I was diagnosed with alpha-gal about 3 month ago, and my allergist tested a bunch of my existing allergies to see how it affected me. Apparently this has reversed my dairy allergy I have had since BIRTH. Bodies are weird, but I guess thank you Random Tick for giving me cheese back?!

Zuckerberg Caught in Revealing Hot Mic Moment During White House Dinner | Discussion

The Meta chatbot *invited him to a real location to meet*. What the ever living dystopian fuck. www.reuters.com/investigates...

Just found out I have Alpha-gal now. @foodallergyscience.org do you have any research going on into that?

Because most of us have used Notepad++ at one time or another. Note while the article calls out updating to 8.8.2 its still a release candidate so it's a manual update. socprime.com/blog/cve-202...

CVEs and ATT&CK TTPs currently being seen in use in the wild by known Iranian threat groups:

Lots of stuff down today...

Someone else said something very similar to this the other day, but. It really burns me that our (millennials') generation was legally terrorized for like, downloading Radiohead discographies But we're supposed to be ok with billionaires stealing human intellectual output in its entirety bc AI

Google Is Using AI to Censor Independent Websites Like Mine | Discussion

The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.

Pro tip: Are you using Ublock Origin? Add "google.com##.hdzaWe" without quotes to your Ublock Origin My Filters to block the google AI overview and apply changes.

The Windows Subsystem for Linux is now open source | Discussion

Saw this on @cyberciti.biz 's FB page...life of a web app tester lol

Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections.

Supply. Chain. Security. Can’t. Be. An. Afterthought

Curl: We still have not seen a single valid security report done with AI help | Discussion

Yeah let’s cut things when cyber attacks are becoming more sophisticated 😑

That feeling when you go and look up the URL for documentation for YARA-L and the Google AI helpfully(?) gives you an example rule for detecting ‘minicats’

Sign your names or you're a toaster, American cyber pros. https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs

One of my SOC team sent me this: cybersecuritynews.com/microsoft-de... TLDR: the false positive means tons of private Adobe documents were sent to Any.Runs public sandbox for analysis. They are marking all those docs private to reduce spillage but people keep uploading....

SANS has put out a checklist for developers to write more secure web apps. The biggest strength is a link to CWEs for each item to provide more detail. www.sans.org/cloud-securi...

Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.

The CVE database is being shutdown tomorrow per Brian Krebs. This is asinine. Cybersecurity depends on it. The OSV (osv.dev/list) is an alternative but it's sponsored by Google so who knows when they will shut it down. www.linkedin.com/feed/update/...

Car rental giant Hertz Corporation warns it suffered a data breach after customer data for its Hertz, Thrifty, and Dollar brands was stolen in the Cleo zero-day data theft attacks.

This is one reason why poor developer supply chain security is one of my biggest pet peeves. TLDR: AI makes up package names, hackers take advantage of that and create malicious packages with those hallucinated names. You download, get pwned. www.theregister.com/AMP/2025/04/...

remember this well, inter-net users: tomorrow is april fool’s day and that shit wasn’t funny twenty-five years BEFORE stupid AI image generators existed

Wordpress. Again. This is getting as bad as Adobe products back in the day :P

Here's an amicus brief being filed to ensure Seniors get celiac-safe food in care homes. This is hugely important to anyone who has the disease, but also should be expanded to hospitals for ANY celiac. nationalceliac.org/wp-content/u...

Fighting back against AI crawlers: techcrunch.com/2025/03/27/o...

GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED) Discussion

Nothing says happy Sunday morning like reporting a security bug to the software company that runs your doctor's patient portal system 😑 This one is so dumb too.

Everyone knows all the apps on your phone Discussion

OSS-SEC: Three bypasses of Ubuntu's unprivileged user namespace restrictions Discussion

Assuming this is what @rachelonthebay was referring to the other day

Me, playing Xenoblade Chronicles X for the first time: “Wow, that looks like the spaceship wreckage I’m supposed to find.” Me, moments after being stomped by a level 60 robot: “That was definitely NOT spaceship wreckage.”

Who’s got a Chromebook? cloudisland.nz/@rmi/1142198...

A breach at Oracle Health impacts multiple US healthcare organizations and hospitals after a threat actor stole patient data from legacy servers. This is not related to the alleged Oracle Cloud breach. www.bleepingcomputer.com/news/securit...

Vivaldi has announced the integration of Proton VPN directly into its browser without requiring add-on downloads or plugin activations, allowing users to protect their data against 'Big Tech' surveillance for free.

Oops

The concern is what happens to your data if 23+Me goes under or sells out...Even if you aren't in CA worth checking out if you did the tests. oag.ca.gov/news/press-r...

Decrypting Encrypted files from Akira Ransomware (Linux/ESXI variant 2024) using a bunch of GPUs -- "I recently helped a company recover their data from the Akira ransomware without paying the ransom. I’m sharing how I did it, along with the full source code."

A critical remote code execution (RCE) vulnerability in Apache Tomcat tracked as CVE-2025-24813 is actively exploited in the wild, enabling attackers to take over servers with a simple PUT request.

A supply chain attack on the widely used 'tj-actions/changed-files' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs.

Popular GitHub Action tj-actions/changed-files is compromised Discussion

Everything you say to your Echo will be sent to Amazon starting on March 28 Discussion