Tootfinder

https://www.nytimes.com/2025/07/14/us/elmo-x-hack-antisemitism.html
Hacker Impersonating Elmo Makes Antisemitic X Posts

Hacker Makes Antisemitic Posts on Elmo’s X Account
The owner of “Sesame Street” said it was working to restore control of Elmo’s social media account after the cyberattack on the fuzzy red monster, a beloved character on the children’s show.

Computing's weekly roundup of tech news in Asia. This time we look at the attempted extradition by the US of an alleged Chinese hacker of vaccine secrets who was arrested in Italy last week, and fast-fashion ecommerce company Shein’s plans to go public
https://www.

Accused Chinese hacker claims mistaken identity - Asian Tech Roundup
Welcome to Computing's weekly roundup of tech news in Asia. This time we look at the attempted extradition by the US of an alleged Chinese ...

Now that the weekend is over, check out today's Metacurity for the top infosec developments you might have missed, including
--Suspected Chinese hackers breach top telco law firm,
--13 Romanians busted for phishing attacks on UK revenue & customs office,
--Hacker shares racist and antisemitic posts on Elmo's X account,
--Flaw can trigger train emergency break,
--DoJ tries to recoup Trump boosters' stolen crypto,
--Google Gemini for Workspace…

Suspected Chinese hackers breach top telco law firm
13 Romanians busted for phishing UK revenue & customs office, Hacker shares racist & antisemitic posts on Elmo's X account, Flaw can trigger train emergency break, DoJ tries to recoup Trump boosters' stolen crypto, Google Gemini for Workspace flaw enables malicious instructions, much more

Elmo’s X Account Briefly Hacked, Posts Obscene Messages (AP News, 13 July 2025)
#MediaLit

Elmo's X account is hacked, leaving Sesame Workshop scrambling
Sesame Workshop is working to regain control of Elmo's X account after a hacker posted racist and antisemitic messages. A spokesperson confirmed Monday that the account was compromised over the weekend. Instead of its usual uplifting posts, the account shared offensive content, including a reference to the Jeffrey Epstein investigation. The posts were quickly deleted. Elmo's account, with 650,000 followers, has been a platform for mental health awareness. Last year, it gained attention when Elm…

Hacker returns cryptocurrency stolen from GMX exchange after $5 million bounty payment https://therecord.media/hacker-returns-stolen-gmx-bounty

Now also once on #HackerNews 👇🏻😎
#Denmark

»Hacker knacken McDonald’s-Chatbot mit dem einfachsten Passwort der Welt:
Bei McDonald’s führt ein #Chatbot das erste Bewerbungsgespräch – mit drastischen Folgen für den #Datenschutz. Sicherheitsforschern gelang es, auf Millionen

Hacker knacken McDonald’s-Chatbot mit dem einfachsten Passwort der Welt | t3n
Bei McDonald’s führt ein Chatbot das erste Bewerbungsgespräch – mit drastischen Folgen für den Datenschutz. Sicherheitsforschern gelang es, auf Millionen Bewerbungen zuzugreifen, weil das Unternehmen auf ein sehr einfaches Passwort setzte. Wer sich heute bei McDonald’s bewirbt, landet mit hoher Wahrscheinlichkeit zunächst bei Olivia. Der KI-Chatbot ist in die Karriereplattform des Fast-Food-Riesen integriert und erfragt […]

How spyware, posing as an app from a humanitarian organization, spread among Syrian army officers via Telegram, and fueled the collapse of the Assad regime (Mobile Hacker)
https://www.mobile-hacker.com/2025/06/05/an…

Analysis of Spyware That Helped to Compromise a Syrian Army from Within
This case demonstrates that effective smartphone espionage doesn't always require expensive zero-day exploits or the development of sophisticated, custom and undetected spyware. Instead, attackers can achieve significant intelligence gains using older, off-the-shelf tools like Android SpyMax—especially when combined

[IOT]
Je suis très heureux de vous annonce une nouvelle certification auprès de #CISCO Network Académie.
« Introduction Š l’IoT (IdO) et Š la transformation digitale »
Une étape de plus dans mon cursus dans mon cursus d'Analyste cybersécurité ou de hacker éthique
https://www.credly.com/badges/3d30adad-7eab-4b7d-a049-03b41e70db74

