Lightnews — Scholar-powered news

3kkenekkepen @3kkenekkepen.bsky.social · 3h

Hey #infosec

Would you care for a community feed of current vulnerabilities, attacks and outages?

Kind of what infosec-twitter partly used to be.

I mean: bsky kinda works that way, but peoples posts are full of other topics (rightly so) and the feeds are kinda meh.

Maybe such would work.

nooki.me

2 2

Reposted by 3kkenekkepen

Manuel 'HonkHase' Atug @honkhase.bsky.social · 3h

Kritis-Dachgesetz Anpassung anyone? Wenigstens zum Schutz von #KRITIS?
Ich hätte gerne Drohnen Detektion, Meldung und Abwehr mit drin!

Offenbar sollte eine Drohne mit Sprengladung eingesetzt werden. Was zu erwarten war:

"Im Haus..."
www.tagesschau.de/ausland/belg...

Belgische Behörden verhindern mutmaßlichen Anschlag auf Politiker

Belgien hat Behördenangaben zufolge einen möglichen Terroranschlag vereitelt. Drei Männer wurden festgenommen. Ziel des Anschlags soll Medienberichten zufolge auch Premier De Wever gewesen sein.

www.tagesschau.de

2 4 10

Reposted by 3kkenekkepen

Catalin Cimpanu @campuscodi.risky.biz · 4h

-EU scraps Chat Control vote
-Ukraine establishes a Cyber Force
-CISA workers reassigned to immigration enforcement
-Teenagers arrested for Kido hack
-Salesforce will not pay the ransom
-US Court halts FCC data breach rules

Newsletter: news.risky.biz/risky-bullet...
Podcast: risky.biz/RBNEWS489/

1 7 15

Reposted by 3kkenekkepen

Andy Diggle @andydiggle.bsky.social · 4h

"Incidents of confirmed Russian sabotage against European infrastructure more than tripled between 2023 and 2024"

archive.is/HiwYt

Map showing multiple Russian hybrid attacks in Europe.
Source: https://archive.is/HiwYt

6 13

Reposted by 3kkenekkepen

Anke Domscheit-Berg @anke.domscheit-berg.de · 6h

Der bedrohte #US-Geschichtsprofessor (Schwerpunkt: Geschichte der #Antifa), @mark-bray.bsky.social konnte jetzt doch die USA verlassen - unterwegs nach Spanien. Die Familie ist jetzt in Geldnot. Ich reskeete gleich eine Crowdfundingkampagne für ihn.

Mark Bray @mark-bray.bsky.social · 12h

Our plane to Spain is in the air!

🙌🙌

Thank you so much to the countless people supporting us in every way and in particular all of the Rutgers students and faculty who have supported us every step of the way.

1 7 28

Reposted by 3kkenekkepen

InfoSec @infosec.skyfleet.blue · 5h

CL0P Extortion: Google/Mandiant Expose Zero-Day RCE in Oracle E-Business Suite (CVE-2025-61882)

Google/Mandiant linked CL0P extortion to a Zero-Day RCE flaw (CVE-2025-61882) in Oracle E-Business Suite. Attackers exploited the bug since July to steal corporate data and deploy GOLDVEIN Java shells.

securityonline.info

1 1

Reposted by 3kkenekkepen

seven @seven.modr.us · 12h

Whole lot of nope, time for powerful white noise generators and perhaps loud music.

Electronic Frontier Foundation @eff.org · 16h

Flock is preparing to roll out a new feature: Its gunshot detection devices will begin listening for voices in “distress.” www.eff.org/deeplinks/2...

Flock’s Gunshot Detection Microphones Will Start Listening for Human

Flock Safety, the police technology company most notable for their extensive network of automated license plate readers spread throughout the United States, is rolling out a new and troubling product

www.eff.org

1 2

Reposted by 3kkenekkepen

nooki @nooki.me · 23h

(1/4) I'm soft launching nooki.me to get some early traction and feedback on what to improve. Excited to see how this platform grows!

60 120 670

Reposted by 3kkenekkepen

Joaquim Homrighausen @joho68.bsky.social · 9h

"Microsoft Azure Faces Global Outage Impacting Services Worldwide"

cyberpress.org/microsoft-az...

#microsoft #azure #cybersec #cybersecurity #infosec #itsec

Microsoft Azure Faces Global Outage Impacting Services Worldwide

The incident, which began at approximately 07:40 UTC, was traced to a major capacity loss within Azure Front Door (AFD), the company’s cloud-native Content Delivery Network (CDN).

cyberpress.org

3 3

Reposted by 3kkenekkepen

InfoSec @infosec.skyfleet.blue · 9h

7-Zip Vulnerabilities Allows Remote Attackers to Execute Arbitrary Code

cybersecuritynews.com

1 5

Reposted by 3kkenekkepen

Jens Lange @kommunaler-notbetrieb.de · 17h

Die „Leitlinie für die Informationssicherheit in der öffentlichen Verwaltung“ aus dem Jahr 2018 wird derzeit von der AG InfoSic des IT-Planungsrats grundlegend überarbeitet. Das wurde auf der Jahrestagung der IT-Sicherheitsbeauftragten von Ländern und Kommunen bekannt. 🧵

#ITSicherheit #Kommunen

Screenshot eines Abschnitts aus der „Leitlinie für die Informationssicherheit in der öffentlichen Verwaltung 2018“ des IT-Planungsrates. Überschrift: „2 Geltungsbereich“. Der Text beschreibt die Zuständigkeit des IT-Planungsrats (IT-PLR) für die Vereinbarung gemeinsamer Mindestsicherheitsanforderungen zwischen Bund und Ländern sowie die Verantwortung für die Erarbeitung, Weiterentwicklung und Erfolgskontrolle der Informationssicherheitsleitlinie. Es wird betont, dass bei der Justiz die richterliche Unabhängigkeit zu wahren ist. Die Leitlinie gilt für Behörden und Einrichtungen der Verwaltungen des Bundes und der Länder. Für Kommunen, die Verwaltungen des Bundestages, der Landesparlamente und Rechnungshöfe wird die Anwendung der Leitlinie empfohlen. Der Satz „Den Kommunen … wird die Anwendung der Leitlinie für die Informationssicherheit empfohlen“ ist gelb markiert.

1 1 4

Reposted by 3kkenekkepen

vx-underground (automated mirror) @vxundergroundre.bsky.social · 17h

Dawg, I'm trying to fucking work and I've got notifications about the Salesforce compromise, the RedHat compromise, the Discord compromise, this fucking Asuraisjfjsjfiw botnet fucking DDoS shit going on

Threat Actors, will you CHILL THE FUCK OUT. God damn

1 3 20

Reposted by 3kkenekkepen

Neue Generation @neuegeneration.bsky.social · 17h

🤝 Heute haben wir bei der CDU einen Korruptionsversuch gestartet.

3 8

Reposted by 3kkenekkepen

Joseph Cox @josephcox.bsky.social · 19h

the discord hack is every user's worst nightmare www.404media.co/the-discord-...

6 66 170

3kkenekkepen @3kkenekkepen.bsky.social · 18h

Ooph. Big time.

Raphael Satter @raphae.li · 19h

Update on this.

@austinlarsen.me says the figure is likely 100+

www.reuters.com/sustainabili...

1 1

Reposted by 3kkenekkepen

Raphael Satter @raphae.li · 19h

Update on this.

@austinlarsen.me says the figure is likely 100+

www.reuters.com/sustainabili...

3 4

Reposted by 3kkenekkepen

RAV @rav-ev.bsky.social · 18h

Wir erinnern an den antisemitischen und rassistischen #Anschlag, der heute vor 6 Jahren in #Halle stattfand. Viele der Betroffenen wurden danach von den Behörden im Stich gelassen.
#KeinVergessen
#SayTheirNames

taz.de/6-Jahrestag-...

