Mastodawn

Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam https://hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/

Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam

Scammers target GitHub devs with a fake OpenClaw token giveaway, using phishing links and a wallet drainer to steal crypto via a cloned site.

Hackread - Cybersecurity News, Data Breaches, AI and More

Éric Freyssinet 6d ago

Sam Stepanyan

🐘Mar 21

#Trivy, a popular open-source vulnerability scanner, was compromised - attackers hijacked 75 version tags in #GitHub Actions to deliver an infostealer.

It ran in CI pipelines, stealing creds and tokens, exfiltrating data:
#SoftwareSupplyChainSecurity
👇
https://thehackernews.com/2026/03/trivy-security-scanner-github-actions.html

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Trivy attack force-pushed 75 tags via GitHub Actions, exposing CI/CD secrets, enabling data theft and persistence across developer systems.

The Hacker News

Éric Freyssinet 6d ago

Nicolas Fressengeas 6d ago

RE: https://mstdn.social/@swheritage/116272142405742756

"France and Germany are moving beyond the “altruism” of the early open-source movement, reframing it as a matter of national autonomy. Stéphanie Schaer, The Interministerial Directorate for Digital Affairs in France (DINUM), highlighted Tchap—a secure messaging app used by 400,000 civil servants—as proof that the state can break its dependency on “monopolistic IT solutions” by investing in the digital commons."

#OpenSource #SWH10

Éric Freyssinet Mar 21

Thierry Noisette Mar 21

Allemagne : le format ODF obligatoire dans l’administration https://www.zdnet.fr/blogs/l-esprit-libre/allemagne-le-format-odf-obligatoire-dans-ladministration-492348.htm Un succès pour les formats ouverts et la Document Foundation (LibreOffice)

Allemagne : le format ODF obligatoire dans l’administration - ZDNET

The Document Foundation, qui gère LibreOffice, salue la décision du ministère allemand du Numérique, qui impose le format ODF dans l’administration fédérale, refusant ainsi le contesté OOXML de Microsoft.

ZDNET

Éric Freyssinet Mar 21

Jérôme Meyer Mar 21

New, from our ERT: #CECbot, an Android TV botnet and the first malware we're aware of that exploits HDMI-CEC.

It puts the TV to sleep so you don't notice the box behind it is running DDoS and residential proxy traffic. Curve25519/ChaCha20 crypto, 9 persistence layers, and... LAN mapping.

Successor to a Mirai fork, shares not much but the C2 server.

https://github.com/deepfield/public-research/blob/main/cecbot/report.md

#threatintel #DDoS

public-research/cecbot/report.md at main · deepfield/public-research

DDoS botnet research and indicators of compromise from Nokia Deepfield ERT - deepfield/public-research

GitHub

Éric Freyssinet Mar 20

9to5Google.com Mar 20

Google Messages launches group RCS Mentions and Trash folder https://9to5google.com/2026/03/20/google-messages-mentions-trash/?utm_source=dlvr.it&utm_medium=mastodon

Éric Freyssinet Mar 20

Le Figaro Mar 20

Isabelle Mergault, comédienne et sociétaire des «Grosses Têtes», est morte à 67 ans
https://tvmag.lefigaro.fr/programme-tv/actu-tele/isabelle-mergault-comedienne-et-societaire-des-grosses-tetes-est-morte-a-67-ans-20260320?utm_source=flipboard&utm_medium=activitypub

Publié dans Actualités @actualit-s-LeFigaro

Isabelle Mergault, comédienne et sociétaire des «Grosses Têtes», est morte à 67 ans

Laurent Ruquier a annoncé, ce vendredi après-midi auprès de l’AFP, son décès. Elle souffrait depuis plusieurs mois d’un cancer.

TV Magazine

Éric Freyssinet Mar 19

Lorenzo Franceschi-Bicchierai Mar 19

NEW: The FBI has taken down and seized two websites that were run by the pro-Iranian hacktivist group Handala.

“Law enforcement authorities determined this domain was used to conduct, facilitate, or support malicious cyber activities on behalf of, or in coordination with, a foreign state actor,” read the seizure notice.

The law enforcement actions comes a week after Handala claimed responsibility for the devastating hack of U.S. medical tech giant Stryker.

https://techcrunch.com/2026/03/19/fbi-seizes-pro-iranian-hacking-groups-websites-after-destructive-stryker-hack/

FBI seizes pro-Iranian hacking group's websites after destructive Stryker hack | TechCrunch

The FBI and the Justice Department took down two websites linked to the pro-Iranian hacktivist group Handala, which last week hacked medical tech giant Stryker.

TechCrunch

Éric Freyssinet Mar 18

The New Oil Mar 18

#UK’s #CompaniesHouse confirms security flaw exposed business data

https://www.bleepingcomputer.com/news/security/uks-companies-house-confirms-security-flaw-exposed-business-data/

#DataBreaach #cybersecurity #privacy

UK’s Companies House confirms security flaw exposed business data

Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies' information since October 2025.

BleepingComputer

Éric Freyssinet Mar 15

Botconf Mar 15

#Botconf2026 - We have just finished the selection of our last minute talks thanks to our #SprintCFP ! Great additions to our agenda with some fresh cases and research.
To register and join us in Reims next month, please follow this link: https://www.botconf.eu/, we still have seats available !

Blog	https://eric.freyssi.net
Twitter (ex...)	https://twitter.com/ericfreyss
LinkedIn	https://www.linkedin.com/in/ericfreyssinet/
Pixelfed \| Matrix	https://metapixl.com/@ericfreyss \| @ericfreyss:matrix.org