PrivacyDigest<p>Do not DL the app, use the <a href="https://mas.to/tags/website" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>website</span></a></p><p>Beyond the Hype: The Real Reasons Companies Want You on Their App</p><p>The answer, in short, is data. A lot of it. And access. A whole lot more of that too</p><p>What can a website on your <a href="https://mas.to/tags/browser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>browser</span></a> really get from you? Unless you manually upload your contact info, or there's a serious <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mas.to/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> , a website's access to your phone's deeper functions is quite limited</p><p>Apps, on the other hand, are a different beast entirely<br><a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p><p><a href="https://idiallo.com/blog/dont-download-apps" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">idiallo.com/blog/dont-download</span><span class="invisible">-apps</span></a></p>
eupolicy.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
This Mastodon server is a friendly and respectful discussion space for people working in areas related to EU policy. When you request to create an account, please tell us something about you.
Administered by:
Server stats:
209active users
eupolicy.social: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#vulnerability
18 posts · 15 participants · 0 posts today
Alexandre Dulaunoy<p>I love the <span class="h-card" translate="no"><a href="https://infosec.exchange/@github" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>github</span></a></span> Security Advisory Database because they actually preserve the data from rejected advisories including the original information and the reason for rejection.</p><p>It’s clearly much more insightful than just having a bare ID marked as "rejected."</p><p>You can easily spot this in vulnerability-lookup: <a href="https://vulnerability.circl.lu/vuln/cve-2025-54371#related" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/cv</span><span class="invisible">e-2025-54371#related</span></a></p><p>Yet another great example of why having diverse sources for vulnerability data matters.</p><p><a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Pyrzout :vm:<p>Replit AI Agent Deletes Sensitive Data Despite Explicit Instructions – Source:hackread.com <a href="https://ciso2ciso.com/replit-ai-agent-deletes-sensitive-data-despite-explicit-instructions-sourcehackread-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/replit-ai-agent-</span><span class="invisible">deletes-sensitive-data-despite-explicit-instructions-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/artificialintelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>artificialintelligence</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/AgenticAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AgenticAI</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/ReplitAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ReplitAI</span></a> <a href="https://social.skynetcloud.site/tags/Coding" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Coding</span></a> <a href="https://social.skynetcloud.site/tags/SaaStr" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SaaStr</span></a> <a href="https://social.skynetcloud.site/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a></p>
Benjamin Carr, Ph.D. 👨🏻💻🧬<p><a href="https://hachyderm.io/tags/AIslop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIslop</span></a> and fake reports are exhausting <a href="https://hachyderm.io/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://hachyderm.io/tags/bugbounties" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugbounties</span></a><br>The world of <a href="https://hachyderm.io/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about <a href="https://hachyderm.io/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://hachyderm.io/tags/slop" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>slop</span></a> <a href="https://hachyderm.io/tags/bugbounty" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bugbounty</span></a> reports, meaning reports that claim to have found <a href="https://hachyderm.io/tags/vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilities</span></a> that do not actually exist, because they were created with a <a href="https://hachyderm.io/tags/largelanguagemodel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>largelanguagemodel</span></a> (<a href="https://hachyderm.io/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a>) that simply made up the <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a>, and then packaged it into a professional-looking writeup<br><a href="https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2025/07/24/ai-s</span><span class="invisible">lop-and-fake-reports-are-exhausting-some-security-bug-bounties/</span></a></p>
SECUSO Research<p>The paper “Do (Not) Tell Me About My Insecurities: Assessing the Status Quo of Coordinated <a href="https://xn--baw-joa.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> Disclosure in Germany Amid New EU <a href="https://xn--baw-joa.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> Regulations” by Sebastian Neef, Cenk Schlunke, and Anne Hennig has been accepted for publication at the 2025 European Symposium on Usable <a href="https://xn--baw-joa.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> (<a href="https://xn--baw-joa.social/tags/EuroUSEC2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EuroUSEC2025</span></a>). Within a longitudinal study, the <a href="https://xn--baw-joa.social/tags/paper" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>paper</span></a> analyzed the adoption, challenges, and experiences of the 40 companies listed on Germany’s <a href="https://xn--baw-joa.social/tags/DAX" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DAX</span></a> (the country’s primary stock market index) with CVD programs. The adoption rates show a significant increase from 50% (2023) to over 90% (2025), with ten new CVD programs and 25 new security.txt files now available. Answers in the survey that accompanied the study, reveal that, for example, legal obligations (e.g., NIS2 and CRA) drive the adoption of CVD practices, but a lack of (human) resources and varying report quality are considered drawbacks. EuroUSEC 2025 will take place September 11 and 12, 2025 in Manchester, UK.<br>More about EuroUSEC: <a href="https://eurousec2025.cis.strath.ac.uk/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">eurousec2025.cis.strath.ac.uk/</span><span class="invisible"></span></a></p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@gehaxelt" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gehaxelt</span></a></span></p>
