Tor Vigesdal
@dotbatman.com
Reposted by Tor Vigesdal
Cursor CEO Michael Truell warns that “vibe coding” advanced projects may create “shaky foundations” and eventually “things start to kind of crumble” fortune.com/2025/12/25/c...
December 26, 2025 at 4:10 PM
Cursor CEO Michael Truell warns that “vibe coding” advanced projects may create “shaky foundations” and eventually “things start to kind of crumble” fortune.com/2025/12/25/c...
Privacy bug bounty programs keep paying out, what will the fine be used for?
Italy fines Apple $116 million over App Store privacy policy issues #cybersecurity #hacking #news #infosec #security #technology #privacy
Italy fines Apple $116 million over App Store privacy policy issues
Italy's competition authority (AGCM) has fined Apple €98.6 million ($116 million) for using the App Tracking Transparency (ATT) privacy framework to abuse its dominant market position in mobile app advertising.
www.bleepingcomputer.com
December 23, 2025 at 2:51 PM
Privacy bug bounty programs keep paying out, what will the fine be used for?
Reposted by Tor Vigesdal
A Chrome extensions has been caught stealing prompts that users entered into AI chatbots
www.koi.ai/blog/urban-v...
www.koi.ai/blog/urban-v...
8 Million Users' AI Conversations Sold for Profit by
www.koi.ai
December 16, 2025 at 6:38 PM
A Chrome extensions has been caught stealing prompts that users entered into AI chatbots
www.koi.ai/blog/urban-v...
www.koi.ai/blog/urban-v...
Reposted by Tor Vigesdal
NEW: A flaw in the website of Hama Film, a photo booth maker with presence in Australia, UAE and the U.S., exposes pictures and videos of its customers.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Flaw in photo booth maker’s website exposes customers’ pictures | TechCrunch
Hama Film makes photo booths that upload pictures and videos online. But their backend systems have a simple flaw that allows anyone to download customer pictures.
techcrunch.com
December 12, 2025 at 3:41 PM
NEW: A flaw in the website of Hama Film, a photo booth maker with presence in Australia, UAE and the U.S., exposes pictures and videos of its customers.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Security researcher alerted the company last month, no answer. We reached out to the company a few times, no answer.
Reposted by Tor Vigesdal
New Windows RasMan zero-day flaw gets free, unofficial patches
www.bleepingcomputer.com/news/microso...
www.bleepingcomputer.com/news/microso...
New Windows RasMan zero-day flaw gets free, unofficial patches
Free unofficial patches are available for a new Windows zero-day vulnerability that allows attackers to crash the Remote Access Connection Manager (RasMan) service.
www.bleepingcomputer.com
December 13, 2025 at 12:09 PM
New Windows RasMan zero-day flaw gets free, unofficial patches
www.bleepingcomputer.com/news/microso...
www.bleepingcomputer.com/news/microso...
Reposted by Tor Vigesdal
When ever I think about how we are empowering #AI agents to do the the shopping for us it reminds me of this incredible mind reader from Belgium that wasn’t so incredibly after all. #Online #fraudsters just got a super weapon.
youtu.be/F7pYHN9iC9I
youtu.be/F7pYHN9iC9I
Amazing mind reader reveals his 'gift'
YouTube video by Duval Guillaume
youtu.be
December 10, 2025 at 11:25 AM
When ever I think about how we are empowering #AI agents to do the the shopping for us it reminds me of this incredible mind reader from Belgium that wasn’t so incredibly after all. #Online #fraudsters just got a super weapon.
youtu.be/F7pYHN9iC9I
youtu.be/F7pYHN9iC9I
Reposted by Tor Vigesdal
Has anybody put together a list of best practices for openness in government software beyond open licensing? Like public uptime tracking, a public backlog, and a public release history? I have a loose collection of these things in my head, but I bet somebody's done better work on this.
December 5, 2025 at 3:14 PM
Has anybody put together a list of best practices for openness in government software beyond open licensing? Like public uptime tracking, a public backlog, and a public release history? I have a loose collection of these things in my head, but I bet somebody's done better work on this.
Fear should never be the driving factor of your decisions.
December 5, 2025 at 4:32 PM
Fear should never be the driving factor of your decisions.
An unplanned, but necessary patch. What’s not to like? Thanks for moving quickly. There is always room to improve, but kudos for not freezing like a deer in headlights and getting run over by attackers.
Cloudflare blames today's outage on emergency React2Shell patch #cybersecurity #hacking #news #infosec #security #technology #privacy
Cloudflare blames today's outage on emergency React2Shell patch
Cloudflare has blamed today's outage on the emergency patching of a critical React remote code execution vulnerability, which is now actively exploited in attacks.
www.bleepingcomputer.com
December 5, 2025 at 4:29 PM
An unplanned, but necessary patch. What’s not to like? Thanks for moving quickly. There is always room to improve, but kudos for not freezing like a deer in headlights and getting run over by attackers.
Reposted by Tor Vigesdal
Please Donate to the Internet Archive. $25 helps.... a lot.
Useful to Journalists,
Useful to Students,
Useful to more than 2 million people a day.
Collections growing at 150TBytes/day
@internetarchive
archive.org/donate
www.cnn.com/2025/11/16/b...
Useful to Journalists,
Useful to Students,
Useful to more than 2 million people a day.
Collections growing at 150TBytes/day
@internetarchive
archive.org/donate
www.cnn.com/2025/11/16/b...
November 29, 2025 at 4:16 PM
Please Donate to the Internet Archive. $25 helps.... a lot.
Useful to Journalists,
Useful to Students,
Useful to more than 2 million people a day.
Collections growing at 150TBytes/day
@internetarchive
archive.org/donate
www.cnn.com/2025/11/16/b...
