Show threadMatěj Cepl 🇪🇺 🇨🇿 🇺🇦May 21

@GossiTheDog

And if you like me don’t use VS Code, don’t feel smug: our editors ($VIM, Emacs, etc.) don’t even have any marketplace and pull executable code from completely random places on the Internet (mostly GitHub, which we know how secure it is).

#Fail #NoSecurity

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕Apr 25

Vibe Coding Has a Security Problem, and Shipping Code You Do Not Understand Is Not a Strategy

AI-assisted coding is speeding up software development, but it is also making it easier to ship insecure defaults, weak access controls, poisoned dependencies, and code nobody on the team can confidently defend.

🧑‍💻 https://www.kylereddoch.me/blog/vibe-coding-has-a-security-problem-and-shipping-code-you-do-not-understand-is-not-a-strategy/

#vibecoding #programming #itsecurity #itsec #aicoding #aislop #coding #itsec #realworld #nosecurity #itsecurity #it

Vibe Coding Has a Security Problem, and Shipping Code You Do Not Understand Is Not a Strategy

AI-assisted coding is speeding up software development, but it is also making it easier to ship insecure defaults, weak access controls, poisoned dependencies, and code nobody on the team can confidently defend.

CybersecKyle
Show threadMatěj Cepl 🇪🇺 🇨🇿 🇺🇦Apr 22

@element @matrix

Vidíte tu díru, jak Česko, Slovensko a Maďarsko nepotřebují nic bezpečného pro svojí komunikaci?

#ČasŠvábů #Matrix #NoSecurity

HeliographApr 14

😆 this is excellent #TheCrux @daedalus

"We take security seriously!!
Cover up that incident with this handy sticking plaster."

https://www.redbubble.com/shop/ap/174240626

#infosec #slop #security #nosecurity

YurkshireLadSep 7, 2025

I hope the CTO got fired with zero benefits or payouts.

https://web.archive.org/web/20250906134240/https://bobdahacker.com/blog/rbi-hacked-drive-thrus/

#tech #security #NoSecurity #Facepalm

We Hacked Burger King: How Authentication Bypass Led to Drive-Thru Audio Surveillance

Critical authentication bypass vulnerabilities in Restaurant Brands International's assistant platform allowed complete control over 30,000+ Burger King, Tim Hortons, and Popeyes locations worldwide - including access to customer drive-thru audio recordings.

Hacker NewsFeb 24, 2025
'Impossible-to-Hack' Security Turns Out to Be No Security at All — https://jltee.substack.com/p/new-zealand-companys-impossible-to-hack-security
#HackerNews #ImpossibleToHack #Security #NoSecurity #CyberSecurity #NewsTech #Vulnerabilities
New Zealand Company’s ‘Impossible-to-Hack’ Security Turns Out to Be No Security at All

Teammate App had a publicly exposed database and told me to stop harassing them after I emailed them about it.

The Hub of Stupi.. *misconfigs
YurkshireLadMar 4, 2024

Fascinating and funny when you think about it. #opsec #security #nosecurity #web #oops

http://debug.is/2024/03/04/planes-ferries-automobiles/

Planes, Ferries and Automobiles - The Code Lab

Thoughts and experiments on software, security and better coding practises.

YurkshireLadFeb 8, 2024

Wow, just wow. I wish this weren’t true. It shows how vulnerable our data is. #security #NoSecurity #CyberSecurity

https://www.euronews.com/next/2024/02/08/data-of-33-million-people-in-france-stolen-in-its-largest-ever-cyberattack-this-is-what-we

1 in 2 people in France have data stolen in massive cyberattack

One in two French people’s data was stolen in a major cybersecurity breach - the largest ever in France - leaving 33 million at risk.

euronews
Show threadbeSpacificApr 9, 2023
@toxtethogrady I never completely believe any article on intel...we do not know what we do not know, until we do [often by accident].#camo #balllons #LeakedDocuments #NoSecurity
HackfestMar 25, 2023

Bonne nouvelle,

À défaut que le feu vert ne soit pas officiellement donné, nous sommes très fiers de voir une décision ayant un impact positif sur la sécurité des données de plus de 190 000 travailleurs au Québec.

Toute application/entreprise de pointage mobile devra : “... obtenir une certification de sécurité reconnue au Canada (ISO 27001, audit de type SOC 2 - types 1 et 2 ou CyberSécuritaire Canada). À défaut, l’application de ces fabricants ne peut être utilisée conformément au texte de la convention résidentielle. Les données recueillies par l’application doivent être conservées au Québec.”

Présentement, il semble qu'une seule entreprise ait une certification ISO 27001 et ce n'est pas celle citée dans l’article, soit Mobile-Punch. De plus, la majorité si ce n'est pas toutes ses entreprises n'ont aucune équipe de sécurité pour gérer les données de centaines de milliers de travailleurs.

Ainsi, avec ce jugement, nous verrons une augmentation de la sécurité dans nos entreprises au Québec ce qui est une excellente nouvelle pour tous!

https://www.journaldequebec.com/2023/03/23/feu-vert-a-limplantation-de-lappli-qui-permet-de-puncher-en-ligne

#polqc #polcan #hacking #certification #cybersecurite #cybersecurite #NOSECURITY #quebec #syndicat #travailleur #construction #mobilepunch #pointage #pointagemobile

Feu vert à l’implantation de l’appli qui permet de gérer ses heures de travail en ligne

Une forte majorité de travailleurs de la construction disent aimer Mobile-Punch.

Le Journal de Québec