Mastodawn

🔍 Oh, the thrilling saga of an article that wasn't! 😱 #ModSecurity flexes its muscles, proudly serving you... absolutely NOTHING. Bravo, internet! 👏🌐
https://jsomers.net/blog/it-turns-out #InternetSaga #SecurityFail #TechNews #CyberSecurity #HackerNews #ngated

“It turns out” « the jsomers.net blog

ticho Mar 4

Oops! Can you say "username enumeration"?

This is at bloomsbury.com, who, in an unrelated matter, seem to also have removed my country from their selection widget when making an order, even though I successfully ordered some books from them last year. 🤷

#security #securityfail

Torsten Materna Feb 16

Hat es jetzt dann jeder mal gesagt?
#openclaw #ai #openai #securityfail

Stefano Marinelli Feb 11

Just received an email from my mail server administrator. They sent me a link to change my password because it's 'insecure'.

My mail admin is so efficient...

...hey, wait a minute... I AM my mail administrator! 🤦‍♂️

#Phishing #SelfHosting #SysAdminLife #SecurityFail #InfoSec

vmdude Jan 30

Ça existe encore ça en 2026 ?!?

#securityfail

Boston Managed IT Jan 9

Security Lesson: Don't make your password "Password." Reports reveal the Louvre's surveillance password was just..."Louvre." A funny but scary reminder that basic password hygiene matters.

#SecurityFail #CyberHygiene #TechNews #Passwords https://zurl.co/7TsKn

Post-heist reports reveal the password for the Louvre's video surveillance was 'Louvre,' and suddenly the dumpster-tier opsec of videogame NPCs seems a lot less absurd

Is leaving the safe combination on a post-it note that much worse?

PC Gamer

Dima Jan 7

Me: Tries to access my personal stuff on the work machine (which is allowed!).

The laptop security: "I'm afraid I can't let you do that."

Looks like the SSL inspector is feeling a bit overprotective today.

#techfail #corporateit #tlsfail #funny #infosec #worklaptop #privacy #securityfail #humor #proton #fediverse

N-gated Hacker News Dec 4

🚨 ALERT! 🚨 #NextJS finally achieved what we all thought impossible: a CVSS 10.0 vulnerability! 🎯 Bravo, they've hit the bullseye of FAIL! 🙈 It's always heartwarming when devs leave the #backdoor open for #hackers to make themselves at home. 🏠🔓
https://nextjs.org/blog/CVE-2025-66478 #Vulnerability #CVSS10 #SecurityFail #HackerNews #ngated

Security Advisory: CVE-2025-66478

A critical vulnerability (CVE-2025-66478) has been identified in the React Server Components protocol. Users should upgrade to patched versions immediately.

MattPounsett Nov 26

This is a "fun" read.

I've never really understood why sites like the ones covered in this article exist, since they cater to people who should be pretty comfortable with command-line linting/pretty-printing tools. But now I know that they survive (thrive on ad revenue, even!) because so many of their users are a few bits short of a byte.

https://labs.watchtowr.com/stop-putting-your-passwords-into-random-websites-yes-seriously-you-are-the-problem/

#facepalmSec #cybersecurity #infosec #SecurityFail #WTFsec #facepalm

Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)

Welcome to watchTowr vs the Internet, part 68. That feeling you’re experiencing? Dread. You should be used to it by now. As is fast becoming an unofficial and, apparently, frowned upon tradition - we identified incredible amounts of publicly exposed passwords, secrets, keys and more for very sensitive environments

watchTowr Labs

Solarbird

Nov 23

I have never felt better about a bicycle being my primary form of transport.

"What the fuck, Flock?"

It's so much worse than you may've heard. The clown show is _spectacular_. It's a five-season arc in progress of only the most upper level, purest clownery.

Here's a very high view on The WAN Show (jump to 3:12:09 if the time stamp start doesn't work):

https://www.youtube.com/live/Vzgimftolys?t=11525

Here's the original source with much more details:

https://www.youtube.com/watch?v=uB0gr7Fh6lY

#Flock #FuckFlock #HolyShit #surveillance #fascism #SurveillanceSociety #incompetence #RubberDucky #SecurityFail #security #HilariousIncompetence #shenanigans #clowns #ClownShow #TempestAttack #EveryAttack #AuthenticationInPlainText #EverythingThatCanBeWrongIsWrong

There’s No Reason To Buy An iPhone - WAN Show November 21, 2025

YouTube