Silzee (@SilzeeJailbreak)

ClawSec 공개 소식: OpenClaw 봇을 위한 종합 보안 스킬 슈트인 ClawSec 출시 및 관련 웹페이지(prompt.security)와 GitHub 저장소 링크가 게시됨. OpenClaw 봇 보안 향상·취약점 대응을 목표로 한 오픈소스/툴킷 성격의 발표이며 트윗에 @ItakGol 언급 포함.

https://x.com/SilzeeJailbreak/status/2021045788626104752

#security #bots #opensource #devsec

NEW: Developers, crypto users, and job seekers beware - North Korea’s Lazarus Group is deploying a new #BeaverTail variant to steal credentials and crypto via fake job offers, dev tools and smart contracts.

Read: https://hackread.com/lazarus-embed-beavertail-variant-developer-tools/

#CyberSecurity #Lazarus #NorthKorea #DevSec #InfoStealer

Aufgrund einer fehlenden Prüfung auf den Dateityp war es in Form Block möglich, jede Art von Datei hochzuladen, indem man dem Server eine falsche Information über den Dateityp mitgab. Dieses Problem ist mit Form Block 1.5.6 behoben, ein Update wird empfohlen.

[…]

https://epiph.yt/blog/2025/beliebiger-datei-upload-in-form-block-1-5-6-behoben/

#DevSec #FormBlock #Plugin #Sicherheit #Update #WordPress

Due to a missing file type check, it was possible to upload files of any type in Form Block, just by telling the server that it is a different type. This has been fixed in Form Block 1.5.6, updating is highly recommended.

[…]

https://epiph.yt/en/blog/2025/fixing-arbitrary-file-upload-in-form-block-1-5-6/

#DevSec #FormBlock #Plugin #Security #Update #WordPress

🛡️ ¿Tu app está en internet? Ya puede estar en Shodan.

Antes de escanear, un atacante recolecta. Aprende cómo funciona el OSINT y qué info estás regalando sin saberlo.

Checklist + herramientas básicas para devs → https://greyhat.cl/posts/osint-para-desarrolladores-como-piensan-los-atacantes-antes-de-escanear-tu-app

#OSINT #Ciberseguridad #DevSec #DesarrolloSeguro #Greyhat

🚨 Mark your calendars! 🚨

Join us for the OWASP Global AppSec US Conference in Washington, D.C., November 3–7, 2025 at the Marriott Marquis!

We're thrilled to announce our keynote speaker: Adam Shostack

Ready to level up your skills, grow your network, and ignite your passion for security?

🎟️ Register now and be part of the future of cybersecurity! https://owasp.glueup.com/event/131624/register/

#OWASP #AppSec #Cybersecurity #ThreatModeling #GlobalAppSecUS #SecureCoding #DevSecOps #DevSec #WashingtonDC #Hacking

Join Liran Tal at OWASP Global AppSec EU 2025 in Barcelona for an eye-opening session on the real security implications of TypeScript!

🛡️ Friend or Foe? TypeScript Security Fallacies
📅 Thursday, May 29, 2025
⏰ 2:15 PM – 3:00 PM CEST

🔗 Register: https://owasp.glueup.com/event/123983/register/

With live demos and actionable insights, this talk is a must for anyone building with TypeScript.

#OWASP #AppSecEU2025 #TypeScriptSecurity #SecureCoding #DevSecOps #AppSec #DevSec #Barcelona

Join Dag Flachet at OWASP Global AppSec EU 2025 in Barcelona for a powerful session on building better AppSec programs—one small step at a time.

🔄 Kaizen for Your AppSec Program: Turning Big Problems into Small Steps
📅 Thursday, May 29, 2025
⏰ 3:30 PM – 4:15 PM CEST

🔗 Register: https://owasp.glueup.com/event/123983/register/

Perfect for AppSec managers and anyone looking to build sustainable, human-centered security practices.

#OWASP #AppSecEU2025 #DevSec #AppSec #SecureDevelopment #Barcelona