Winbuzzer<p>Anthropic Claude Flaw Lets Attackers Steal Data Using AI’s Own API</p><p><a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mastodon.social/tags/Anthropic" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Anthropic</span></a> <a href="https://mastodon.social/tags/Claude" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Claude</span></a> <a href="https://mastodon.social/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/PromptInjection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PromptInjection</span></a> <a href="https://mastodon.social/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mastodon.social/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://mastodon.social/tags/AIThreats" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIThreats</span></a> <a href="https://mastodon.social/tags/EnterpriseAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EnterpriseAI</span></a> <a href="https://mastodon.social/tags/AISecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AISecurity</span></a> <a href="https://mastodon.social/tags/AISafety" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AISafety</span></a></p><p><a href="https://winbuzzer.com/2025/11/03/anthropic-claude-flaw-lets-attackers-steal-data-using-ais-own-api-xcxwbn" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">winbuzzer.com/2025/11/03/anthr</span><span class="invisible">opic-claude-flaw-lets-attackers-steal-data-using-ais-own-api-xcxwbn</span></a></p>
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.
Administered by:
Server stats:
11Kactive users
mstdn.social: About · Status · Profiles directory · Privacy policy · Terms of service
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#dataexfiltration
1 post · 1 participant · 0 posts today
Hacker News<p>Microsoft 365 Copilot – Arbitrary Data Exfiltration via Mermaid Diagrams</p><p><a href="https://www.adamlogue.com/microsoft-365-copilot-arbitrary-data-exfiltration-via-mermaid-diagrams-fixed/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">adamlogue.com/microsoft-365-co</span><span class="invisible">pilot-arbitrary-data-exfiltration-via-mermaid-diagrams-fixed/</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/Microsoft365Copilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft365Copilot</span></a> <a href="https://mastodon.social/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://mastodon.social/tags/MermaidDiagrams" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MermaidDiagrams</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TechNews</span></a></p>
Manuel Bissey<p>Researchers found a new “Camoleak” AI attack targeting GitHub Copilot — silently exfiltrating secrets from generated code. Convenience can’t come at the cost of control. 🧑💻🕵️♂️ <a href="https://cyberplace.social/tags/SecureAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecureAI</span></a> <a href="https://cyberplace.social/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a></p><p><a href="https://www.darkreading.com/application-security/github-copilot-camoleak-ai-attack-exfils-data" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/application-se</span><span class="invisible">curity/github-copilot-camoleak-ai-attack-exfils-data</span></a></p>
Pyrzout :vm:<p>Maruji & Raines (MRCPAs) Data Breach Exposes Client Documents <a href="https://dailydarkweb.net/maruji-raines-mrcpas-data-breach-exposes-client-documents/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dailydarkweb.net/maruji-raines</span><span class="invisible">-mrcpas-data-breach-exposes-client-documents/</span></a> <a href="https://social.skynetcloud.site/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.skynetcloud.site/tags/Maruji" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Maruji</span></a>&Raines <a href="https://social.skynetcloud.site/tags/DataBreaches" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreaches</span></a> <a href="https://social.skynetcloud.site/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedStates</span></a> <a href="https://social.skynetcloud.site/tags/Accounting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Accounting</span></a> <a href="https://social.skynetcloud.site/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://social.skynetcloud.site/tags/MRCPAs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MRCPAs</span></a> <a href="https://social.skynetcloud.site/tags/CPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CPA</span></a></p>
eicker.news ᳇ tech news<p>A vulnerability in <a href="https://eicker.news/tags/Perplexity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Perplexity</span></a> <a href="https://eicker.news/tags/Comet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Comet</span></a>, an <a href="https://eicker.news/tags/AIbrowser" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AIbrowser</span></a>, allows attackers to inject malicious instructions into webpage content. These instructions can be executed by the AI assistant, <a href="https://eicker.news/tags/bypassing" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>bypassing</span></a> traditional <a href="https://eicker.news/tags/websecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>websecurity</span></a> mechanisms. The attack demonstrates the need for new security architectures to prevent <a href="https://eicker.news/tags/unauthorisedactions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unauthorisedactions</span></a> and <a href="https://eicker.news/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a>. <a href="https://brave.com/blog/comet-prompt-injection/?eicker.news" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">brave.com/blog/comet-prompt-in</span><span class="invisible">jection/?eicker.news</span></a> <a href="https://eicker.news/tags/tech" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>tech</span></a> <a href="https://eicker.news/tags/media" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>media</span></a> <a href="https://eicker.news/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>news</span></a></p>