BeyondMachines :verified:<p>Mozilla releases updates for Firefox, 18 vulnerabilities patched, multiple critical</p><p>Mozilla released Firefox and Thunderbird security updates addressing multiple high-severity vulnerabilities with CVSS scores up to 9.8, including several memory safety bugs and JavaScript engine flaws that could enable arbitrary code execution and system compromise. The patches affect Firefox 141, multiple Firefox ESR versions (115.26, 128.13, 140.1), and corresponding Thunderbird releases.</p><p>**Time to update your Mozilla Firefox, Thunderbird and the Firefox based browsers (Waterfox, LibreWolf, Zen...). Yes, there is a difference between the CVSS score severity and Mozilla severity. But realistically, it's much faster to just update the browser than burn time on debating the severity and then finding out that hackers did find a way to exploit it - after they hacked you. So update the browsers, all tabs reopen automatically.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/advisory" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>advisory</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a><br><a href="https://beyondmachines.net/event_details/mozilla-releases-updates-for-firefox-18-vulnerabilities-patched-multiple-critical-q-0-k-m-8/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/mozilla-releases-updates-for-firefox-18-vulnerabilities-patched-multiple-critical-q-0-k-m-8/gD2P6Ple2L</span></a></p>
Pyrzout :vm:<p>Hackers Injected Malicious Firefox Packages in Arch Linux Repo <a href="https://gbhackers.com/hackers-injected-malicious-firefox-packages/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">gbhackers.com/hackers-injected</span><span class="invisible">-malicious-firefox-packages/</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/FirefoxNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FirefoxNews</span></a> <a href="https://social.skynetcloud.site/tags/Firefox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Firefox</span></a></p>
CVE Program<p>The Rust Project is now a CVE Numbering Authority (CNA) assigning CVE IDs for repositories, packages, & websites maintained by the Rust Project<br> <a href="https://cve.org/Media/News/item/news/2025/07/22/The-Rust-Project-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/The-Rust-Project-Added-as-CNA</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a></p>
CVE Program<p>TCS-CERT is now a CVE Numbering Authority (CNA) assigning CVE IDs for vulnerabilities related to TCS-CERT’s customers’ environment and vulnerabilities related to research conducted by Cyber Solutions by Thales’ Intrusion and Application Security Team <br> <br><a href="https://cve.org/Media/News/item/news/2025/07/22/TCS-CERT-Added-as-CNA" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cve.org/Media/News/item/news/2</span><span class="invisible">025/07/22/TCS-CERT-Added-as-CNA</span></a> </p><p><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cna</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
CERT-EU<p><a href="https://infosec.exchange/tags/CERTEU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CERTEU</span></a> <br><a href="https://infosec.exchange/tags/ENISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ENISA</span></a> <br><a href="https://infosec.exchange/tags/CSIRT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CSIRT</span></a> <br><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> </p><p><a href="https://cert.europa.eu/blog/sharepoint-vulnerabilities-joint-statement" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cert.europa.eu/blog/sharepoint</span><span class="invisible">-vulnerabilities-joint-statement</span></a></p>
CVE Program<p>Minutes from the CVE Board teleconference meeting on July 9 are now available <br> <br><a href="https://www.mail-archive.com/cve-editorial-board-list@mitre.org/msg00283.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">mail-archive.com/cve-editorial</span><span class="invisible">-board-list@mitre.org/msg00283.html</span></a> <br> <br><a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://mastodon.social/tags/hssedi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hssedi</span></a> <a href="https://mastodon.social/tags/cisa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cisa</span></a> <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
Hackread.com<p>📢 Microsoft reveals 3 Chinese state-backed hacker groups, including Linen Typhoon, Violet Typhoon, and Storm-2603, are exploiting <a href="https://mstdn.social/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> flaws, breaching over 100 organisations.</p><p>Read: <a href="https://hackread.com/microsoft-chinese-state-hackers-exploit-sharepoint-flaws/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/microsoft-chinese</span><span class="invisible">-state-hackers-exploit-sharepoint-flaws/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/China" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>China</span></a> <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://mstdn.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a></p>
ReynardSec<p>Lately 🫠 has become my favorite emoji, not just because of the weather.</p><p>"Microsoft knew of SharePoint server exploit but failed to effectively patch it"</p><p><a href="https://www.reuters.com/sustainability/boards-policy-regulation/microsoft-knew-sharepoint-server-exploit-failed-effectively-patch-it-2025-07-22/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/sustainability/boa</span><span class="invisible">rds-policy-regulation/microsoft-knew-sharepoint-server-exploit-failed-effectively-patch-it-2025-07-22/</span></a> </p><p>"Microsoft subsequently said in a July 8 security update that it had identified, opens new tab the bug, listed it as a critical vulnerability, and released patches to fix it.</p><p>Around 10 days later, however, cybersecurity firms started to notice an influx of malicious online activity targeting the same software the bug sought to exploit: SharePoint servers".</p><p><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a></p>
