Catalin Cimpanu

@campuscodi
18.9K Followers
439 Following
139 Posts

Cybersecurity reporter for Risky Business

#infosec #cybersecurity #security

Newsletter:https://risky.biz/newsletters/
Podcast:https://risky.biz/podcasts/
Catalin Cimpanu42m ago
Catalin Cimpanu3h ago

-Klue breach impacts security firms
-Hacker breaches Brazil's national alert system
-North Korean hackers are behind the Mastra supply chain attack
-New unfixable exploit in Apple's A12/A13 chips
-Gizmodo hosts ClickFix
-Okendo Reviews supply chain incident
-MEV bot hacked for $7.5m
-PyPI traffic exploded this year
-Android dev verification scheduled for next year
-Mastodon now supports newsletters
-Linux removes strncpy

Newsletter: https://news.risky.biz/risky-bulletin-klue-breach-impacts-security-firms/
Podcast: https://risky.biz/RBNEWS580/

Catalin Cimpanu42m ago
Show threadCatalin Cimpanu3h ago
-Kansas City to deploy facial recognition on buses
-Anthropic introduces age verification
-GitHub to limit pull requests
-Estonia to issue IDs to AI bots
-Three phishers arrested in the Netherlands
-SMS blaster ringleader sentenced to prison
-Texas GOP hacker pleads guilty
-Police hackathon uncovers CSAM accounts
-GitHub removes 10k malicious repos
-Slack link previews as C2
-FortiBleed also targeted MSSQL and Sophos
Catalin Cimpanu2h ago
Joseph Lorenzo Hall, PhD16h ago
Homebrew is a masterpiece of software engineering. It nicely isolates packages in user-space, entirely skips the `sudo` bs of other package managers, and keeps the core OS clean. Dev tooling really doesn't get much better than this.
Catalin Cimpanu2h ago
Hacker News14h ago
Energy Security, Not Climate Goals, Is Now Driving the Clean Power Boom
L: https://oilprice.com/Alternative-Energy/Renewable-Energy/Energy-Security-Not-Climate-Goals-Is-Now-Driving-the-Clean-Power-Boom.html
C: https://news.ycombinator.com/item?id=48622697
posted on 2026.06.21 at 17:19:21 (c=0, p=3)
Energy Security, Not Climate Goals, Is Now Driving the Clean Power Boom

Geopolitical turmoil in the Strait of Hormuz is driving a historic surge in clean energy, as solar and storage become tools for energy security.

OilPrice.com
Show threadCatalin Cimpanu3h ago
-New Bluekit PhaaS
-APT campaign targets Thailand's health sector
-New Squidbleed vulnerability
-New AutoJack technique
-GNU Savannah security update
-Security Fest 2026 videos
-Cisco buys WideField Security
Show threadCatalin Cimpanu3h ago
-Kansas City to deploy facial recognition on buses
-Anthropic introduces age verification
-GitHub to limit pull requests
-Estonia to issue IDs to AI bots
-Three phishers arrested in the Netherlands
-SMS blaster ringleader sentenced to prison
-Texas GOP hacker pleads guilty
-Police hackathon uncovers CSAM accounts
-GitHub removes 10k malicious repos
-Slack link previews as C2
-FortiBleed also targeted MSSQL and Sophos
Catalin Cimpanu3h ago

-Klue breach impacts security firms
-Hacker breaches Brazil's national alert system
-North Korean hackers are behind the Mastra supply chain attack
-New unfixable exploit in Apple's A12/A13 chips
-Gizmodo hosts ClickFix
-Okendo Reviews supply chain incident
-MEV bot hacked for $7.5m
-PyPI traffic exploded this year
-Android dev verification scheduled for next year
-Mastodon now supports newsletters
-Linux removes strncpy

Newsletter: https://news.risky.biz/risky-bulletin-klue-breach-impacts-security-firms/
Podcast: https://risky.biz/RBNEWS580/

Catalin Cimpanu15h ago

Another supply chain attack... this one at Okendo Reviews, a product review widget used on more than 18k online stores

A threat actor known as SmartApeSG added malicious JS code to prompt users with a ClickFix window

https://www.zscaler.com/blogs/security-research/smartapesg-launches-okendo-reviews-supply-chain-attack

SmartApeSG Supply Chain Attack Targets Okendo | ThreatLabz

ThreatLabz identified a SmartApeSG-linked supply chain attack that targeted the Okendo Reviews widget impacting thousands of e-commerce sites.

Catalin Cimpanu16h ago
Covie1d ago
The safest things in DC right now are the Epstein files and the algae in the reflecting pool
Catalin Cimpanu19h ago
Dominic WhiteJun 13

Check whether a site supports post quantum crypto* https://quantumhello.xyz

* Well hybrid PQ key exchange in the form of TLS 1.3 with X25519MLKEM768