Pyrzout :vm:<p>Break The Air Gap With Ultrasound <a href="https://hackaday.com/2025/06/29/break-the-air-gap-with-ultrasound/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/06/29/break-</span><span class="invisible">the-air-gap-with-ultrasound/</span></a> <a href="https://social.skynetcloud.site/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://social.skynetcloud.site/tags/computerhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>computerhacks</span></a> <a href="https://social.skynetcloud.site/tags/SecurityHacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityHacks</span></a> <a href="https://social.skynetcloud.site/tags/ultrasound" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ultrasound</span></a> <a href="https://social.skynetcloud.site/tags/airgap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgap</span></a></p>
IT News<p>Break The Air Gap With Ultrasound - In the world of information security, much thought goes into ensuring that no info... - <a href="https://hackaday.com/2025/06/29/break-the-air-gap-with-ultrasound/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackaday.com/2025/06/29/break-</span><span class="invisible">the-air-gap-with-ultrasound/</span></a> <a href="https://schleuss.online/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://schleuss.online/tags/computerhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>computerhacks</span></a> <a href="https://schleuss.online/tags/securityhacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityhacks</span></a> <a href="https://schleuss.online/tags/ultrasound" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ultrasound</span></a> <a href="https://schleuss.online/tags/airgap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgap</span></a></p>
redoracle<p>Critical AI vulnerability EchoLeak exposed in Microsoft 365 Copilot! Learn about the zero-click attack and its implications. <a href="https://mastodon.social/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://redoracle.com/News/AI-Data-Leaks-EchoLeak-Vulnerability-Exposed.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">redoracle.com/News/AI-Data-Lea</span><span class="invisible">ks-EchoLeak-Vulnerability-Exposed.html</span></a></p>
Hacker News<p>EchoLeak – 0-Click AI Vulnerability Enabling Data Exfiltration from 365 Copilot</p><p><a href="https://www.aim.security/lp/aim-labs-echoleak-blogpost" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">aim.security/lp/aim-labs-echol</span><span class="invisible">eak-blogpost</span></a></p><p><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://mastodon.social/tags/EchoLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EchoLeak</span></a> <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://mastodon.social/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://mastodon.social/tags/365Copilot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>365Copilot</span></a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a></p>
Pyrzout :vm:<p>Coca-Cola Europacific Partners Allegedly Suffers Major Salesforce Data Breach <a href="https://dailydarkweb.net/coca-cola-europacific-partners-allegedly-suffers-major-salesforce-data-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">dailydarkweb.net/coca-cola-eur</span><span class="invisible">opacific-partners-allegedly-suffers-major-salesforce-data-breach/</span></a> <a href="https://social.skynetcloud.site/tags/CocaColaEuropacificPartners" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CocaColaEuropacificPartners</span></a> <a href="https://social.skynetcloud.site/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.skynetcloud.site/tags/DataBreaches" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreaches</span></a> <a href="https://social.skynetcloud.site/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://social.skynetcloud.site/tags/Salesforce" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Salesforce</span></a> <a href="https://social.skynetcloud.site/tags/CocaCola" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CocaCola</span></a></p>
CyberEthical.Me<p>🔎 MisCloud is just retired! Walkthrough disclosure - right from the clouds 😶🌫️</p><p>🔸 Google Cloud Services logs<br>🔸 Intense PCAP analysis<br>🔸 Really nice real-life scenario</p><p>🔗 <a href="https://blog.cyberethical.me/htb-sherlock-miscloud" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.cyberethical.me/htb-sherl</span><span class="invisible">ock-miscloud</span></a> </p><p>Want to try investigations yourself?</p><p>🔗 <a href="https://blog.cyberethical.me/go-htbapp" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">blog.cyberethical.me/go-htbapp</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/CyberEthical" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberEthical</span></a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackTheBox</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/blueteaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteaming</span></a> <a href="https://infosec.exchange/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsec</span></a> <a href="https://infosec.exchange/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://infosec.exchange/tags/googlecloudservices" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>googlecloudservices</span></a> <a href="https://infosec.exchange/tags/gcs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gcs</span></a> <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> <a href="https://infosec.exchange/tags/wireshark" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wireshark</span></a></p>
Pyrzout :vm:<p>Open-source malware doubles, data exfiltration attacks dominate <a href="https://www.helpnetsecurity.com/2025/04/03/open-source-malware-index-q1-2025/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/04/03</span><span class="invisible">/open-source-malware-index-q1-2025/</span></a> <a href="https://social.skynetcloud.site/tags/Dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dataexfiltration</span></a> <a href="https://social.skynetcloud.site/tags/cybercrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybercrime</span></a> <a href="https://social.skynetcloud.site/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://social.skynetcloud.site/tags/Don" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Don</span></a>'tmiss <a href="https://social.skynetcloud.site/tags/Sonatype" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sonatype</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/report" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>report</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a></p>