Hackread.com<p>Hackers are exploiting critical <a href="https://mstdn.social/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> vulnerabilities to breach global targets, including governments and corporations.</p><p>Read: <a href="https://hackread.com/hackers-exploit-microsoft-sharepoint-flaws-breaches/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/hackers-exploit-m</span><span class="invisible">icrosoft-sharepoint-flaws-breaches/</span></a></p><p><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mstdn.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a></p>
PrivacyDigest<p><a href="https://mas.to/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> Fix Targets Attacks on <a href="https://mas.to/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://mas.to/tags/ZeroDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ZeroDay</span></a> </p><p>Microsoft Corp. issued an emergency <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> update for a <a href="https://mas.to/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> in SharePoint Server that is actively being <a href="https://mas.to/tags/exploited" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>exploited</span></a> to compromise <a href="https://mas.to/tags/vulnerable" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerable</span></a> organizations. The <a href="https://mas.to/tags/patch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>patch</span></a> comes amid reports that malicious <a href="https://mas.to/tags/hackers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hackers</span></a> have used the SharePoint flaw to <a href="https://mas.to/tags/breach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>breach</span></a> U.S. federal and state agencies, universities, and energy companies.<br><a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p><p><a href="https://krebsonsecurity.com/2025/07/microsoft-fix-targets-attacks-on-sharepoint-zero-day/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">krebsonsecurity.com/2025/07/mi</span><span class="invisible">crosoft-fix-targets-attacks-on-sharepoint-zero-day/</span></a></p>
gcve.eu<p>GCVE.eu initiative - introduction and how to become a GNA. Video published.</p><p><a href="https://social.circl.lu/tags/gcve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcve</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/cve" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cve</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> </p><p>📽️ <a href="https://www.youtube.com/watch?v=Va3almPab1M" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=Va3almPab1</span><span class="invisible">M</span></a></p>
CVE Program<p>1,133 CVE Records + severity scores when available in CISA’s Vulnerability Summary bulletin for the week of July 7, 2025 <br> <br><a href="https://www.cisa.gov/news-events/bulletins/sb25-195" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cisa.gov/news-events/bulletins</span><span class="invisible">/sb25-195</span></a> <br> <br><a href="https://mastodon.social/tags/CVE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE</span></a> <a href="https://mastodon.social/tags/CVEID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVEID</span></a> <a href="https://mastodon.social/tags/CVSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVSS</span></a> <a href="https://mastodon.social/tags/CWE" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CWE</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/VulnerabilityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VulnerabilityManagement</span></a> <a href="https://mastodon.social/tags/HSSEDI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HSSEDI</span></a> <a href="https://mastodon.social/tags/CISA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CISA</span></a></p>
Hackread.com<p>Microsoft confirms active exploits of two SharePoint vulnerabilities, urges immediate patching for on-prem users.</p><p>Read: <a href="https://hackread.com/microsoft-hackers-exploit-sharepoint-flaws-patch-now/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/microsoft-hackers</span><span class="invisible">-exploit-sharepoint-flaws-patch-now/</span></a></p><p><a href="https://mstdn.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mstdn.social/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> <a href="https://mstdn.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://mstdn.social/tags/SharePoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SharePoint</span></a> <a href="https://mstdn.social/tags/windows" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>windows</span></a></p>
BeyondMachines :verified:<p>Ukrainian Military Intelligence claims cyberattack on Russia's energy giant Gazprom</p><p>Ukraine's Main Intelligence Directorate claims responsibility for a cyberattack on July 17, 2025, against Russian state energy giant Gazprom that allegedly wiped critical data and rendered systems inoperable, compromising corporate databases, SCADA systems, financial records, and user profiles for over 20,000 employees. Gazprom and Russian authorities have commented on the claims.</p><p>****<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a><br><a href="https://beyondmachines.net/event_details/ukrainian-military-intelligence-claims-cyberattack-on-russia-s-energy-giant-gazprom-c-r-7-8-k/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/ukrainian-military-intelligence-claims-cyberattack-on-russia-s-energy-giant-gazprom-c-r-7-8-k/gD2P6Ple2L</span></a></p>
circl<p>Customer guidance for SharePoint vulnerability CVE-2025-53770 | MSRC Blog | Microsoft Security Response Center</p><p>🔗 <a href="https://vulnerability.circl.lu/bundle/7eb6b389-20dd-404f-90c4-314ed370fcc5" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/bundle/</span><span class="invisible">7eb6b389-20dd-404f-90c4-314ed370fcc5</span></a></p><p><a href="https://social.circl.lu/tags/sharepoint" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sharepoint</span></a> <a href="https://social.circl.lu/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerabilitymanagement</span></a> <a href="https://social.circl.lu/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.circl.lu/tags/microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>microsoft</span></a> <a href="https://social.circl.lu/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload