Mastodawn

Been at the #toh civic ER all day. Time for the crazies to start arriving? I wonder what kind of training #secuirty people at a hospital get.

Robert Smith Feb 14

I'll just leave this here.

Oopsy! Nobody could see this coming...

"Viral social network 'Moltbook' built entirely by artificial intelligence leaked authentication tokens, private messages and user emails through missing security controls in production environment."

https://thecyberexpress.com/moltbook-platform-exposes-1-5-mn-api-keys/

#ai #aislop #moltbook #hack #breach #secuirty #darwinaward

AI-Coded Moltbook Platform Exposes 1.5 Million API Keys

A critical vulnerability in Moltbook, a viral social network for AI agents, exposed 1.5 million API Keys.

The Cyber Express

Show thread

🌱🏴‍🅰️🏳️‍⚧️🐧🔧📎 Ambiyelp Feb 9

@b9AcE

I don't want a vanguard of technical elite for exactly that reason, I want as many people as possible to be able to do this. I advocate for self-hosting and privacy to become even more accessible. It should be as simple as a guided wizard and/or default built-ins to use even the most hardened privacy security and anonymity tech

#Ableism #Anarchism #TotalLiberation #Intersectionality #SelfHosting #PSA #Privacy #Secuirty #Anonymity

ResearchBuzz: Firehose Oct 19

Ars Technica: AI models can acquire backdoors from surprisingly few malicious documents. “The research involved training AI language models ranging from 600 million to 13 billion parameters on datasets scaled appropriately for their size. Despite larger models processing over 20 times more total training data, all models learned the same backdoor behavior after encountering roughly the same […]

https://rbfirehose.com/2025/10/19/ars-technica-ai-models-can-acquire-backdoors-from-surprisingly-few-malicious-documents/

Ars Technica: AI models can acquire backdoors from surprisingly few malicious documents | ResearchBuzz: Firehose

ResearchBuzz: Firehose | Individual posts from ResearchBuzz

maschmi May 23, 2025

Reading the #springboot 3.5 release notes one part make me smile a little:

"The heapdump actuator endpoint now defaults to access=NONE. The aims to help reduce the likelihood of a misconfiguration application leaking sensitive information."

Had to think about the #Volkswagen hack last year where this was an entry point.

Looks like the new default is way more secure.

#secuirty #softwaredevelopment

Mega Component Apr 14, 2025

megacollc.com is loking to purchase a NEW Cisco FPR9K-SM-48 @Cisco FirePOWER 9000 Security Module 48 #firepower #ngfw #fpr9k #sm #48ports #secuirty #firewall #module @megacomponent

Mike Amundsen Apr 5, 2025

Draft SP 800-228 Available for Public Comment | CSRC https://buff.ly/nPAPy94

"The initial public draft (ipd) of NIST Special Publication (SP) 800-228, Guidelines for API Protection for Cloud-Native Systems, is now available for public comment."

#NIST #secuirty

Draft SP 800-228 Available for Public Comment | CSRC

The initial public draft (ipd) of NIST Special Publication (SP) 800-228, Guidelines for API Protection for Cloud-Native Systems, is now available for public comment.

CSRC | NIST

CybersecKyle Feb 7, 2025

I've got to say something about a post that @zicklepop posted yesterday in regards to the newest Apple Intelligence Report feature that Apple silently added, and turned on by default none-the-less.

All she was trying to do in warn people about the potential security risk that could come of such a feature. Just like anyone else, she was making a post and informing people of a risk.

What she got in the subsequent replies I feel was not justified. I know we all have our own opinions and that we are absolutely free to those but, how you express those make a different.

Let's please be kind to each other here on the #Fediverse. That is what makes it different than the Bird site.

#Secuirty #Privacy #AppleIntelligence #BeKind