Tootfinder

Trivy repo was compromised a second time: #infosec

20 Days Later: Trivy Compromise, Act II | Boost Security Labs
Almost exactly one year after the tj-actions/changed-files compromise, history repeats. Twenty days after the February Pwn Request that we documented in our MegaGame10418 report, it appears highly likely that the same stolen PAT (never rotated?) was weaponized. On March 19, 2026, the attacker used a compromised Aqua Security service account to push a poisoned v0.69.4 release of Trivy, distributing backdoored binaries through GitHub Releases, Homebrew, AWS ECR, and 75 of 76 tags on the trivy-act…

Ah yes, #LLM for exploit development.
In other words, we’ll now spent billions on offense & prevention to achieve new equilibrium (that we already sort of had).
Good job, us. #infosec

On the Coming Industrialisation of Exploit Generation with LLMs
Recently I ran an experiment where I built agents on top of Opus 4.5 and GPT-5.2 and then challenged them to write exploits for a zeroday vulnerability in the QuickJS Javascript interpreter. I adde…

New infosec AI guidance just dropped
#infosec #Shitpost #Shitposting

Yet another example of the endless, ever-descending spiral stairs to hell that is #infosec...
https://www.theguardian.com/science/2026/mar/…

Confidential health records from UK BioBank project exposed online
Exclusive: Guardian investigation finds data from flagship medical research leaked dozens of times

Dominos Pizza database got leaked. I started receiving spam on my dedicated email address for them.
#infosec #leak #dominos

(Via @… )
Why o why did I surrender to curiosity and peek? ... It seems that five years metaphorically lying down in a darkened room isn't long enough for the fundamental impossibility of #infosec to change or evolve.
"This pa…

The UK Cyber Security and Resilience Bill: A Practitioner's Guide to Legislative Reform, Compliance, and Organisational Readiness
The Cyber Security and Resilience (Network and Information Systems) Bill, introduced to Parliament in November 2025, represents the most significant reform of UK cyber security legislation in nearly a decade. This paper provides a comprehensive practitioner-oriented analysis of the Bill's provisions, their practical implications, and the steps organisations must take to achieve compliance. It examines the expanded regulatory scope covering managed service providers, data centres, and designated…

#infosec and #networking friends local and abroad, I hope this captures in part what some of you are fearing, sensing, or seeing. There is a lot more one could say, but topically relevant here, an excerpt to locally elected government officials:
"[...] I'm seeing and experiencing…

OH on slack: sometimes you think, "Oh, a regex could solve this." Now you have two ~problems~ administrators on your github repos
#devoops #sre #infosec

Good morning everyone! Somebody else on their way to Helsinki today? It's time for Disobey 2026!
#disobey26 #disobeyFI #infosec

Hardening Firefox with Anthropic’s Red Team 
#infosec

Hardening Firefox with Anthropic’s Red Team  | The Mozilla Blog
For more than two decades, Firefox has been one of the most scrutinized and security-hardened codebases on the web. Open source means our code is visible,

I so hope this blows up in his face spectacularly.
Note that I do not believe that any LLM can become as skilled as the least skilled #InfoSec professional using conventional tools, so I’m quite confident this will not reach any useful goal.
I’m saying he needs to learn a lesson, and it would be great if it were useful for others as well. @…

#infosec
They've mindlessly set it to be a password entry field so it can't be seen, but the 2FA app I'm copying the code from displays it in a nice large font.
They're checking the box for the sake of checking the box, not because it adds any security.
But at least it's inconvenient for all the users, so the policy has that going for it.

AWS ME-CENTRAL in UAE apparently has been hit.
I'm waiting for attacks on the submarine cables now...
#iranwar #epicfury #infosec
(Map from the Equinix Blog

#infosec annoyance of the day - I use a tool for work that requires me to put in a rolling one-time code for 2fa, and doesn't show the code as I'm typing it.
That would be ok, except if I switch apps to copy the code so I can paste it in, it usually forces me to re-enter my username and password, then even though I'm in the 30 second validity window, it refuses the code.
So I have to wait till the 30 seconds roll over, copy the code, switch to the tool, re-enter my username/password, hope it doesn't take so long to negotiate with the back end that the code in my clipboard expires, then finally paste the code.
Conveniently I only have to do it multiple times a day, every work day.

Omg not a triple barrier of magic!
#infosec #Monsterdon

🚨 Critical #Telnet Authentication Bypass Vulnerability Discovered #CVE202624061 #cybersecurity #infosec