CyberEthical.Me<p>💣 Full write-up for "Tales for the Brave" - this year's Hard forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.</p><p>🔸 Code <a href="https://infosec.exchange/tags/deobfuscation" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deobfuscation</span></a><br>🔸 hashtag#Telegram data exfiltration<br>🔸 Malware behavioral analysis</p><p>🔗 <a href="https://blog.cyberethical.me/htb-ctf-2025-forensics-tales-for-the-brave" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.cyberethical.me/htb-ctf-2</span><span class="invisible">025-forensics-tales-for-the-brave</span></a> </p><p><a href="https://infosec.exchange/tags/CyberEthical" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberEthical</span></a> <a href="https://infosec.exchange/tags/CyberApocalypse25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberApocalypse25</span></a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackTheBox</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/blueteaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteaming</span></a> <a href="https://infosec.exchange/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsec</span></a> <a href="https://infosec.exchange/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a></p>
CyberEthical.Me<p>💣 Full write-up for ToolPie this year's forensics challenge from Hack The Box Cyber Apocalypse CTF - Tales From Eldoria.</p><p>🔸 PCAP (network capture) analysis<br>🔸 Python bytecode, marshalling, decompiling</p><p>🔗 <a href="https://blog.cyberethical.me/htb-ctf-2025-forensics-toolpie" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.cyberethical.me/htb-ctf-2</span><span class="invisible">025-forensics-toolpie</span></a></p><p><a href="https://infosec.exchange/tags/CyberEthical" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberEthical</span></a> <a href="https://infosec.exchange/tags/CyberApocalypse25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberApocalypse25</span></a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackTheBox</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pcap</span></a> <a href="https://infosec.exchange/tags/wireshark" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wireshark</span></a> <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/blueteaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blueteaming</span></a> <a href="https://infosec.exchange/tags/itsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>itsec</span></a> <a href="https://infosec.exchange/tags/dataexfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataexfiltration</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.space/@mwdawson" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>mwdawson</span></a></span> Yeah, just like <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a> demands from anyone residing within the <a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>USA</span></a>, conducting business in the USA or having a parent/subsidiary operating in the <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a>.</p><ul><li>Unlike <em>"<a href="https://infosec.space/tags/OpenAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenAI</span></a>"</em> you can at least run <a href="https://infosec.space/tags/DeepSeek" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DeepSeek</span></a> completely <em><a href="https://infosec.space/tags/airgapped" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airgapped</span></a></em> and on-premise and thus prevent any <a href="https://infosec.space/tags/leaks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leaks</span></a> or <a href="https://infosec.space/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a>.</li></ul><p>Something <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GAFAMs</span></a> work hard to let people do: KEEP <a href="https://infosec.space/tags/selfCustody" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>selfCustody</span></a> of their data!</p>
:awesome:🐦🔥nemo™🐦⬛ 🇺🇦🍉<p>Cybersecurity researchers have uncovered two malicious packages, zebo and cometlogger, on the Python Package Index (PyPI) that exfiltrate sensitive data from compromised systems! 🚨 With over 280 downloads before removal, these packages employ advanced techniques for surveillance and credential theft. Always verify code before running! 🔍💻 <a href="https://mas.to/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mas.to/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://mas.to/tags/Python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Python</span></a> <a href="https://mas.to/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://mas.to/tags/Fortinet" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Fortinet</span></a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>newz</span></a> </p><p><a href="https://thehackernews.com/2024/12/researchers-uncover-pypi-packages.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2024/12/rese</span><span class="invisible">archers-uncover-pypi-packages.html</span></a></p>
Huntress<p>Keep an eye on unexpected <a href="https://infosec.exchange/tags/WinRAR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WinRAR</span></a> activity—legitimate software doesn't always mean legitimate use. Identifying unusual command-line options can help uncover potential threats early. </p><p><a href="https://huntress.com/blog/its-not-safe-to-pay-safepay" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">huntress.com/blog/its-not-safe</span><span class="invisible">-to-pay-safepay</span></a> </p><p><a href="https://infosec.exchange/tags/ThreatHunting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatHunting</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.social/@gurkanctn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gurkanctn</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@nazgul" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nazgul</span></a></span> not just invading, but <a href="https://infosec.space/@kkarhan/113413999824933801" rel="nofollow noopener" target="_blank">illegal</a>...