Oh no! „Squidbleed“ found by Mythos! When using http:// urls via a squid proxy, an attacker might see the data!😱

Maybe we should all be using https: on the internet or expect our traffic to be public. Wait…we already do that since Lets Encrypt started a decade ago!

This vulnerability could have been a bug report.💁🏻‍♂️

https://www.theregister.com/security/2026/06/23/mythos-discovers-squidbleed-a-memory-leak-thats-gone-undetected-since-clinton-era/5260367

Believe me, you need this bit of space ASMR today:

https://www.youtube.com/watch?v=2DtFRq1cgcc

Background info:

▶️ https://www.esa.int/Science_Exploration/Space_Science/Euclid/ESA_s_Euclid_captures_the_Milky_Way_s_crowded_heart

You are looking at the largest and most detailed image ever made of our Milky Way galaxy’s centre in visible light.

Scientifically, the data will be used for microlensing surveys to find exoplanets - and is now fully publicly available. As are the pretty images if you want them as a desktop backgrounds, of course!

#ESA #Euclid #space #astronomy #astrodon

New, from me: 'Popa' Botnet Linked to Publicly Traded Israeli Firm

"For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a “residential proxy” provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR]."

https://krebsonsecurity.com/2026/06/popa-botnet-linked-to-publicly-traded-israeli-firm/

There is an incredible amount of interesting data and findings in the reports on Popa released this week. For example, the proxy detection service Spur told me they recently scraped the LG and Samsung app stores and found that each had approximately 3,000 apps available for download. Spur said it found that more than 42 percent of apps available for download via the webOS operating system on LG smart TVs include SDKs that turn one’s television into an always-on residential proxy node. More than a quarter of the apps made for Samsung’s Tizen operating system had similar residential proxy components, Spur found.

#proxy #popa #botnet #lg #samsung

🚀 Registrations are OPEN for our Introduction to Security 2026 course! A free, hands-on, 14-week cybersecurity course to learn how to attack and defend real systems in your own cyber range.
https://cybersecurity.bsy.fel.cvut.cz/

#infosec #mooc #training #cybersecurity

We handed OpenClaw a penetration testing toolkit and pointed it at one of our own legacy Active Directory networks.

The result: 23 findings across 11 attack paths…

Full breakdown 👇
https://www.youtube.com/watch?v=NEculTwSj80

Do you ever wonder how many fediverse accounts are actually C2 beacons using the distributed fediverse for resiliency?

Yeah, me neither.