Tootfinder

Mittwoch: US-Verbot von Routern ausgeweitet, Teenager wegen Ransomware verhaftet
Ausbau von Router-Verbot Anklage gegen Hacker-Jüngling Signal zur Phishing-Kampagne Spiele mit eigenem Betriebssystem iPhone-Problem mit Microsoft-Mail

Mittwoch: US-Verbot von Routern ausgeweitet, Teenager wegen Ransomware verhaftet
Ausbau von Router-Verbot + Anklage gegen Hacker-Jüngling + Signal zur Phishing-Kampagne + Spiele mit eigenem Betriebssystem + iPhone-Problem mit Microsoft-Mail

I had high hopes fro this article on Hacker News, but it is not what I expected:

Berichte: Cyberkriminelle knacken Mailfach des FBI-Chefs Patel
Cyberkriminelle veröffentlichen private Mails des FBI-Direktors Kash Patel, wie Medien berichten. Die mutmaßliche Tätergruppe ist den USA bekannt.

Crunchyroll is investigating a breach after hackers claimed they accessed a support agent's account and stole the personal information of ~6.8M users (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

Crunchyroll probes breach after hacker claims to steal 6.8M users' data
Popular anime streaming platform Crunchyroll is investigating a breach after hackers claimed to have stolen personal information for approximately 6.8 million people.

Gambit Security: an unknown hacker used Claude to steal 150GB of Mexican government data, including 195M taxpayer records, in December 2025 and January 2026 (Bloomberg)

A Chinese hacker group posing as a cybersecurity firm called Wuhan Anshun Technology stole around 7 million dollars in digital assets through supply chain attacks, with targets including popular wallet provider Trust Wallet.
https://crypto.news/china-hacker-group

China hacker group leaks $7M crypto theft operation targeting wallet supply chains​
A hacker group from China posing as a cybersecurity firm has allegedly stolen 7 million dollars via wallet supply‑chain attacks

Deanonimizzazione online su larga scala con LLM
Gli LLM possono essere utilizzati per eseguire una deanonimizzazione su larga scala. Con un accesso completo a Internet, il nostro agente può reidentificare gli utenti di Hacker News e i partecipanti ad Anthropic Interviewer con elevata precisione, dati solo profili e conversazioni online pseudonimi, un'operazione che richiederebbe ore a un investigatore umano dedicato. Progettiamo quindi attacchi per l'ambiente chiuso. Dati due d…

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
Starlink-Sperre und Hacker-Falle: Russlands digitale Front bröckelt
…

#HackerNews płonie 🔥 😎
https://news.ycombinator.com/item?id=47045612

Starlink-Sperre und Hacker-Falle: Russlands digitale Front bröckelt
Starlink wird für Moskau zum Verhängnis: Die Armee kaschiert Kommunikationsprobleme zwar, doch ukrainische Hacker nutzen gesperrte Terminals offenbar als Köder.

Wiens Hacker erbost - „Wie kommt NÖ auf die Idee, mir Befehle zu geben?“ #News #Nachrichten

Hacker Used Anthropic’s Claude to Steal Sensitive Mexican Data (gift link)

Amazon details how a Russian-speaking hacker used generative AI as part of a campaign that breached 600 FortiGate firewalls across 55 countries in five weeks (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

In case anyone finds #JavaScript for #UEFI funny/weird...
https://news.ycombinator.com/item?id=4694…

from my link log —
Notes on porting from Oracle to PostgreSQL.
https://news.ycombinator.com/item?id=21260001
saved 2019-10-15 https://

A hacker claims to have exfiltrated over 10 petabytes of sensitive military and research data from Tianjin’s National Supercomputing Centre
https://www.computing.co.uk/news/2026/china-superc…

China supercomputing hub hit by massive, alleged data breach
Hacker claims to have exfiltrated over 10 petabytes of sensitive military and research data from Tianjin’s National Supercomputing Center.

