#bolhadev
@bolhadev.com
bot de tecnologia (use a hashtag #bolhadev)
Reposted by #bolhadev
Notícia da BleepingComputer
"Code beautifiers expose credentials from banks, govt, tech orgs" #bolhasec
"Code beautifiers expose credentials from banks, govt, tech orgs" #bolhasec
Code beautifiers expose credentials from banks, govt, tech orgs
Thousands of credentials, authentication keys, and configuration data impacting organizations in sensitive sectors have been sitting in publicly accessible JSON snippets submitted to the JSONFormatter...
www.bleepingcomputer.com
December 2, 2025 at 2:30 AM
Notícia da BleepingComputer
"Code beautifiers expose credentials from banks, govt, tech orgs" #bolhasec
"Code beautifiers expose credentials from banks, govt, tech orgs" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Malicious NuGet packages drop disruptive 'time bombs'" #bolhasec
"Malicious NuGet packages drop disruptive 'time bombs'" #bolhasec
Malicious NuGet packages drop disruptive 'time bombs'
Several malicious packages on NuGet have sabotage payloads scheduled to activate in 2027 and 2028, targeting database implementations and Siemens S7 industrial control devices.
www.bleepingcomputer.com
December 2, 2025 at 1:30 AM
Notícia da BleepingComputer
"Malicious NuGet packages drop disruptive 'time bombs'" #bolhasec
"Malicious NuGet packages drop disruptive 'time bombs'" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison" #bolhasec
"Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison" #bolhasec
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
A 44-year-old man was sentenced to seven years and four months in prison for operating an "evil twin" WiFi network to steal the data of unsuspecting travelers at various airports across Australia.
www.bleepingcomputer.com
December 2, 2025 at 12:30 AM
Notícia da BleepingComputer
"Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison" #bolhasec
"Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"OAuth Device Code Phishing: Azure vs. Google Compared" #bolhasec
"OAuth Device Code Phishing: Azure vs. Google Compared" #bolhasec
OAuth Device Code Phishing: Azure vs. Google Compared
Device code phishing abuses the OAuth device flow, and Google and Azure produce strikingly different attack surfaces. Register for Huntress Labs' Live Hack to learn about attack techniques, defensive ...
www.bleepingcomputer.com
December 1, 2025 at 11:30 PM
Notícia da BleepingComputer
"OAuth Device Code Phishing: Azure vs. Google Compared" #bolhasec
"OAuth Device Code Phishing: Azure vs. Google Compared" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Cyberattack Disrupts Check-In Systems at Major European Airports" #bolhasec
"Cyberattack Disrupts Check-In Systems at Major European Airports" #bolhasec
Cyberattack Disrupts Check-In Systems at Major European Airports
A cyberattack targeting check-in and boarding systems disrupted air traffic and caused delays at several of European airports on September 20, 2025.
www.securityweek.com
December 1, 2025 at 10:30 PM
Notícia da SecurityWeek
"Cyberattack Disrupts Check-In Systems at Major European Airports" #bolhasec
"Cyberattack Disrupts Check-In Systems at Major European Airports" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Popular Forge library gets fix for signature verification bypass flaw" #bolhasec
"Popular Forge library gets fix for signature verification bypass flaw" #bolhasec
Popular Forge library gets fix for signature verification bypass flaw
A vulnerability in the 'node-forge' package, a popular JavaScript cryptography library, could be exploited to bypass signature verifications by crafting data that appears valid.
www.bleepingcomputer.com
December 1, 2025 at 9:30 PM
Notícia da BleepingComputer
"Popular Forge library gets fix for signature verification bypass flaw" #bolhasec
"Popular Forge library gets fix for signature verification bypass flaw" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Windows 11 Build 26220.7051 released with three features for Insiders" #bolhasec
"Windows 11 Build 26220.7051 released with three features for Insiders" #bolhasec
Windows 11 Build 26220.7051 released with “Ask Copilot” feature
Windows 11 Build 26220.7051 is now rolling out to testers in the Windows Insider Program, and there are at least three new features, including Ask Copilot in the taskbar.
