Tokyo Outsider (337ppm)10m ago

"The lasting damage was knowing it could happen at all: that a single contributor with no stated organizational backing could submit compliance infrastructure for surveillance law directly into the software that boots your computer, get it merged by two Microsoft employees, and have the creator of systemd personally block the removal."

Sheesh.

https://www.sambent.com/the-engineer-who-tried-to-put-age-verification-into-linux-5/

#ArchLinux #linux #microsoft #privacy #security #systemd #Ubuntu

The Engineer Who Tried to Put Age Verification Into Linux

Dylan, useful idiot with commit access, pushed age verification PRs to systemd, Ubuntu & Arch, got 2 Microslop employees to merge it, called it 'hilariously pointless' in the PR itself, then watched Lennart personally block the revert. Unpaid compliance simp.

Sam Bent
Koelman.IT41m ago

Oracle heeft een ernstig beveiligingslek gedicht in twee onderdelen van Fusion Middleware: Oracle Identity Manager (OIM) en Oracle Web Services Manager (OWSM). Door onvoldoende toegangscontroles in deze componenten konden externe aanvallers zonder in...

Lees verder op: https://koelman.it/project/beveiligingsadvies-ncsc-2026-0099-1-00-m-h-kwetsbaarheid-verholpen-in-oracle-identity-manager-en-oracle-web-services-manager/

#IT #security #ncsc #windows #architecture

PrivacyDigest1h ago

A Top #Democrat Is Urging Colleagues to Support Trump’s #Spy Machine

Congressman #JimHimes claims a sweeping #surveillance authority should stay intact because he hasn't seen abuses by #KashPatel 's #FBI , according to internal messaging obtained by WIRED.
#privacy #security

> an #authoritarian administration loves to #abuse surveillance. Either he’s not looking or I start wondering if they have something on him

https://www.wired.com/story/a-top-democrat-is-urging-colleagues-to-support-trumps-spy-machine/

A Top Democrat Is Urging Colleagues to Support Trump’s Spy Machine

Congressman Jim Himes claims a sweeping surveillance authority should stay intact because he hasn't seen abuses by Kash Patel's FBI, according to internal messaging obtained by WIRED.

WIRED
PrivacyDigest1h ago

Widely used #Trivy #scanner compromised in ongoing supply-chain #attack

#Hackers have compromised virtually all versions of #AquaSecurity ’s widely used Trivy #vulnerability scanner in an ongoing #supplychain attack that could have wide-ranging consequences for #developers and the organizations that use them.

Trivy maintainer Itay Shakury confirmed the compromise on Friday,
#security #privacy

https://arstechnica.com/security/2026/03/widely-used-trivy-scanner-compromised-in-ongoing-supply-chain-attack/

Widely used Trivy scanner compromised in ongoing supply-chain attack

Admins: Sorry to say, but it's likely a rotate-your-secrets kind of weekend.

Ars Technica
Casa De Ratton1h ago
DNS firewall score: 138694 blocked. Advertising bots defeated. #security
TierraSapiens2h ago

🖲️ #Cybersecurity #Ciberseguridad #Ciberseguranca #Security #Seguridad #Seguranca #News #Noticia #Noticias #Tecnologia #Technology
⚫ DarkSword: iPhone Exploit Kit Serves Spies & Thieves Alike
🔗 https://www.darkreading.com/threat-intelligence/darksword-iphone-exploit-spies-thieves

A sophisticated iOS exploit chain leverages multiple zero-day vulnerabilities and is targeting users in Saudi Arabia, Turkey, Malaysia, and Ukraine.

nigel2h ago

#australia needs to follow Germany's #digitalsovereignty and #security move mandating Open Document Format for public administration.

"Germany’s decision to anchor ODF at the heart of its national sovereign stack confirms what we have argued for years: open, vendor-neutral document formats are not a niche concern for some technology specialists and FOSS advocates. They are a fundamental infrastructure for democratic, interoperable and sovereign public administrations."

https://blog.documentfoundation.org/blog/2026/03/19/germanys-sovereign-digital-stack-mandates-odf

Germany's Sovereign Digital Stack Mandates ODF: a Landmark Validation of Open Document Standards - TDF Community Blog

The Document Foundation (TDF), the non-profit entity behind LibreOffice, welcomes the inclusion of the Open Document Format (ODF) as a mandated standard format in Germany’s Deutschland-Stack, the federal government’s sovereign digital infrastructure framework for all public administrations. The Stack, published by the German Federal Ministry for Digital and State Modernisation (Bundesministerium für Digitales und Staatsmodernisierung), establishes the technical standards for a shared, interoperable and sovereign digital infrastructure serving all Germany’s public administrations. Under the framework’s “Semantic Technologies and Real-Time Analytics” pillar, ODF and PDF/UA are explicitly named as the two mandated document formats, to the exclusion of proprietary alternatives. “This is not a recommendation or a preference, it is a mandate,” said Florian Effenberger, Executive Director of The Document Foundation. “Germany’s decision to anchor ODF at the heart of its national sovereign stack confirms what we have argued for years: open, vendor-neutral document formats are not a niche concern for some technology specialists and FOSS advocates. They are a fundamental infrastructure for democratic, interoperable and sovereign public administrations.” The Deutschland-Stack is grounded in a set of principles that align with TDF’s long-standing advocacy positions. The framework adopts a “Made in EU first” principle, requires open interfaces and local data storage,

TDF Community Blog
TierraSapiens3h ago

🖲️ #Cybersecurity #Ciberseguridad #Ciberseguranca #Security #Seguridad #Seguranca #News #Noticia #Noticias #Tecnologia #Technology
⚫ Meta, TikTok Steal Users' Sensitive PII When They Click on Ads
🔗 https://www.darkreading.com/cyber-risk/meta-tiktok-steal-sensitive-pii

Tracking pixels let social media companies spy on their own customers when they click over to advertiser sites, gleaning credit card info, currency type, and more.

Researchers: Meta, TikTok Steal Personal Info via Ad Clicks

Tracking pixels let social media companies spy on users even after they click over to advertiser sites, gleaning credit card info, geolocations, and more.

Dark Reading
LBHuston3h ago

The moment that really pushed me forward came when I started testing real prompt-injection payloads against simple LLM workflows that pull content from the internet

Read more 👉 https://lttr.ai/ApXaJ

#Security #Infosec #Ai

Building MSI PromptDefense Suite: How a Safety Tool Became a Security Platform

Tweet The Impetus: Wanting Something We Could Actually Run Like many security folks watching the rise of LLM-driven workflows, I kept hearing the same conversations about prompt injection. They were thoughtful discussions. Smart people. Solid theory. But the theory wasn’t … Continue reading →

MSI :: State of Security
LBHuston3h ago

If you want experienced consultants to help evaluate the security of your AI deployments — contact the MicroSolved team to start the conversation.

Read the full article: Building MSI PromptDefense Suite: How a Safety Tool Became a Security Platform
https://lttr.ai/ApXZJ

#Security #Infosec #Ai