Crunchyroll is investigating a breach after hackers claimed they accessed a support agent's account and stole the personal information of ~6.8M users (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

Hacker News discussion of Michael's post:
<https://news.ycombinator.com/item?id=46949564>
@…

Hacker im Interview - Gastpatienten-Streit: Keine Lösung vor 2028! #News #Nachrichten

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
Gefahr im Schacht: Viele Aufzüge ohne Schutz gegen Hacker

I saw a Hacker News post linking an awesome Amiga graphics site. That site made me fall down the colour cycling rabbit hole and ending up here. These are STUNNING. For those who may be puzzled: Nothing is moved around in these images. There is a fixed palette of e.g. 64 colors and part of that palette starts swapping places. Usually in a wave-like pattern. That is what creates the motion. I haven't inspected these, but I suspect they use more than 64.

«Ausgerechnet eine KI findet #ZeroDay's in den Editoren Vim und Emacs:
Unter #Hacker'n und Sicherheitsexperten scheiden sich seit Jahrzehnten die Geister, ob nun #Vim oder

Ausgerechnet eine KI findet Zero-Days in den Editoren Vim und Emacs
Unter Hackern und Sicherheitsexperten scheiden sich seit Jahrzehnten die Geister, ob nun Vim oder Emacs der bessere Editor ist. Klar ist nun allerdings, dass beiden der zweifelhafte Ruhm zukommt, von einer KI eigenständig für unsicher erklärt zu werden.

Nie chce nic mówić, ale chyba naprawdę rozbiłem bank na tym #HackerNews. Trochę boję się wchodzić w komentarze, bo jest ich z 500, a to oznacza, że niejedna gównoburza się tam rozpętała. Jak wsiąknę to nie przestanę się wykłócać przez następne 48 godzin 😅
https://

So much infosec news, so little time. Check out today's Metacurity for the most critical cybersecurity developments you need to know, including
--ID documents for billionaires and top pols at Abu Dhabi conference were exposed online,
--Angola journalist was hacked with Intellexa spyware,
--Poland arrests Phobos ransomware affiliate,
--Severe flaw found in Dell RecoverPoint for Virtual Machine,
--Hacker who paid only a penny for a luxury hotel room was busted …

ID documents for billionaires and top politicians at Abu Dhabi conference were exposed online
Angola journalist was hacked with Intellexa spyware, Poland arrests Phobos ransomware affiliate, Severe flaw found in Dell RecoverPoint for Virtual Machine, Hacker who paid only a penny for a luxury hotel room busted in Spain, Oz financial technology company YouX suffered a massive breach, much more

Hacker an Mikl-Leitner - Gastpatienten-Streit brutal: „Auf Schnorrer-Trip“ #News #Nachrichten

Vercel says it detected unauthorized access to its internal systems after a hacker using the ShinyHunters handle claimed a breach on BreachForums (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/securit…

When you get an email from Apple—or, really, anyone telling you to complete a digital security measure—check the URL they’re trying to send you to...
That advice is fine for the technically savvy but doesn't work for a lot of people who don't have the knowledge to mentally parse urls.
getsupport.apple.com/customer...

getsupport.apple.com.phish.xyz...
People just pattern match on the substring "apple.com" because they don't understand tha…

LLMs are good at deanonymization.
#AI #LLMs

Large-scale online deanonymization with LLMs
We show that large language models can be used to perform at-scale deanonymization. With full Internet access, our agent can re-identify Hacker News users and Anthropic Interviewer participants at high precision, given pseudonymous online profiles and conversations alone, matching what would take hours for a dedicated human investigator. We then design attacks for the closed-world setting. Given two databases of pseudonymous individuals, each containing unstructured text written by or about tha…

from my link log —
ACME, a brief history of a protocol which has changed Internet security.
https://blog.brocas.org/2025/12/01/ACME-a-brief-history-of-one-of-the-protocols-which-has-changed-the-Internet-Security/

"Darknet Diaries Deutsch": Hieu - vom Darknet zum Datendealer Teil 1
Ein junger vietnamesischer Hacker will online Geld verdienen und landet im Darknet. Dort findet er einen globalen Daten-Schwarzmarkt.