www.bleepingcomputer.com
December 1, 2025 at 8:30 PM
Notícia da BleepingComputer
"Windows 11 Build 26220.7051 released with three features for Insiders" #bolhasec
"Windows 11 Build 26220.7051 released with three features for Insiders" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Canada says hacktivists breached water and energy facilities" #bolhasec
"Canada says hacktivists breached water and energy facilities" #bolhasec
Canada says hacktivists breached water and energy facilities
The Canadian Centre for Cyber Security warned today that hacktivists have breached critical infrastructure systems multiple times across the country, allowing them to modify industrial controls that c...
www.bleepingcomputer.com
December 1, 2025 at 7:30 PM
Notícia da BleepingComputer
"Canada says hacktivists breached water and energy facilities" #bolhasec
"Canada says hacktivists breached water and energy facilities" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack" #bolhasec
"640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack" #bolhasec
640 NPM Packages Infected in New 'Shai-Hulud' Supply Chain Attack
Approximately 640 NPM packages have been infected with a new variant of the Shai-Hulud self-replicating worm in a fresh wave of attacks.
www.securityweek.com
December 1, 2025 at 6:30 PM
Notícia da SecurityWeek
"640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack" #bolhasec
"640 NPM Packages Infected in New ‘Shai-Hulud’ Supply Chain Attack" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Fencing and Pet Company Jewett-Cameron Hit by Ransomware" #bolhasec
"Fencing and Pet Company Jewett-Cameron Hit by Ransomware" #bolhasec
Fencing and Pet Company Jewett-Cameron Hit by Ransomware
Jewett-Cameron Company was recently targeted in a cyberattack that resulted in disruption and the theft of sensitive information.
www.securityweek.com
December 1, 2025 at 5:30 PM
Notícia da SecurityWeek
"Fencing and Pet Company Jewett-Cameron Hit by Ransomware" #bolhasec
"Fencing and Pet Company Jewett-Cameron Hit by Ransomware" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia" #bolhasec
"In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia" #bolhasec
In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia
Everest group takes credit for Collins Aerospace hack, Maryland launches VDP, gamers targeted with red teaming tool and RAT.
www.securityweek.com
December 1, 2025 at 4:30 PM
Notícia da SecurityWeek
"In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia" #bolhasec
"In Other News: iOS 26 Deletes Spyware Evidence, Shadow Escape Attack, Cyber Exec Sold Secrets to Russia" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters" #bolhasec
"Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters" #bolhasec
Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters
An in-development build of the upcoming ShinySp1d3r ransomware-as-a-service platform has surfaced, offering a preview of the upcoming extortion operation.
www.bleepingcomputer.com
December 1, 2025 at 3:30 PM
Notícia da BleepingComputer
"Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters" #bolhasec
"Meet ShinySp1d3r: New Ransomware-as-a-Service created by ShinyHunters" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"American Airlines Subsidiary Envoy Air Hit by Oracle Hack" #bolhasec
"American Airlines Subsidiary Envoy Air Hit by Oracle Hack" #bolhasec
American Airlines Subsidiary Envoy Air Hit by Oracle Hack
American Airlines subsidiary Envoy Air has confirmed being impacted by the recent Oracle’s E-Business Suite (EBS) hack.
www.securityweek.com
December 1, 2025 at 2:30 PM
Notícia da SecurityWeek
"American Airlines Subsidiary Envoy Air Hit by Oracle Hack" #bolhasec
"American Airlines Subsidiary Envoy Air Hit by Oracle Hack" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Synnovis notifies of data breach after 2024 ransomware attack" #bolhasec
"Synnovis notifies of data breach after 2024 ransomware attack" #bolhasec
Synnovis notifies of data breach after 2024 ransomware attack
Synnovis, a leading UK pathology services provider, is notifying healthcare providers that a data breach occurred following a ransomware attack in June 2024, which resulted in the theft of some patien...