Wenn man wesentliche Infrastruktur ins öffentliche Internet hängt:
https://www.golem.de/news/cyberangriff-in-norwegen-hacker-reissen-ventile-eines-staudamms-ganz-auf-2507-197684.html

https://wgme.com/news/i-team/while-in-mourning-hacker-used-a-maine-moms-facebook-to-sell-her-late-daughters-items
Oh lord

While in mourning, hacker used Maine mom's Facebook to 'sell' her late daughter's items
We share our lives online. Family photos. Health updates. But those years of memories are vulnerable.

https://news.ycombinator.com/item?id=44246518 is that still named the slashdot effect, or is slashdot effect something for old people only?

A long outage of Columbia University servers last week was due to a hacker,
seemingly with a pro-Trump agenda of stealing data to show the guilty nature of
“woke” university policies.
In particular this hacker gave the data for 2.5 million applications to Columbia over many years to Bloomberg News.
Not sure what this would show of significance other than the already heavily litigated fact that Columbia and most other universities have been practicing affirmative act…

Columbia Cyberattack Appears Politically Motivated, University Says
The attacker, described as a “hacktivist,” shut down computer systems and stole student data last week.

This spin reminds me when we looked at the script kiddies trying to hack our Dec-cluster with copied linux exploits 😅
https://mastodon.social/@dw_innovation/114663563572107178

How AI-assisted "vibe hacking", which often relies on jailbroken versions of mainstream AI models, is leading to a cybersecurity "arms race" (Matthew Gault/Wired)
https://www.wired.com/story/youre-not-ready-for-ai-hacker-agents/

The Rise of ‘Vibe Hacking’ Is the Next AI Nightmare
In the very near future, victory will belong to the savvy blackhat hacker who uses AI to generate code at scale.

New hacker group uses LockBit ransomware variant to target Russian companies https://therecord.media/new-hacker-group-lockbit-target-russia

https://crypto-economy.com/hacker-behind-300m-coinbase-breach-buys-millions-in-ethereum-eth/
The hacker who stole $300 million from Coinbase is out there carefully managing trades to capitalize on future bullish cycles.

Hacker Behind $300M Coinbase Breach Buys Millions in Ethereum (ETH) - Crypto Economy
The hacker behind the Coinbase breach resurfaced after two months of inactivity, buying 4,863 ETH for $12.55 million as Ethereum rallied.

Schade. Das wäre guter Stoff für eine Black-Mirror-Folge gewesen. Jetzt ist es keine Dystopie mehr.
https://www.golem.de/news/kundenfang-am-unfallort-hacker-verkauft-daten-aus-notrufsystem-an-bestatter-2507-197…

»Hacker greifen Kundendaten bei Adidas, Victoria's Secret und Cartier ab:
Hacker haben es auf Firmen mit kaufkräftigen Kunden abgesehen. Nach Datenabgriffen bei The North Face sowie Marks & Spencer werden jetzt drei weitere namhafte Unternehmen Opfer. Die Cyberkriminellen haben große Datensätze gesammelt, aber keine Zahlungsinformationen erhalten«
Die wievielten Konzerne sind das, die sich einen Quatsch um Kundendaten kümmern?
🙄

Hacker greifen Kundendaten bei Adidas, Victoria's Secret und Cartier ab
Hacker haben es auf Firmen mit kaufkräftigen Kunden abgesehen. Nach Datenabgriffen bei The North Face sowie Marks & Spencer werden jetzt drei weitere namhafte Unternehmen Opfer. Die Cyberkriminellen haben große Datensätze gesammelt, aber keine Zahlungsinformationen erhalten.

Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales
https://www.404media.co/hacker-conference-hope-says-fewer-people-buying-tickets-because-u-s-immigration-crackdown/

Columbia University Applicant Personal Data Stolen by Hacker (Cameron Fozi/Bloomberg)
https://www.bloomberg.com/news/articles/2025-07-01/columbia-university-applicants-personal-data-stolen-by-hacker?accessToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzb3VyY2UiOiJTdWJzY3JpYmVyR2lmdGVkQXJ0aWNsZSIsImlhdCI6MTc1MTQxMjgwNiwiZXhwIjoxNzUyMDE3NjA2LCJhcnRpY2xlSWQiOiJTWUlZSEVUMEcxS1cwMCIsImJjb25uZWN0SWQiOiJGMUM1Mzc1OEY5Qjg0MDZCOUJCNzMyODRDN0RBMEY3QyJ9.o9xPoIloekMS3v1t1CPNB8CqzIZ79e6Qs7ABNcM3R_U
http://www.memeorandum.com/250701/p152#a250701p152

"On June 25th, 1999, Brian Foote published a seminal article that became, for a short while, one of the most commented pages of the early Internet, at least by struggling software developers and prospective architects. Such was the impact that it “was twice featured in Slashdot” (kids: that is the 1999 equivalent of “this article hit the homepage of Hacker News”). After almost 25 years since that publication, one question lingers: when are we going to accept defeat?"

Goodness Gracious, Great Balls Of Mud!
On June 25th, 1999, Brian Foote published a seminal article that became, for a short while, one of the most commented pages of the early Internet, at least by struggling software developers and prospective architects. Such was the impact that it "was twice featured in Slashdot" (kids: that is the 1999 equivalent of "this article hit the homepage of Hacker News"). After almost exactly 25 years since that publication, one question still lingers: when are we going to accept defeat?

You won't want to miss today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--Trump cyber EO reverses some parts of Biden, Obama orders
--Starlink endangers WH security,
--Nigeria convicts Chinese cybercriminals,
--US sentences Nigerian hacker,
--ICE arrests Oz hacker,
--Italy ends contract with spyware company Paragon,
--Supreme Ct. gives DOGE social security data,
--BADBOX 2.0 …

Trump cyber EO reverses some parts of Biden, Obama orders
Starlink endangers WH security, Nigeria convicts Chinese cybercriminals, US sentences Nigerian hacker, ICE arrests Oz hacker, Italy ends contract with spyware company Paragon, Supreme Ct. gives DOGE our social security data, BADBOX 2.0 infects 1m+ devices, EU issues cyber blueprint, much more

The Vet Nurse Hacker Podcast
Great Australian Pods Podcast Directory: #GreatAusPods

Zero-Day: Bluetooth-Lücke macht Millionen Kopfhörer zu Abhörstationen
Der in beliebten Modellen großer Hersteller verbaute Bluetooth-Chipsatz ist angreifbar. Hacker konnten so Anrufe starten und Geräte abhören.

Researchers find the first known "zero-click" attack on an AI agent; the now-fixed flaw in Microsoft 365 Copilot would let a hacker attack a user via an email (Sharon Goldman/Fortune)
https://fortune.com/2025/06/11/microsoft-cop…

Exclusive: New Microsoft Copilot flaw signals broader risk of AI agents being hacked—‘I would be terrified’
Microsoft fixed the Copilot flaw, but researchers warn the real danger lies in how all AI agents are built.

So, the kid who hacked the Finnish therapy clinic and caused so much pain is featured in an upcoming four-part HBO documentary.
https://variety.com/2025/tv/news/elon-musk-playstation-hacker-max-documentary-series-1236420579/

Elon Musk, PlayStation Hacker Subject of New Max Documentary Series
Max has dropped the first teaser for "Most Wanted: Teen Hacker," a documentary series that chronicles Finnish hacker Julius Kivimäki.

A list is a #monad
https://alexyorke.github.io//2025/06/29/a-list-is-a-monad/

🤦‍♂️ https://news.ycombinator.com/item?id=44194014

Hacker Conference HOPE Says U.S. Immigration Crackdown Caused Massive Crash in Ticket Sales
https://www.404media.co/hacker-conference-hope-says-fewer-people-buying-tickets-because-u-s-immigration-crackdown/

https://decorrespondent.nl/16074/deze-visionaire-activist-slaat-alarm-als-de-trump-regering-geen-fascisme-is-wat-dan-wel/102b3716-165c-0ed3-00a4-2a638f02816f?mc_cid=e7577…