Yes siree, never a shortage of critical cybersecurity news, so check out today's Metacurity for the most important developments you should know, including
--Anthropic case puts courts at center of fight over AI supply chain authority,
--Iran officials tied to cyber ops killed in airstrikes,
--Bennett and Brassard win Turing Award,
--Japan to allow offensive operations starting Oct. 1,
--Tech giants pledge to help open source with AI bug surge,
--Apple p…

Anthropic case puts courts at center of fight over AI supply chain authority
Iran officials tied to cyber ops killed in airstrikes, Bennett and Brassard win Turing Award, Japan to allow offensive operations starting Oct. 1, Tech giants pledge to help open source with AI bug surge, Apple patches WebKit flaw, Chinese hacker group steals $7m posing as a cyber firm, much more

Telus Digital confirms a security incident after ShinyHunters claimed to have stolen ~1PB of data from the Canadian outsourcing giant in a multimonth breach (Lawrence Abrams/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

ShinyHunters publishes alleged personal data from Harvard, UPenn breaches
https://www.newsbytesapp.com/news/science/shinyhunters-claims-harvard-upenn-breaches-publishes-over-a-million-records/story

Hacker group publishes alleged personal data from Harvard, UPenn breaches
A notorious hacking group has released personal data allegedly stolen from Harvard University and the University of Pennsylvania during last year's breaches.

The infosec news machine is blinking tilt and it's only Wednesday, so don't miss today's Metacurity for the critical developments you should know, including
--DOGE engineer stole hundreds of millions of US taxpayers' data, whistleblower,
--Meta unveils new fraud protections as an international operation disrupts scam compound activity,
--China bans OpenClaw apps on security grounds,
--Foreign hacker accessed Epstein files in 2023,
--Rudd confirmed…

DOGE engineer stole hundreds of millions of US taxpayers' data, whistleblower
Meta unveils new fraud protections as an international operation disrupts scam compound activity, China bans OpenClaw apps on security grounds, Foreign hacker accessed Epstein files in 2023, Rudd confirmed as Cybercom/NSA chief, Quittr app exposes (ahem) sensitive data, much more

from my link log —
How we ran a Unix-like OS (Xv6), on our home-built CPU, with our home-built C compiler.
https://fuel.edby.coffee/posts/how-we-ported-xv6-os-to-a-home-built-cpu-with-a-home-built-c-compiler/
saved …

Pour tester leur approche, les chercheurs ont relié des comptes Hacker News Š des profils LinkedIn dont l’appariement réel était connu, puis masqué. Résultat: dans un premier test, l’IA a réussi Š retrouver 226 identités sur 338 possibles. Autrement dit, elle en a identifié environ deux tiers, tout en ne se trompant que très rarement: parmi les correspondances qu’elle proposait, neuf sur dix étaient correctes.
https://www.letemps.ch/cyber/l-intelligence-artificielle-est-devenue-si-puissante-qu-elle-menace-desormais-l-anonymat-en-ligne

OpenClaw partners with VirusTotal and says that all skills published to ClawHub are now scanned using VirusTotal's threat intelligence (The Hacker News)
https://thehackernews.com/2026/02/openclaw-integrates-virustotal-scanning.html

OpenClaw Integrates VirusTotal Scanning to Detect Malicious ClawHub Skills
OpenClaw integrates VirusTotal Code Insight scanning for ClawHub skills following reports of malicious plugins, prompt injection & exposed instances.

from my link log —
Stop memset()ing structures.
https://www.anmolsarma.in/post/stop-struct-memset/
saved 2019-04-27 https://d…