www.bleepingcomputer.com
December 1, 2025 at 1:30 PM
Notícia da BleepingComputer
"Synnovis notifies of data breach after 2024 ransomware attack" #bolhasec
"Synnovis notifies of data breach after 2024 ransomware attack" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion" #bolhasec
"Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion" #bolhasec
Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion
Mitsubishi Electric will acquire Nozomi Networks in a deal that values the industrial cybersecurity firm at nearly $1 billion.
www.securityweek.com
December 1, 2025 at 12:30 PM
Notícia da SecurityWeek
"Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion" #bolhasec
"Mitsubishi Electric to Acquire Nozomi Networks for Nearly $1 Billion" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Mozilla Firefox gets new anti-fingerprinting defenses" #bolhasec
"Mozilla Firefox gets new anti-fingerprinting defenses" #bolhasec
Mozilla Firefox gets new anti-fingerprinting defenses
Mozilla announced a major privacy upgrade in Firefox 145 that reduces even more the number of users vulnerable to digital fingerprinting.
www.bleepingcomputer.com
December 1, 2025 at 11:30 AM
Notícia da BleepingComputer
"Mozilla Firefox gets new anti-fingerprinting defenses" #bolhasec
"Mozilla Firefox gets new anti-fingerprinting defenses" #bolhasec
Reposted by #bolhadev
Ja se imaginou em trabalhar em um dos maiores ecommerces do planeta? Gravamos com o time da #Amazon que compartilhou com a gente as dicas do processo seletivo, cultura e como funciona o trabalho na Amazon. Clique no link abaixo para escutar.
#podcast #bolhadev
open.spotify.com/episode/4IIM...
#podcast #bolhadev
open.spotify.com/episode/4IIM...
#179 Dentro da Amazon: tecnologia, cultura e processo seletivo
open.spotify.com
December 1, 2025 at 8:58 AM
Reposted by #bolhadev
Ja se imaginou em trabalhar em um dos maiores ecommerces do planeta? Gravamos com o time da #Amazon que compartilhou com a gente as dicas do processo seletivo, cultura e como funciona o trabalho na Amazon. Clique no link abaixo para escutar.
#podcast #bolhadev
open.spotify.com/episode/4IIM...
#podcast #bolhadev
open.spotify.com/episode/4IIM...
#179 Dentro da Amazon: tecnologia, cultura e processo seletivo
open.spotify.com
December 1, 2025 at 8:57 AM
Ja se imaginou em trabalhar em um dos maiores ecommerces do planeta? Gravamos com o time da #Amazon que compartilhou com a gente as dicas do processo seletivo, cultura e como funciona o trabalho na Amazon. Clique no link abaixo para escutar.
#podcast #bolhadev
open.spotify.com/episode/4IIM...
#podcast #bolhadev
open.spotify.com/episode/4IIM...
Reposted by #bolhadev
#bolhadev Moçada, já pensaram em cursar mestrado em Portugal, trabalhar para empresas no Brasil e na Europa e ser Data Engineer no Nubank, um dos bancos mais importantes do Brasil? Assistam a entrevista e conheçam a história do Eric Cunha. youtu.be/XlXbYzUAjk8
E-128-Eric Cunha-Data Engineer @ Nubank
YouTube video by OsProgramadores
youtu.be
December 1, 2025 at 4:50 AM
#bolhadev Moçada, já pensaram em cursar mestrado em Portugal, trabalhar para empresas no Brasil e na Europa e ser Data Engineer no Nubank, um dos bancos mais importantes do Brasil? Assistam a entrevista e conheçam a história do Eric Cunha. youtu.be/XlXbYzUAjk8
Reposted by #bolhadev
Notícia da BleepingComputer
"ASUS warns of critical auth bypass flaw in DSL series routers" #bolhasec
"ASUS warns of critical auth bypass flaw in DSL series routers" #bolhasec
ASUS warns of critical auth bypass flaw in DSL series routers
ASUS has released new firmware to patch a critical authentication bypass security flaw impacting several DSL series router models.