*Hacker noise*

Hacker who breached communications app used by Trump aide stole data from across US government - https://www.reuters.com/world/us/hacker-who-breached-communications-app-used-by-trump-aide-stole-data-across-us-20…

#nzz #threema #schweiz

#nzz #threema #schweiz

Ukrainian police arrest hacker who used hosting firm's servers to mine cryptocurrency https://therecord.media/ukrainian-police-arrest-hacker-cryptomining

Que el mšximo responsable de la seguridad del país bajo el último gobierno del PP haya sido detenido en una operación contra el robo de información personal de millones de personas da una medida de en manos de qué gentuza hemos estado

Folks, when you think about a legit hacker who has testified in front of Congress a lot who is also respected, who do you think has done it the most? Like, in front of the US House or Senate at least several times?

The US holiday is a memory now, so time to check out today's Metacurity to get briefed on the most critical infosec developments you should know, including
--Italian cops arrest FBI-wanted Chinese hacker who tried to steal COVID-19 vaccine
--Brazilian cops bust IT worker connected to $100m banking systems hack,
--Call of Duty: WWII yanked offline after RCE rumors,
--OpenAI beefs up corporate spying protections,
--DragonForce battles RansomHub,
--Cambod…

Italian cops arrest FBI-wanted Chinese hacker who tried to steal the COVID-19 vaccine
Brazilian cops bust IT worker connected to $100m banking systems hack, Call of Duty: WWII yanked offline after RCE rumors, OpenAI beefs up corporate spying protections, DragonForce battles RansomHub, Cambodia accuses Thai hackers of attacks, Trump's tax bill contains cyber money, much more

Gefahr in der Luft: 🎧🚨 Forscher haben eine kritische Sicherheitslücke aufgedeckt, die Millionen drahtlose Kopfhörer in potenzielle Abhörgeräte verwandeln könnte.
Zum Artikel: https://heise.de/-10457857?wt_mc=sm.red.ho.…

Social Media Reactions to Open Source Promotions: AI-Powered GitHub Projects on Hacker News
Prachnachai Meakpaiboonwattana, Warittha Tarntong, Thai Mekratanavorakul, Chaiyong Ragkhitwetsagul, Pattaraporn Sangaroonsilp, Raula Kula, Morakot Choetkiertikul, Kenichi Matsumoto, Thanwadee Sunetnanta
https://arxiv.org/abs/2506.12643

Social Media Reactions to Open Source Promotions: AI-Powered GitHub Projects on Hacker News
Social media platforms have become more influential than traditional news sources, shaping public discourse and accelerating the spread of information. With the rapid advancement of artificial intelligence (AI), open-source software (OSS) projects can leverage these platforms to gain visibility and attract contributors. In this study, we investigate the relationship between Hacker News, a social news site focused on computer science and entrepreneurship, and the extent to which it influences de…

This is crazy.
At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
https://meduza.io/en/news/2025/07/10/at-u-s-request-france-jails-…

At U.S. request, France jails Russian basketball player Daniil Kasatkin on suspicion of ransomware conspiracy
A court in Paris has jailed Russian basketball player Daniil Kasatkin on suspicion of involvement in a hacker group’s extortion activities. The 26-year-old was arrested on June 21 at Charles de Gaulle airport at the request of the United States, which has charged him with conspiracy to commit computer fraud. According to American investigators, Kasatkin acted as an accomplice in a hacker group’s ransomware attacks on roughly 900 companies, including two federal institutions, between 2020 an…

Behold :) My new #cybersecurity talk is ready and you can see it in the best events around you.
Title: The archetypes of the attackers.
Summary: This talk will lead you on a journey to discover the archetypes of attackers, the tools they use, their motivations for targeting what you've built, and how a geopolitical shift can alter their interest in your resources.

Bogomil Shopov - Бого's Speaker Profile
Human. Artist. Hacker. I care about free and open-source software(F/LOSS), cybersecurity, ethical design, privacy, and technology. 20+ experience in t...

