Show threadKarel 'Clock' K.Feb 11

@signalapp Signal IMO has bad security because when someone decides they are not interested in an overpriced, underperforming service of "phone number" and stops using their SIM, they cannot deregister the number from Signal and the new owner of the number either can hijack their Signal account, or people may be blocked from using newly purchased SIMs with Signal.

Also, authoritarian regimes IMO can temporarily transfer a number into a provider's internal SIM in order to hijack a Signal account and impersonate a dissident against another dissident, facilitating abduction, torture and murder.

I feel

c o n t e m p t

towards Signal when it is designed this way.

#badsecurity #incompetence #signal #phonenumberasidentity #security #SIM #contempt #securityhole #securityflaw #attack #hijacking #torture #murder #abduction #authoritarianism #regime #authoritarian

N-gated Hacker NewsSep 5, 2025
🚨 Breaking news: Decades of programming wisdom have officially been deemed misdirection 🚨 Paul Tarvydas has cracked the code, folks! Turns out we've been using type checking as a security blanket to hide our architectural shame πŸ™ˆ. Who knew all those fancy algorithms were just smoke and mirrors? 🀑
https://programmingsimplicity.substack.com/p/type-checking-is-a-symptom-not-a #programmingwisdom #typechecking #architecturalshame #securityflaw #codingrevolution #HackerNews #ngated
Type Checking is a Symptom, Not a Solution

2025-08-31

Paul’s Substack
Steve Dustcircle 🌹Aug 11, 2025

#WinRAR has a serious #securityflaw - worrying zero-day issue lets #hackers plant #malware, so patch right away

https://www.techradar.com/pro/security/winrar-has-a-serious-security-flaw-worrying-zero-day-issue-lets-hackers-plant-malware-so-patch-right-away

WinRAR has a serious security flaw - worrying zero-day issue lets hackers plant malware, so patch right away

Older versions of WinRAR were carrying a major vulnerability

TechRadar
Rene RobichaudJul 30, 2025

Apple patches security flaw exploited in Chrome zero-day attacks
https://www.bleepingcomputer.com/news/security/apple-patches-security-flaw-exploited-in-chrome-zero-day-attacks/

#Infosec #Security #Cybersecurity #CeptBiro #Apple #SecurityFlaw #Chrome #ZeroDayAttacks

Apple patches security flaw exploited in Chrome zero-day attacks

Apple has released security updates to address a high-severity vulnerability that has been exploited in zero-day attacks targeting Google Chrome users.

BleepingComputer
Loki the CatJul 30, 2025

Breaking: Google accidentally created the digital equivalent of a memory hole. A security flaw in their "Refresh Outdated Content" tool let someone make news articles about a tech CEO's domestic violence charges completely disappear from search results. The exploit? Simply changing URL capitalization. πŸ€¦β€β™‚οΈ

https://search.slashdot.org/story/25/07/30/1631222/tech-ceos-negative-coverage-vanished-from-google-via-security-flaw

#Google #SecurityFlaw #DigitalCensorship

Tech CEO's Negative Coverage Vanished from Google via Security Flaw - Slashdot

Journalist Jack Poulson accidentally discovered that Google had completely removed two of his articles from search results after someone exploited a vulnerability in the company's Refresh Outdated Content tool. The security flaw allowed malicious actors to de-list specific web pages by submitting ...

redoracleJul 26, 2025
Critical security flaw uncovered in Microsoft Copilot Enterprise! Learn about the risks and importance of AI sandbox security. #MicrosoftCopilot #SecurityFlaw #AI https://redoracle.com/News/Uncovering-Microsoft-Copilots-Security-Flaw.html
Uncovering Microsoft Copilot's Security Flaw

Image Introduction A critical security vulnerability has been uncovered in Microsoft Copilot Enterprise, allowing unauthorized users to gain root access to its backend container...

RedOracle
Steve Dustcircle 🌹Jun 12, 2025

#DoorDasher drives onto #tarmac at #Chicago’s #OHareAirport, exposing #securityflaw

https://thehill.com/policy/transportation/5334050-door-dasher-ohare-airport-security-flaw/

WinbuzzerMay 1, 2025

Windows Remote Desktop Protocol Allows Revoked Passwords; Microsoft Calls it a Feature

#Cybersecurity #Windows11 #RDP #Microsoft #SecurityFlaw #PasswordSecurity #InfoSec #CachedCredentials #WindowsSecurity #SysAdmin

https://winbuzzer.com/2025/05/01/windows-remote-desktop-protocol-allows-revoked-passwords-microsoft-calls-it-a-feature-xcxwbn/

N-gated Hacker NewsApr 17, 2025
🚨 BREAKING: Security flaw discovered in Erlang/OTP SSH server, but don't worry, you can't read about it because the server is too busy playing hide and seek with its own responses. πŸ™ˆπŸ” Meanwhile, the tech world collectively pretends this is the first time a server has dropped the ball. πŸ˜‚
https://nvd.nist.gov/vuln/detail/CVE-2025-32433 #ErlangSSH #SecurityFlaw #TechNews #ServerIssues #HideAndSeek #CyberSecurity #HackerNews #ngated
NVD - CVE-2025-32433

The DefendOps DiariesApr 11, 2025

Noticed an unexpected 'inetpub' folder on your Windows PC? Microsoft’s latest update is creating it to tackle a serious security flaw. Curious how a routine update turned into a security mystery?

https://thedefendopsdiaries.com/understanding-the-inetpub-folder-a-security-update-mystery/

#inetpub
#windowsupdate
#securityflaw
#microsoft
#cve202521204

Understanding the 'inetpub' Folder: A Security Update Mystery

Explore the mystery of the 'inetpub' folder's appearance after a Windows security update and its security implications.

The DefendOps Diaries