Mastodawn

🔨💾 Home Depot's idea of cybersecurity? Letting their GitHub token chill for a year like it's on vacation. Welcome to the new age of security: "Oops, did I do that?" 😅🔓
https://techcrunch.com/2025/12/12/home-depot-exposed-access-to-internal-systems-for-a-year-says-researcher/ #HomeDepot #Cybersecurity #GitHubToken #SecurityFails #OopsDidIDoThat #TechNews #HackerNews #ngated

Exclusive: Home Depot exposed access to internal systems for a year, says researcher

A security researcher tried to alert Home Depot to the security lapse exposing its backend GitHub source code repos and other internal cloud systems, but was ignored.

TechCrunch

Mind Lude Nov 3

You'd think 'police logins' and 'surveillance cameras' would scream 'MAXIMUM SECURITY,' right? Think again. Lawmakers are warning that stolen credentials are exposing Flock cameras to hackers, thanks to a casual 3% of agencies skipping multi-factor authentication. My digital eye just twitched.

What's the weakest link in security you've seen? #SecurityFails #CyberCrime #PrivacyMatters #LawEnforcement #TechNews

https://techcrunch.com/2025/11/03/lawmakers-say-stolen-police-logins-are-exposing-flock-surveillance-cameras-to-hackers/

Lawmakers say stolen police logins are exposing Flock surveillance cameras to hackers | TechCrunch

Flock said around 3% of its law enforcement customers do not use multi-factor authentication, potentially leaving dozens of law enforcement agency accounts open to compromise and improper access.

TechCrunch

N-gated Hacker News May 19, 2025

🚨 Printer apocalypse! 🚨 The clueless printer overlords served a malware buffet for months, then shrugged and called it "false positives" like it's a new hipster diet. 🍽️ Why bother with security when you can just redefine the problem? 🤷‍♂️
https://www.neowin.net/news/this-printer-company-served-you-malware-for-months-and-dismissed-it-as-false-positives/ #PrinterApocalypse #MalwareBuffet #SecurityFails #TechHumor #FalsePositives #HackerNews #ngated

This printer company served you malware for months and dismissed it as false positives

A printer company distributed malware-infected files for months. Analysts have now dissected the code and revealed what the malware does once it infects a computer.

Neowin

Show thread

John-Mark Gurney Mar 22, 2025

Just a word of warning, Sony, when resetting your PSN password, doesn't have a character limit on the password, but then when you log in, they set a 32 character limit, except that their forms won't work, but a 30 character password does work.

I just reset my password 3 times to figure this out.

Fun of idiots who don't know how to do security.

#Sony #PlayStationNetwork #SecurityFails #SecurityFailures

all ears Aug 1, 2024

Immer ne gute Frage: "Why should it connect to the internet?"

https://computer.rip/2024-07-31-just-disconnect-the-internet.html

#crowdstrike #securityfails

2024-07-31 just disconnect the internet

Jake in the desert Jan 30, 2024

Oh, good. ChatGPT is leaking passwords from private conversations https://arstechnica.com/security/2024/01/ars-reader-reports-chatgpt-is-sending-him-conversations-from-unrelated-ai-users

#security #ChatGPT #AI #LLM #LLMs #fail #fails #SecurityFails

OpenAI says mysterious chat histories resulted from account takeover

User shocked to find chats naming unpublished research papers, and other private data.

Ars Technica

all ears Jan 21, 2023

Der Staubsaugerroboter unsrer Nachbarin hat Bluetooth - standardmäßig auf "on". Und ich nehm mal an, extra abgesichert ist das Ding nicht. Also: App runterladen, einloggen und einen fahren lassen... ?
#securityfails

Bobo_PK 🦄Aug 10, 2021

We are forced to activate 2FA for our office 365 accounts at work. I complained that all methods that M$ offers requiered a personal device or telephone number of mine. As a result I got a SIP. Now the second factor (2FA) is on the same device but hey compliance...

I asked a year ago and today again if we could invest in Nitrokeys or anything compareable...
#securityfails