AAKL

@AAKL@infosec.exchange
511 Followers
567 Following
484 Posts

Always questioning. Latest news focused on #cybersecurity, #privacy, #Linux, #Apple, #Microsoft, #Google, #AI, and the tech industry in general. Toxicity is not tolerated. Porn is blocked. I follow like interests.

Check your facts.

- FactCheck.org https://www.factcheck.org/
- Reuters Fact Check https://www.reuters.com/fact-check/
- AP Fact Check https://apnews.com/ap-fact-check
- Snopes https://www.snopes.com/
- Politifact https://www.politifact.com/

NordVPN Link Checker: https://nordvpn.com/link-checker/

Project 2025 Tracker https://www.project2025.observer/

AAKL58s ago

If you missed this:

Cisco: Malvertiing campaign leads to PS1Bot, a multi-stage malware framework https://blog.talosintelligence.com/ps1bot-malvertising-campaign/ @TalosSecurity #cybersecurity #infosec #malware

Malvertising campaign leads to PS1Bot, a multi-stage malware framework

Cisco Talos has observed an ongoing malware campaign that seeks to infect victims with a multi-stage malware framework, implemented in PowerShell and C#, which we are referring to as “PS1Bot.”

Cisco Talos Blog
AAKL3m ago

New.

CISA and Partners Release Asset Inventory Guidance to Strengthen Operational Technology Security https://www.cisa.gov/news-events/news/cisa-and-partners-release-asset-inventory-guidance-strengthen-operational-technology-security #CISA #cybersecurity #infosec

AAKL5m ago
Brittany Trang36m ago

OpenAI’s terms: “Our Services are not intended for use in the diagnosis or treatment of any health condition.”

Sam Altman in the GPT-5 release: “You’ve all seen examples of people getting day-to-day care advice, or sometimes even a lifesaving diagnosis [from ChatGPT].”

Experts warn that this fast-and-loose approach could land OpenAI in hot water w the FDA.

More:

https://www.statnews.com/2025/08/13/openai-cant-have-it-both-ways-on-gpt-5-and-health-ai-prognosis/

#health #healthcare #ai #healthtech #artificialintelligence #medicine #openai #chatgpt #gpt5

OpenAI can’t have it both ways on GPT-5 and health

Why OpenAI may run into trouble with the FDA for promoting GPT-5's health advice with little supporting evidence

STAT
AAKL6m ago

"Fake accounts often use profile photos that seem too good to be true. Whether it’s flawless lighting, professional-looking headshots, or model-tier appearances."

Bitdefender (sales pitch included): How to Spot a Fake Social Media Profile https://www.bitdefender.com/en-us/blog/hotforsecurity/how-to-spot-a-fake-social-media-profile #cybersecurity #Infosec

How to Spot a Fake Social Media Profile

A seemingly friendly follow or message can quickly lead you into dangerous territory. Here’s how to tell who’s real and who’s not.

Hot for Security
AAKL8m ago
Binerly, from yesterday: Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images https://www.binarly.io/blog/persistent-risk-xz-utils-backdoor-still-lurking-in-docker-images #cybersecurity #Infosec #Docker
Persistent Risk: XZ Utils Backdoor Still Lurking in Docker Images

In this blog, we share a new finding in the XZ Utils saga: several Docker images built around the time of the compromise contain the backdoor. At first glance, this might not seem alarming: if the distribution packages were backdoored, then any Docker images based on them would be infected as well. However, what we discovered is that some of these compromised images are still publicly available on Docker Hub.

AAKL8m ago
cR0w 9m ago

sev:HIGH LPE in linux-pam.

https://access.redhat.com/security/cve/CVE-2025-8941

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

cve-details

AAKL10m ago
Abnormal Security: IBM Data Breach Report 2025: The Soaring Cost of Email Attacks https://abnormal.ai/blog/ibm-cost-of-a-data-breach-2025 #cybersecurity #Infoec #phishing
IBM Data Breach Report 2025: The Soaring Cost of Email Attacks

Phishing and vendor email compromise are now among the costliest breach vectors, as the average U.S. data breach surpasses $10 million.

Abnormal AI
AAKL13m ago

Wired: https://www.wired.com/story/president-trump-crypto-treasury-world-liberty-financial/

Also:

The Trump Administration Is Using Memes to Turn Mass Deportation Into One Big Joke https://www.wired.com/story/trump-administration-dhs-white-house-deportations-meme/ @WIRED

Trump Family–Backed World Liberty Financial Sets Up $1.5 Billion Crypto Treasury

World Liberty Financial has struck a deal that will turn a little-known company into a vehicle for betting on the price of its crypto coin.

WIRED
AAKL15m ago

From yesterday. Charon is the Styx ferryman of Greek mythology.

Trend Micro: New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises https://www.trendmicro.com/en_us/research/25/h/new-ransomware-charon.html @TrendMicro

More:

The Record: https://therecord.media/charon-ransomware-targeting-middle-east-aviation @therecord_media #ransomware #cybersecurity #Infosec

New Ransomware Charon Uses Earth Baxia APT Techniques to Target Enterprises

We uncovered a campaign that makes use of Charon, a new ransomware family, and advanced APT-style techniques to target organizations with customized ransom demands.

Trend Micro
AAKL18m ago
The Record: Pennsylvania attorney general says cyberattack knocked phone, email systems offline https://therecord.media/pennsylvania-attorney-general-office-cyberattack @therecord_media @jgreig #cybersecurity #Infosec #databreach
Pennsylvania attorney general says cyberattack knocked phone, email systems offline

The office of Pennsylvania Attorney General Dave Sunday experienced multiple days of outages related to a cyberattack. He called it "a frustrating situation."