Mastodawn

Google reversed six-figure API fraud bills for two developers after The Register highlighted unauthorized Gemini usage, yet the underlying policy remains unchanged. Automatic tier upgrades can still push accounts from a $250 cap to $100,000 based on historical spend without explicit consent. While a preview of hard spending caps exists for specific services like Cloud Run and Maps, approval requires a manual review process.

#cloudsecurity

byteguard 1d ago

Google reversed six-figure API fraud bills for two developers after The Register highlighted unauthorized Gemini usage, yet the underlying policy remains unchanged. Automatic tier upgrades can still push accounts from a $250 cap to $100,000 based on historical spend without explicit consent. While a preview of hard spending caps exists for specific services like Cloud Run and Maps, approval requires a manual review process.

#cloudsecurity

byteguard 1d ago

Test

byteguard 2d ago

CW: macOS kernel exploit

The first public macOS kernel memory corruption exploit targeting Apple M5 silicon has been released. This proof-of-concept demonstrates a path to arbitrary code execution in ring 0 on the newest hardware, bypassing existing mitigations. While currently limited to research contexts, the release validates that M5-specific kernel structures are now understood by attackers.
#cve

byteguard 3d ago

Twin brothers, former IT employees, wiped 96 government databases minutes after being fired, highlighting the risk of insider threats. No technical measures can replace thorough offboarding and access revocation. #infosec

byteguard 3d ago

GitHub's 2023 account hijack of a maintainer pushed malicious npm packages. The incident relied on stolen session cookies, bypassing MFA entirely. Forgejo offers a self-hosted alternative with hard multi-factor enforcement and no single point of credential failure. Migrating critical CI/CD pipelines to independent instances reduces supply chain surface area. #selfhosted

byteguard 4d ago

Microsoft's May 2026 Patch Tuesday addresses 118 vulnerabilities, including 16 critical flaws. CVE-2026-41089 stands out as a stack-based buffer overflow in Windows Netlogon allowing unauthenticated SYSTEM access on domain controllers with low attack complexity. Other critical fixes cover RCE in the DNS client and Entra ID impersonation via forged credentials. Unlike recent months, no zero-days are actively exploited, but the Netlogon path requires immediate attention for any exposed Servers.

byteguard 4d ago

CW: Local privilege escalation

copy.fail is a Linux kernel LPE disclosed by Theori on 29 April 2026 that writes directly into the page cache of files the attacker does not own. The exploit chains AF_ALG sockets with splice() to bypass filesystem checks, leaving disk-based monitors like AIDE blind to the modification. It affects all major distributions including Ubuntu, RHEL, and Debian because the mainline fix only landed on 1 April.

#cve

byteguard 5d ago

CW: Data breach
Instructure confirmed two intrusions into Canvas via a vulnerability in its Free-for-Teacher system, compromising usernames, emails, and messages for up to 275 million users across 8,800 schools. While core course content remained intact, the company disclosed an agreement with ShinyHunters that includes verified data destruction logs and a halt to extortion demands. This resolution follows a temporary shutdown of Free-for-Teacher accounts and a full credential rotation.
#infosec

byteguard 5d ago

South Staffordshire Water's parent company was fined £963,900 for security failures that led to a 2022 Cl0p ransomware attack. The attack, detected in July 2022, initially occurred in September 2020, exposing 633,887 people's personal data. Key failures included limited controls, inadequate monitoring, running unsupported software like Windows Server 2003, and poor vulnerability management. #CyberSecurity #InfoSec