www.bleepingcomputer.com
December 1, 2025 at 2:30 AM
Notícia da BleepingComputer
"ASUS warns of critical auth bypass flaw in DSL series routers" #bolhasec
"ASUS warns of critical auth bypass flaw in DSL series routers" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"Hackers Extorting Salesforce After Stealing Data From Dozens of Customers" #bolhasec
"Hackers Extorting Salesforce After Stealing Data From Dozens of Customers" #bolhasec
Hackers Extorting Salesforce After Stealing Data From Dozens of Customers
Scattered LAPSUS$ Hunters is now using the data stolen from dozens of Salesforce customers' instances to extort Salesforce itself.
www.securityweek.com
December 1, 2025 at 1:30 AM
Notícia da SecurityWeek
"Hackers Extorting Salesforce After Stealing Data From Dozens of Customers" #bolhasec
"Hackers Extorting Salesforce After Stealing Data From Dozens of Customers" #bolhasec
Reposted by #bolhadev
Faz sentido: as ferramentas de IA seriam viciantes, como um jogo, pois a recompensa é variável. "Se eu tentar mais uma vez, a IA vai me responder o que eu preciso." Para a geração de código, acho que funciona muito assim. #bolhadev
I'm shocked at the journalists who have NO IDEA the claims of automation with chatbots are dubious and that evidence shows that even when programmers think they're more efficient, evidence shows they're not they just think they are because chatbots are habit forming.
pivot-to-ai.com/2025/06/05/g...
pivot-to-ai.com/2025/06/05/g...
Generative AI runs on gambling addiction — just one more prompt, bro!
You’ll have noticed how previously normal people start acting like addicts to their favourite generative AI and shout at you like you’re trying to take their cocaine away. Matthias Döpm…
pivot-to-ai.com
December 1, 2025 at 12:48 AM
Faz sentido: as ferramentas de IA seriam viciantes, como um jogo, pois a recompensa é variável. "Se eu tentar mais uma vez, a IA vai me responder o que eu preciso." Para a geração de código, acho que funciona muito assim. #bolhadev
Reposted by #bolhadev
Notícia da BleepingComputer
"'Scattered Spider' teens plead not guilty to UK transport hack" #bolhasec
"'Scattered Spider' teens plead not guilty to UK transport hack" #bolhasec
'Scattered Spider' teens plead not guilty to UK transport hack
Two British teenagers have denied charges related to an investigation into the breach of Transport for London (TfL) in August 2024, which caused millions of pounds in damage and exposed customer data.
www.bleepingcomputer.com
December 1, 2025 at 12:30 AM
Notícia da BleepingComputer
"'Scattered Spider' teens plead not guilty to UK transport hack" #bolhasec
"'Scattered Spider' teens plead not guilty to UK transport hack" #bolhasec
Reposted by #bolhadev
Notícia da SecurityWeek
"ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure" #bolhasec
"ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure" #bolhasec
ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure
Details disclosed for a ChatGPT vulnerability that may have exposed some of the AI chatbot’s underlying cloud infrastructure.
www.securityweek.com
November 30, 2025 at 10:30 PM
Notícia da SecurityWeek
"ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure" #bolhasec
"ChatGPT Vulnerability Exposed Underlying Cloud Infrastructure" #bolhasec
Reposted by #bolhadev
Notícia da BleepingComputer
"Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws" #bolhasec
"Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws" #bolhasec
Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws
Today is Microsoft's November 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited zero-day vulnerability.
www.bleepingcomputer.com
November 30, 2025 at 9:30 PM
Notícia da BleepingComputer
"Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws" #bolhasec
"Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws" #bolhasec