Hacker with ‘political agenda’ stole data from Columbia, university says https://therecord.media/hacker-political-agenda-columbia-cyberattack

The easy access that scammers have to sophisticated AI tools means nothing -- from emails to video calls -- can be trusted.
https://www.wired.com/youre-not-ready/

You're Not Ready
Seems bad out there. Unfortunately, it can always get worse. From evil hacker AI to world-changing cyberattacks, WIRED envisions the future you haven't prepared for.

20 Jahre hab ich den Account jetzt schon: https://www.last.fm/user/Nevid

I guess me saying “Fuck you Trump” will make it hard for me to get a US Visa
https://mstdn.social/@hkrn/114732325869483790

»Die berüchtigtste Hackergruppe attackiert die Schweiz und erbeutet Millionen. Ein Leak zeigt jetzt, wie sie arbeiten:
Lockbit erpresste Tausende Unternehmen. Jetzt wurden die Hacker selbst gehackt. Chat-Protokolle und interne Daten zeigen, wie einträglich das Geschäft ist. Dank der Schweiz.«
101% Sicherheit gibt es nirgends aber zu viele Unternehmen nehmen u.a. ihre IT-Sicherheit leichtgläubig nicht ernst genug.
📰

Regardless of the weather, the cyber world is always hot, so check out today's Metacurity for the crucial infosec developments you should know, including
--M&S and Qantas leaders remain mum on ransomware payments,
--M&S chairman says two other British companies' ransomware attacks have gone unreported,
--5.7m customers impacted by Qantas attack,
--US sanctions DPRK man for IT worker scheme,
--DoJ seeks to bring COVID hacker to US,
--Rubio im…

M&S and Qantas leaders remain mum on ransomware payments
M&S chairman says two other British companies' ransomware attacks have gone unreported, 5.7m customers impacted by Qantas attack, US sanctions DPRK man for IT worker scheme, DoJ seeks to bring COVID hacker to US, Rubio impersonated in AI voice effort, MSFT patches 137+ flaws, much more

«DOGE has provided a template for complete political and cultural rollback, exploiting AI's brittle affordances to trash any pretence at social contract. What the so-called educational offers from AI companies are actually doing is a form of cyberattack, building in the pathways for the hacker tactic of 'privilege escalation' to be used by future threat actors, especially those from a hostile administration.»
"The role of the University is to resist" by @…
https://danmcquillan.org/cpct_seminar.html

🇺🇦 Auf radioeins läuft...
Miss Kittin & The Hacker:
🎵 1000 Dreams
#NowPlaying #MissKittin #TheHacker
#radioeins gespielten Titel als #Spotify Playliste: https://open.spotify.com/playlist/3hdH98B6uyXilhcWxCA6nv

The 90s are back at @…: There’s a LAN party for @… with @… and Katharine Jarmul:

Call for participation: Join us at PyCon DE! · Feminist AI LAN Party
A safe, inclusive and hacker-oriented space for experimenting with the intersection of feminism and AI.

Replaced article(s) found for cs.CY. https://arxiv.org/list/cs.CY/new
[1/1]:
- Fairness and Bias in Algorithmic Hiring: a Multidisciplinary Survey
Fabris, Baranowska, Dennis, Graus, Hacker, Saldivar, Borgesius, Biega

Pro-Ukraine hacker group Black Owl poses ‘major threat’ to Russia, Kaspersky says https://therecord.media/pro-ukraine-hacker-group-black-owl-major-threat-russia

The word "hacker" has been hijacked to mean something even worse than "cracker" (from LinkedIn):

Advanced Purrsistent Threat (APT)

Microsoft, Google, CrowdStrike, and Palo Alto plan a public glossary of state-sponsored hacking groups to ease confusion over the spread of unofficial aliases (Reuters)
https://www.reuters.com/sustainability/boa…

British hacker 'IntelBroker' charged in US over spree of company breaches https://therecord.media/british-hacker-intelbroker-spree-breaches

Towards Safety and Security Testing of Cyberphysical Power Systems by Shape Validation
Alexander Geiger, Immanuel Hacker, \"Omer Sen, Andreas Ulbig
https://arxiv.org/abs/2506.12466

Towards Safety and Security Testing of Cyberphysical Power Systems by Shape Validation
The increasing complexity of cyberphysical power systems leads to larger attack surfaces to be exploited by malicious actors and a higher risk of faults through misconfiguration. We propose to meet those risks with a declarative approach to describe cyberphysical power systems and to automatically evaluate security and safety controls. We leverage Semantic Web technologies as a well-standardized framework, providing languages to specify ontologies, rules and shape constraints. We model infrastr…

Very proud of my trio of pull requests to add GC Loader support to FCEUGX/SNES9XGX/VBAGX - I feel like a real console hacker! (I'm not, it was a matter of gluing things together, but still!)
https://github.com/dborth/fceugx/pull/517

Check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--German police ID Trickbot's "Stern,"
--BitMEX thwarts Lazarus Group attack,
--Shin Bet thwarted 85 Iranian cyberattacks aimed at civilians,
--Vibe coding app Lovable failed to fix critical flaw,
--China's quantum satellite Micius has a severe security flaw,
--Russia's GRU Unit 29155 has a hacker team,
--…

Law enforcement took down cybercriminal malware testing service AVCheck
German police ID Trickbot's "Stern," BitMEX thwarts Lazarus Group attack, Shin Bet thwarted 85 Iranian cyberattacks aimed at civilians, Vibe coding app Lovable failed to fix critical flaw, China's quantum satellite Micius has a security flaw, Russia's Unit 29155 has a hacker team, much more

Yikes, there is always so much infosec news but Metacurity helps a lot with the overload.
Check out today's issue for the cybersecurity developments you should know, including
--Cyber insurance premiums dropped for the first time in 2024,
--CyberAv3ngers shift to psychological manipulation,
--Another hacker hits Paraguay,
--50% of ransomware payments are less than expected,
--Pro-Russian group was reportedly behind Norwegian dam hack,
--UK 2025 …

Cyber insurance premiums dropped for the first time in 2024
CyberAv3ngers shift to psychological manipulation, Another hacker hits Paraguay, 50% of ransomware payments are less than expected, Pro-Russian group was reportedly behind Norwegian dam hack, UK 2025 strategy calls for stronger cyber capabilities, Hackers abuse Trezor's support form, much more

Egads.
US Probes Whether Negotiator Took Slice of Hacker Payments
https://www.bloomberg.com/news/articles/2025-07-02/us-probes-ex-ransom-negotiator-accused-of-scheming-with-hackers?srnd=undefined

Weekends are never slow for cyber news, particularly this past weekend. Check out today's Metacurity for the top infosec developments you might have missed, including
--DHS warns of likely Iranian cyberattacks after Trump's missile strikes
--Authorities warn of Salt Typhoon threats in Canada,
--Aflac struck by likely Scattered Spider attack,
--DPRK likely behind BitoPro $11m theft,
--CoinMarketCap hit by wallet-draining attack,
--Hacker stole $250K …

DHS warns of likely Iranian cyberattacks following Trump's missile strikes
Authorities warn of Salt Typhoon threats in Canada, Aflac struck by likely Scattered Spider attack, DPRK likely behind BitoPro $11m theft, CoinMarketCap hit by wallet-draining attack, Hacker stole $250K from Hacken using leaked key, Garden Finance accused of laundering stolen crypto, much more

US offering $10 million for info on Iranian hackers behind IOControl malware https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware

Exclusive: Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack
https://www.cyberdaily.au/security/12158-exclusive-legal-practice-board-of-western-australia-confirms-dire-wolf-ransomwar…

Exclusive: Legal Practice Board of Western Australia confirms Dire Wolf ransomware attack
Hacker newcomers claim to have exfiltrated 300 gigabytes of data, including limited contact details and correspondence and bank account information.

Just as I was working to get out today's Metacurity issue, reports surfaced that Predatory Sparrow leaked the source code of Iran's Nobitex exchange.
https://www.jpost.com/middle-east/iran-news/article-858276

https://www.jpost.com/middle-east/iran-news/article-858131
This is the same group that hacked Sepah Bank.
“The hacker group known as "Gonjeshke Darande," or "predatory sparrow," announced on Wednesday that it stole $48 million in cryptocurrency…