</p><ul><li>Imagine if a Web Mailer (i.e. Protonmail) or eMail client (i.e. Outlook) were to scan your <code>/home/</code> directory and <em>preemptively upload</em> all the PDFs and OOXML files to OneDrive just in case you want to sent them from your laptop...</li></ul><p>This is called an <em>"info stealer"</em> and it's classified as a malware for <em>very good reasons</em>!</p><p><a href="https://infosec.space/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://infosec.space/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a> <a href="https://infosec.space/tags/ConsumerRights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConsumerRights</span></a> <a href="https://infosec.space/tags/InfoStealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoStealer</span></a> <a href="https://infosec.space/tags/Instagram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Instagram</span></a> <a href="https://infosec.space/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://infosec.space/tags/NSAbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSAbook</span></a> <a href="https://infosec.space/tags/StasiBook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StasiBook</span></a> <a href="https://infosec.space/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://infosec.space/tags/GDPR" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GDPR</span></a> <a href="https://infosec.space/tags/BDSG" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BDSG</span></a> <a href="https://infosec.space/tags/GAFAMs" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GAFAMs</span></a> <a href="https://infosec.space/tags/PRISM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PRISM</span></a> <a href="https://infosec.space/tags/CloudAct" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CloudAct</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mastodon.online/@nickali" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nickali</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@nazgul" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nazgul</span></a></span> that's because they never faced actual accountability nor consequences.</p><ul><li>And I don't mean a fine, but actual jailtime! </li></ul><p><a href="https://infosec.space/@kkarhan/113413999824933801" translate="no" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1134139</span><span class="invisible">99824933801</span></a><br><a href="https://infosec.space/@kkarhan/113414012396154242" translate="no" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.space/@kkarhan/1134140</span><span class="invisible">12396154242</span></a></p><p><a href="https://infosec.space/tags/Accountability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Accountability</span></a> <a href="https://infosec.space/tags/Consequences" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Consequences</span></a> <a href="https://infosec.space/tags/LackOfAccountability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LackOfAccountability</span></a> <a href="https://infosec.space/tags/LackOfConsequences" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LackOfConsequences</span></a> <a href="https://infosec.space/tags/NSAbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSAbook</span></a> <a href="https://infosec.space/tags/StadiBook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StadiBook</span></a> <a href="https://infosec.space/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://infosec.space/tags/InfoStealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoStealer</span></a> <a href="https://infosec.space/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a></p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://mstdn.social/@femme_mal" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>femme_mal</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@Catawu" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>Catawu</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.sdf.org/@DamonWakes" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>DamonWakes</span></a></span> <span class="h-card" translate="no"><a href="https://merveilles.town/@lrhodes" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lrhodes</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@nazgul" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>nazgul</span></a></span> either way I'm convinced this shit is so flatout illegal in the EU that it's literally a felony in places like Germany, where even having such functionality may fall under <em>"production, possession, distribution and use of tools to facilitate data manipulation and/or extraction against the owners' consent"</em> (<a href="http://gesetze-im-internet.de/stgb/__202c.html" rel="nofollow noopener" target="_blank">§202c penal code</a>)...</p><p>But that's <a href="https://infosec.space/@kkarhan/113413999824933801" rel="nofollow noopener" target="_blank">just</a> <a href="https://infosec.space/@kkarhan/113413981213042913" rel="nofollow noopener" target="_blank">my opinion</a>, and <a href="https://infosec.space/tags/NotLegalAdvice" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NotLegalAdvice</span></a>! </p><p><a href="https://infosec.space/tags/EU" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EU</span></a> <a href="https://infosec.space/tags/Germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Germany</span></a> <a href="https://infosec.space/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://infosec.space/tags/NSAbook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NSAbook</span></a> <a href="https://infosec.space/tags/InfoSealer" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSealer</span></a> <a href="https://infosec.space/tags/DataExfiltration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataExfiltration</span></a> <a href="https://infosec.space/tags/DataProtection" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataProtection</span></a> <a href="https://infosec.space/tags/ConsumerRights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ConsumerRights</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload