters hack, Stryker cyberattack continues to disrupt operations by alleged Iran-aligned hacking group, Leidos CTO John Solly ID'ed as DOGE SSA data thief, GAO finds gaps in CMMC program, Google issues emergency fixes for Chrome, much more

The US DOJ says Peter Williams, former boss of L3Harris' Trenchant, stole and sold tools that can hack millions of computers worldwide to a Russian broker (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/…

DOJ says Trenchant boss sold exploits to Russian broker capable of accessing 'millions of computers and devices' | TechCrunch
The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government among its customers.

"When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity."
https://www.wired.com/story/inside-the-hack-that-exposed-s…

The Hack That Exposed Syria’s Sweeping Security Failures
When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity.

It's finally Friday, so don't leave for the weekend without checking out today's Metacurity for the most crucial infosec developments you should know, including
--FBI's wiretap network hit by suspected hack, maybe by the Chinese spies it was watching
--US gov't contractor's son pleads guilty to stealing $46m in crypto,
--DoD officially labels Anthropic a supply chain risk,
--About half of zero-days target enterprises,
--Bing's AI-enhan…

FBI's wiretap network hit by suspected hack, maybe by the Chinese spies it was watching
US gov't contractor's son pleads guilty to stealing $46m in crypto, DoD officially labels Anthropic a supply chain risk, About half of zero-days target enterprises, Bing's AI-enhanced search pushed malicious OpenClaw installers, Ghanaian national pleads guilty to role in $100m fraud ring, much more

Google attributes the supply chain attack on HTTP client Axios to a suspected North Korean threat actor it calls UNC1069 (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-…

North Korean hackers blamed for hijacking popular Axios open source project to spread malware | TechCrunch
A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack.

That UPenn breach affected only ten people.
A class action lawsuit against Penn over an October 2025 data breach at the Graduate School of Education will not proceed after a new court filing revealed on Monday that fewer than 10 people were affected by the incident.
https://www.

Penn GSE email hack impacted fewer than 10 individuals, according to new filing
In recent weeks, seven of the 18 Penn graduates in the originally consolidated case have withdrawn their claims.

It's almost Friday, so kick back and check out today's Metacurity for the most critical infosec developments you should know, including
--Hackers stole millions from Bitcoin Depot wallets,
--OpenAI readies its own vulnerability hunting system,
--Handala breached the devices of former IDF chief,
--Hackers published data from China's supercomputer,
--Hundreds of unprotected and unencrypted Modbus devices are exposed on the internet,
--Hack-for-hir…

Hackers stole millions from Bitcoin Depot wallets
OpenAI readies its own vulnerability hunting system, Handala breached the devices of former IDF chief, Hackers published data from China's supercomputer, Hundreds of unprotected and unencrypted Modbus devices are exposed on the internet, Hack-for-hire attacks are targeting journalists, much more

Source: the 2024 cyber-attack by the Scattered Spider group on Transport For London resulted in the theft of personal data of ~10M people (Joe Tidy/BBC)
https://www.bbc.com/news/articles/cz0ggkr2g77o

2024 TfL hack affected around 10 million people, BBC can reveal
TfL insists it has "kept customers informed throughout this incident and will continue to take all necessary action".

"Wikipedia’s volunteer community of editors reverted changes within minutes, according to the emails. Eventually, Seckel and his team were able to 'hack' the IP addresses of certain editors to block them from interfering, he wrote."
Epstein Paid Reputation Firms to Suppress Child Sex Offenses Online

Iran-linked hacker group Handala Hack Team claims the breach of FBI Director Kash Patel's personal email and publishes some documents online (Reuters)
https://www.reuters.com/world/us/iran-linked-hackers-claim-bre…

Google Threat Intelligence Group (GTIG) has linked the recent axios NPM supply chain attack to a suspected North Korean threat actor, UNC1069 (and not TeamPCP).
https://techcrunch.com/2026/03/31/hacker-hijacks-axios-open-source-proj…

North Korean hackers blamed for hijacking popular Axios open source project to spread malware | TechCrunch
A hacker inserted malware in Axios, an open source web tool downloaded tens of millions of times weekly, in a widespread hack.