Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.

Administered by:

Server stats:

242
active users

eupolicy.social: AboutProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.6

#vulnerabilities

3 posts3 participants0 posts today
Public
Xavier «X» Santolaria :verified_paw: :donor:

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #18/2025 is out!

It includes the following and much more:

🇫🇷 🇷🇺 France has linked Russian APT to 12 #cyberattacks on French Orgs.;

🇺🇸 Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation;

🐛 🍎 #Vulnerabilities in Apple's #AirPlay Protocol;

🚉 New York's Metropolitan Transportation Authority plans to use #AI and cameras to detect potential subway crimes before they happen;

🇨🇳 @SentinelOne Targeted by Chinese #PurpleHaze Group;

🔐 #Microsoft sets all new accounts #passwordless by default;

🇺🇸 💸 The #Trump administration plans to cut $491 million from #CISA's budget;

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

infosec-mashup.santolaria.net/

France has linked Russian APT to 12 cyberattacks on French Orgs.; Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation; Vulnerabilities in Apple's AirPlay Protocol; New York's Metropolitan Transportation Authority plans to use AI and cameras to detect potential subway crimes before they happen; SentinelOne Targeted by Chinse PurpleHaze Group; Microsoft sets all new Accounts passwordless by Default; The Trump administration plans to cut $491 million from CISA's budget;
X’s InfoSec Newsletter🕵🏻‍♂️ [InfoSec MASHUP] 18/2025France has linked Russian APT to 12 cyberattacks on French Orgs.; Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation; Vulnerabilities in Apple's AirPlay Protocol; New York's Metropolitan Transportation Authority plans to use AI and cameras to detect potential subway crimes before they happen; SentinelOne Targeted by Chinse PurpleHaze Group; Microsoft sets all new Accounts passwordless by Default; The Trump administration plans to cut $491 million from CISA's budget;
Public *
Marco Ivaldi

A couple of days ago, I unearthed my first #computer, an #MSX straight from the ‘80s. It was lost in some box in the basement for who knows how long. Just feeling its power switch gave me the goosebumps…

This discovery came after sharing my hacker’s origin story with Nic Fillingham and Wendy Zenone in a new episode of Microsoft’s #BlueHat #Podcast.

thecyberwire.com/podcasts/the-

Join us while we chat about my first-ever #CVE, overlooked #vulnerabilities that continue to pose significant risks today, #ActiveDirectory and #password security, my unexpected journey into #bugbounty hunting and my involvement in the #ZeroDayQuest, how to learn new things, mentorship and positive leadership, and of course pineapple pizza 🍍🍕

This is how you make a hacker
Public
knoppix

Researchers have revealed that defenses against "juice jacking" on #iOS and #Android can be easily bypassed.

Malicious chargers exploit #USB #vulnerabilities to steal #data.

The new "ChoiceJacking" technique allows attackers to #spoof user consent and access sensitive files.

Avoid using public charging USB ports to #protect your data.

arstechnica.com/security/2025/

Ars Technica · iOS and Android juice jacking defenses have been trivial to bypass for yearsBy Dan Goodin
#Technology#Tech#TechNews
Public
knoppix

#4chan has partially resumed operations after a significant #hack that exposed #vulnerabilities and led to a nearly two-week #shutdown.

The site attributes its struggles to financial constraints and pressure from advertisers, which have limited its ability to maintain #security.

4chan's team remains defiant, emphasizing the site's unique role in online culture.

techcrunch.com/2025/04/27/4cha

TechCrunch · 4chan is back online, says it's been ‘starved of money’ | TechCrunch4chan is partly back online after a hack took the infamous image-sharing site down for nearly two weeks. The site first went down on April 14, with the
#Technology#TechNews#Tech
Public
Xavier «X» Santolaria :verified_paw: :donor:

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2025 is out!

It includes the following and much more:

🇺🇸 👋🏻 Two top officials from #CISA resigned;

🇺🇸 💬 U.S. Defense Secretary Pete Hegseth caught in another information leak;

📊 Yearly Threat Intelligence Reports Released;

🇺🇸 💸 U.S. lost record $16.6 billion to #cybercrime in 2024;

🇺🇸 5.5 Million Patients Affected by #DataBreach at Yale New Haven Health;

🐛 💥 VulnCheck spotted 159 actively exploited #vulnerabilities in first few months of 2025;

🇺🇸 🇨🇳 FBI is seeking public help to identify Chinese hackers known as #SaltTyphoon and offers $10 million reward;

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

infosec-mashup.santolaria.net/

Two top officials from CISA resigned; U.S. Defense Secretary Pete Hegseth caught in another information leak; Yearly Threat Intelligence Reports Released; U.S. lost record $16.6 billion to cybercrime in 2024; 5.5 Million Patients Affected by Data Breach at Yale New Haven Health; VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025; FBI is seeking public help to identify Chinese hackers known as Salt Typhoon and offers $10 million reward;
X’s InfoSec Newsletter🕵🏻‍♂️ [InfoSec MASHUP] 16/2025Two top officials from CISA resigned; U.S. Defense Secretary Pete Hegseth caught in another information leak; Yearly Threat Intelligence Reports Released; U.S. lost record $16.6 billion to cybercrime in 2024; 5.5 Million Patients Affected by Data Breach at Yale New Haven Health; VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025; FBI is seeking public help to identify Chinese hackers known as Salt Typhoon and offers $10 million reward;
Public
gcve.eu

The digital signature of the directory file was added in response to requests from various open-source developers and GNAs.

#cve #gcve #vulnerabilities #opensource

🔗 FAQ gcve.eu/faq/#q13-is-the-json-f
🔗 Directory file gcve.eu/dist/

gcve.euFAQGCVE Frequently Asked Questions (FAQ)Q1: What is GCVE? A: GCVE (Global CVE Allocation System) is a new, decentralized system for identifying and numbering security vulnerabilities. It aims to increase flexibility, scalability, and autonomy for organizations involved in vulnerability management, while remaining compatible with the traditional CVE® system. Q2: How is GCVE different from the traditional CVE system? A: The main difference is decentralization. GCVE introduces GCVE Numbering Authorities (GNAs), which are independent entities that can allocate GCVE identifiers without needing blocks pre-allocated from a central authority or adhering strictly to centrally enforced policies. The traditional CVE system typically relies on a more centralized structure for ID allocation and policy.
Public
PrivacyDigest

'Stupid and Dangerous': #CISA Funding Chaos Threatens Essential #Cybersecurity Program

The #CVE Program is the primary way software #vulnerabilities are tracked. Its long-term future remains in limbo even after a last-minute renewal of the US government contract that funds it.

wired.com/story/cve-program-ci

WIRED · ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity ProgramBy Lily Hay Newman
Public
Tino Eberl

Nach dem drohenden Aus der #CVE-Liste startet die EU mit der eigenen Schwachstellendatenbank #EUVD.

Die Plattform der der EU-#Cybersicherheitsbehörde #ENISA soll laut NIS2-Richtlinie für mehr IT-Sicherheit in Europa sorgen.

Parallel arbeiten Initiativen an dezentralen und unabhängigen Lösungen. Eine mögliche Vertragsverlängerung durch die US-Behörde #CISA könnte den Dienst vorerst sichern.

heise.de/news/Nach-drohendem-C

heise online · Nach drohendem CVE-Aus: Schwachstellendatenbank der EU geht an den Start
More from Dr. Christopher Kunz
#Cybersecurity#Sicherheitslücken#ITSecurity
ExploreLive feeds
About