RE: https://social.tchncs.de/@thehackernews/116329690028637636
@dragonwolfsp and they want you to get WhatsApp
Tech lurker who moonlights as a security guy. Coach and President of Minnesota Blind Hockey.
Brian
- 14 Followers
- 79 Following
- 283 Posts
I said DON’T click that! Though now that you did...
Tech lurker who moonlights as a security guy. Coach and President of Minnesota Blind Hockey.
Tech lurker who moonlights as a security guy. Coach and President of Minnesota Blind Hockey.
AAMicrosoft posted this yesterday:
Microsoft Security: WhatsApp malware campaign delivers VBScript and MSI backdoors https://www.microsoft.com/en-us/security/blog/2026/03/31/whatsapp-malware-campaign-delivers-vbs-payloads-msi-backdoors/
More:
The Hacker News: https://thehackernews.com/2026/04/microsoft-warns-of-whatsapp-delivered.html @thehackernews #infosec #Microsoft #WhatsApp
WhatsApp malware campaign delivers VBScript and MSI backdoors | Microsoft Security Blog
A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack leverages renamed Windows tools and cloud-hosted payloads to install MSI backdoors and maintain persistent access to compromised systems.
Advanced Persistent Teapot@da_667 do you have a laptop sticker that says "pcaps or it didn't happen"?
Because if not then you should get one made
RE: https://infosec.exchange/@patrickcmiller/116274883509698953
@dragonwolfsp check this out since we just had a whole conversation on it
Dragonwolf of the Shadow Prideoy! fedi creatures, I know you hear it a lot, but please, for all that is good, please please please use alt text! Use it to discribe your images, and audio, and whatever else might pose an access issue for someone. I will, with only a few acceptions, never boost, reply, or otherwise interact with posts that have media/images with no alt text. Have questions on how to do it "right," feel free to ask me or anyone else you know who needs it. I won't be mad, I'll be glad!
RE: https://infosec.exchange/@patrickcmiller/116109968778736907
@dragonwolfsp since we were just talking about this. Here’s some more.
Kevin BeaumontToday in InfoSec Job Security News:
I was looking into an obvious ../.. vulnerability introduced into a major web framework today, and it was committed by username Claude on GitHub. Vibe coded, basically.
So I started looking through Claude commits on GitHub, there’s over 2m of them and it’s about 5% of all open source code this month.
https://github.com/search?q=author%3Aclaude&type=commits&s=author-date&o=desc
As I looked through the code I saw the same class of vulns being introduced over, and over, again - several a minute.
Jon Yoder
Tanguy ⧓ Herrmann@Drat @zackwhittaker using nextcloud for more than 10 years (owncloud prior to that). Pretty damn good!
And I'm very glad I'm off Dropbox, google drive, gmail, etc.
And I'm very glad I'm off Dropbox, google drive, gmail, etc.