Tootfinder

Well, that's lovely...
#Security

Google Confirms Most Gmail Users Must Change Passwords
Do not let hackers gain access to your account.

VERY good and informative discussion about internet #supplychain #security at #igf2025. Are any lawmakers or parliamentarians watching?

The Protesters' Guide to #Smartphone #Security
https://www.

Critical #ContainerRegistry #Security Flaw: How Multi-Architecture Manifests Create Attack Vectors
https://

Hey #dotnet folks and #security wonks, join our #livestream today to learn about FAPI 2.0 and how to enhance security at your organization with the latest specification.
Also, drop in and say h…

I disabled my browser password extension for now #Security

TIL: Slack messages from private channels aren't private anymore, if someone post it in a public channel :🤯
Then everyone can read it.
I guess it's a feature and not a bug,, but I was really not expecting this!
#privacy #security

Modern programmers: "oh, let's hijack all #Python package managers in your bashrc without asking for consent, what could possibly go wrong."
And the best joke is, I didn't even really install the package — I was just making a random bugfix and running its test suite in a virtual environment.
#Gentoo #security

#Canada signs new #security and #defence partnership with #Europe

#Livewire v3 Remote Command Execution Vulnerability in Property Update Hydration 🚨🚨🚨
Critical #security #vulnerability in

Kommt noch jemand von Euch morgen in die #CyBARsecurity nach Bochum?
Würde mich freuen, mal ein paar aus der #Security Bubble im Fediverse persönlich kennen zu lernen.
PS: ich produziere übrigens seit einigen Jahren den WeTalkSecurity - ESET Podcast. Hört den jemand von Euch?

WeTalkSecurity - der ESET Podcast
WeTalkSecurity ist der deutschsprachige ESET Security Podcast zu den Bereichen Digitalisierung und IT-Sicherheit. Unsere Themen reichen vom Online-Shopping, Cyber-Spionage bis zur Absicherung des Unternehmensnetzwerks. Jeden Monat sprechen wir mit interessanten Gästen über aktuelle Themen aus der IT-Security. Über ESET ESET ist ein europäisches Unternehmen mit Hauptsitz in Bratislava (Slowakei). Seit 1987 entwickelt ESET preisgekrönte Sicherheits-Software, die bereits über 110 Million…

#Secure. Or not? This is the question! :) #security #software

🗑️ TapTrap: Animation‑Driven Tapjacking on Android
#android #security

Are you worried your #dotnet #security could be more secure? Join us for a #livestream on August 21st, 2025, to discuss FAPI 2.0, its relation to

A salutary reminder from work Slack: important backups (including recovery codes) should be stored in more than one location.
#Infosec #security #backups

Updates wir jetzt alle Outlook? #cyber #security #internet #BSI

BSI: Macht 2025 zum Jahr der E-Mail-Sicherheit!
Alle Unternehmen und Organisationen in Deutschland sollen dieses Jahr ihre E-Mail-Sicherheit verbessern. Das BSI gibt dazu viele Hilfestellungen.

#Schlagzeilen, die ich nicht lesen möchte:
#Security #Hacker #dataleak

#Security Alert: Massive #Laravel APP_KEY leak exposing 600 apps to remote code execution 🚨 #GitGuardian &

I've drafted support for verification of #PyPI provenance for #Gentoo.
You know, the new fancy thing that protects against supply chain attacks on PyPI, and verifies that you're using genuine #GitHub artifacts. Because, you know, GitHub repositories and deployment pipelines are an unlikely attack vector. And you definitely don't need to worry about #Microsoft owning the keys, the repositories and the pipelines at all.
#security #Python #SigStore

#UK Police Investigating #Handicapped Entrance #Security Scam At #Wembley After Hundreds Reportedly Gained Entry On Same

Well, I am complaining about #AI slop introducing some random bugs in a minor userspace project, and in the meantime I learn that #Linux #kernel LTS developers are using AI to backport patches, and creating new vulnerabilities in the process.
Note: the whole thread is quite toxic, so I'd take it with a grain of salt, but still looks like the situation is quite serious.
"You too can crash today's 6.12.43 LTS kernel thanks to a stable maintainer's AI slop."
And apparently this isn't the first time either:
"When AI decided to select a random CPU mitigation patch for backport last month that turned a mitigation into a no-op, nothing was done, it sat unfixed with a report for a month (instead of just immediately reverting it), and they rejected a CVE request for it."
#security #LLM #NVIDIA #Gentoo

When you spend an hour backporting #CPython #security fixes to all versions of #Python #Gentoo, because there was no planned security release, and a few hours later you spend time again bumping to the unexpected security releases.
And then you are surprised why you didn't mask Python 3.8 yet, and repeat the same mistake.
Oh, and ofc update your CPython and PyPy (fixed PyPy only in Gentoo).

If you’re building any #frontend #apps, you'll want to join us this Wednesday for a #security #livestream

Am I seeing #Django test failures because #Gentoo is up-to-date on #security backports to #Python? Of course.
(I didn't have time to report them yet.)

Yet another "HIGH severity" vulnerability in #Python.
Once again found in "Library" section of the NEWS, not in "#Security".
https://www.cve.org/CVERecord?id=CVE-2025-8194
https://github.com/python/cpython/pull/137027/files#diff-27f72e5ff09b9527a57610751506f7e37d371a2d55b1305b96dcefb9f2d6cf1e