Neil BrownThe UK Environment Agency has some tips for the public to help conserve water, including
> Deleting old emails to reduce pressure on data centre servers
I kid you not.
Oneironaut
@Oneironaut@infosec.exchange
- 13 Followers
- 106 Following
- 1.4K Posts
GRC advocate. Cyber adjacent. Celine Dion fan
Jason KoeblerMedia outlets can't pivot to AI to save themselves. It's not a business strategy and it's not going to work. The only path forward is for journalists to lean into their humanity, to do things AI can't, and to make clear they are writing for people, not algorithms:
https://www.404media.co/the-medias-pivot-to-ai-is-not-real-and-not-going-to-work/
Dare ObasanjoMicrosoft president Brad Smith acknowledged that the four rounds of layoffs this year are more about using the money saved to fund AI data centers and GPUs than workers being replaced by AI.
I think this is important for the media to get right versus making it seem like ChatGPT can replace a human worker.
cR0w 
Go find more hardcoded secrets. And share them with the rest of us.
https://www.intigriti.com/researchers/blog/hacking-tools/advanced-github-dorking-guide
Thomas FuglsethPublic service announcement.
(Created by https://bsky.app/profile/campfireharve.st )
Marco Ivaldi
FortiWeb Pre-Auth RCE (CVE-2025-25257)
Hey! and welcome to another THEY BURNED MY BUG episode. This time, we introduce CVE-2025-25257. An SQLi that I spotted back in Feb. in case someone burn them before i get my bragging rights8157d42995395ba0c0cfccce37b934ebb63d3d5740ba43eda7fa853f389bca2a8fc4ca6426ae50c7673326eacb6644a8b361ad1051138d04cbd9da8b807a0973— faulty *ptrrr (@0x_shaq) February 9, 2025 This is a pre-auth SQLi bug that can be leveraged to an RCE in FortiWeb.
Kevin BeaumontCVE-2025-5777 aka CitrixBleed 2 has been added to CISA KEV now over evidence of active exploitation.
Citrix are still declining to comment about evidence of exploitation as of writing.
@neurovagrant it can put them back too, right?
Belkin WEMO to shut down cloud operations and cripple WEMO iot devices in January 2026
AI6YR BenHow's that AI coding going for you? Ah... I see.
Wired: McDonald’s AI Hiring Bot Exposed Millions of Applicants' Data to Hackers Using the Password ‘123456’
"... Carroll and Curry, hackers with a long track record of independent security testing, discovered that simple web-based vulnerabilities—including guessing one laughably weak password—allowed them to access a Paradox.ai account and query the company's databases that held every McHire user's chats with Olivia. The data appears to include as many as 64 million records, including applicants' names, email addresses, and phone numbers...."
https://www.wired.com/story/mcdonalds-ai-hiring-chat-bot-paradoxai/
George Liquor, American
Zack Whittaker
Emory
vampirdaddy
Interpipes 💙