6. Jahrestag des Halle-Anschlags: „Deutschland hat uns im Stich gelassen“

Unsere Autorin überlebte vor sechs Jahren den rechten Terroranschlag in Halle. Die deutschen Behörden nähmen sie und andere Betroffene nicht ernst.

taz.de

29 76

Reposted by 3kkenekkepen

Falk Steiner @fsteiner.bsky.social · 18h

Debates about messenger security.

"Signal comes", a light on a touch button for a pedestrian crossing reads, "please touch"

1 2 20

Reposted by 3kkenekkepen

Glenn White @justicar.xyz · 21h

Who could have seen this coming except every single online security expert and privacy expert on the whole planet.

I really wish legislators would listen to people who know what the hell they're talking about.

404 Media @404media.co · 21h

BREAKING: A catastrophic breach has impacted Discord user data including selfies and identity documents uploaded as part of the app’s verification process, email addresses, phone numbers, approximately where the user lives, and much more.

🔗 www.404media.co/the-discord-...

The Discord Hack is Every Users’ Worst Nightmare

A hack impacting Discord’s age verification process shows in stark terms the risk of tech companies collecting users’ ID documents. Now the hackers are posting peoples’ IDs and other sensitive informa...

www.404media.co

1 31 93

Reposted by 3kkenekkepen

Catalin Cimpanu @campuscodi.risky.biz · 20h

PAN's Unit42 looks at IUAM ClickFix Generator, a new phishing kit designed around using ClickFix-based phishing pages.

unit42.paloaltonetworks.com/clickfix-gen...

2 5

Reposted by 3kkenekkepen

John Scott-Railton @jsrailton.bsky.social · 20h

NEW: cost to 'poison' an LLM and insert backdoors is relatively constant. Even as models grow.

Implication: security doesn't scale with LLMs.

Super interesting: Prior work had suggested that as model sizes grew, it would make them cost-prohibitive to poison. 1/
arxiv.org/pdf/2510.07192

1 23 58

3kkenekkepen @3kkenekkepen.bsky.social · 19h

You should try ROT52, then. That's the new version of ROT13 and it is quantum-AI-safe and enjoys zero (0) trust!

It really is the single pane*of glass to keep your data from snooping eyes.

*pain

Reposted by 3kkenekkepen

Tom Freeman @tomfreeman.bsky.social · 21h

The world's in a bad way, but now and then something goes right

Headline: "Man who appealed Pelicot rape conviction handed longer jail term"

9 47

Reposted by 3kkenekkepen

Iwer (No-Bullshit-Era) @iwer.bsky.social · 21h

Und womit? Mit Recht!

Gisèle Pelicot: Gericht erhöht Strafe für Vergewaltiger auf zehn Jahre

Ein Angeklagter im Missbrauchsfall Gisèle Pelicot wollte das ursprüngliche Urteil anfechten. Doch ein Gericht in Nîmes hat nun entschieden: Der Mann muss sogar länger ins Gefängnis.

www.spiegel.de

2 3

Reposted by 3kkenekkepen

Rachel Tobac @racheltobac.bsky.social · 21h

*My Latest CNN Zoom Call Deepfake Demo*
An eng org sent $25M to scammers who deepfaked the CFO in a live video call.
Are your colleagues, fam & friends ready to catch this AI attack?
I demo'd a live Zoom deepfake to CNN's Clare Duffy to help you spot the signs:
edition.cnn.com/2025/10/07/b...

How the latest deepfake scam can cheat companies out of millions | CNN Business

From CEOs to colleagues, deepfake technology can trick people into sending money, sharing passwords, or revealing sensitive information - all in seconds. CNN’s Clare Duffy met with ethical hacker and ...

edition.cnn.com

2 11 20