Useful to Journalists,
Useful to Students,
Useful to more than 2 million people a day.
Collections growing at 150TBytes/day
@internetarchive
archive.org/donate
www.cnn.com/2025/11/16/b...
Reposted by Tor Vigesdal
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison #cybersecurity #hacking #news #infosec #security #technology #privacy
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison
A 44-year-old man was sentenced to seven years and four months in prison for operating an "evil twin" WiFi network to steal the data of unsuspecting travelers at various airports across Australia.
www.bleepingcomputer.com
November 29, 2025 at 11:20 AM
Man behind in-flight Evil Twin WiFi attacks gets 7 years in prison #cybersecurity #hacking #news #infosec #security #technology #privacy
Reposted by Tor Vigesdal
The European Union Agency for Cybersecurity (ENISA) is now a Root in the CVE Program
https://www.cve.org/PartnerInformation/ListofPartners/partner/ENISA
https://www.cve.org/PartnerInformation/ListofPartners/partner/ENISA
November 20, 2025 at 6:08 PM
The European Union Agency for Cybersecurity (ENISA) is now a Root in the CVE Program
https://www.cve.org/PartnerInformation/ListofPartners/partner/ENISA
https://www.cve.org/PartnerInformation/ListofPartners/partner/ENISA
Reposted by Tor Vigesdal
Two weeks ago, there were weird reports online of explosions at KK Park, Myanmar's largest scam compound, and people fleeing the streets.
I thought some internal military groups were fighting for control, but it appears the junta is demolishing the park outright
www.irrawaddy.com/news/myanmar...
I thought some internal military groups were fighting for control, but it appears the junta is demolishing the park outright
www.irrawaddy.com/news/myanmar...
November 9, 2025 at 7:03 PM
Two weeks ago, there were weird reports online of explosions at KK Park, Myanmar's largest scam compound, and people fleeing the streets.
I thought some internal military groups were fighting for control, but it appears the junta is demolishing the park outright
www.irrawaddy.com/news/myanmar...
I thought some internal military groups were fighting for control, but it appears the junta is demolishing the park outright
www.irrawaddy.com/news/myanmar...
If you see this, post an album with a motor vehicle on it
November 8, 2025 at 11:41 AM
If you see this, post an album with a motor vehicle on it
Reposted by Tor Vigesdal
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own #cybersecurity #hacking #news #infosec #security #technology #privacy
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own
QNAP has fixed seven zero-day vulnerabilities that security researchers exploited to hack QNAP network-attached storage (NAS) devices during the Pwn2Own Ireland 2025 competition.
www.bleepingcomputer.com
November 8, 2025 at 6:40 AM
QNAP fixes seven NAS zero-day flaws exploited at Pwn2Own #cybersecurity #hacking #news #infosec #security #technology #privacy
Reposted by Tor Vigesdal
Ooooh, this is a useful tool! Click the link for a 4-page PDF that walks you through eight different points of security when handling help desk queries from users. Don't get fooled by imposters!
"Help Desk Identity Verification Checklist" by HYPR
cybersec.hypr.com/s/help-desk-...
"Help Desk Identity Verification Checklist" by HYPR
cybersec.hypr.com/s/help-desk-...
cybersec.hypr.com
November 4, 2025 at 3:15 PM
Ooooh, this is a useful tool! Click the link for a 4-page PDF that walks you through eight different points of security when handling help desk queries from users. Don't get fooled by imposters!
"Help Desk Identity Verification Checklist" by HYPR
cybersec.hypr.com/s/help-desk-...
"Help Desk Identity Verification Checklist" by HYPR
cybersec.hypr.com/s/help-desk-...
Really, Microsoft?
Microsoft are rolling out Gaming Copilot to Windows 11 PCs. Silently, enabled by default, screenshots enabled by default, model training enabled by default. doublepulsar.com/microsoft-bu...
Microsoft builds on Recall with Gaming Copilot — fails basic privacy tests
Gaming Copilot, rolling out now to Windows 11, adds a new attack surface to Windows.
doublepulsar.com
October 27, 2025 at 11:57 AM
Really, Microsoft?
Reposted by Tor Vigesdal
New 'CoPhish' technique wraps OAuth phishing in Microsoft Copilot #cybersecurity #hacking #news #infosec #security #technology #privacy
New CoPhish attack steals OAuth tokens via Copilot Studio agents
A new phishing technique dubbed 'CoPhish' weaponizes Microsoft Copilot Studio agents to deliver fraudulent OAuth consent requests via legitimate and trusted Microsoft domains.
www.bleepingcomputer.com
October 26, 2025 at 6:57 AM
New 'CoPhish' technique wraps OAuth phishing in Microsoft Copilot #cybersecurity #hacking #news #infosec #security #technology #privacy
Reposted by Tor Vigesdal
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
October 24, 2025 at 10:49 AM
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
Wow, lots of great work done here - and hopefully some #4Sale bugs squashed as well. 🤞
Day 2 of #Pwn2Own Ireland is in the books. So far, we've awarded $792,750 or 56 unique 0-days. Tomorrow could be even better with more Samsung, a Meta Quest entry and that big WhatsApp entry still lingering. Here's the current Master of Pwn leader board. See you tomorrow!
October 22, 2025 at 6:58 PM
Wow, lots of great work done here - and hopefully some #4Sale bugs squashed as well. 🤞
I’ll say it again, it’s not a stupid design - it’s more sinister than that. It’s subscriptions.
The AWS Outage Bricked People’s $2,700 Smartbeds #cybersecurity #hacking #news #infosec #security #technology #privacy www.404media.co/the-...
October 22, 2025 at 6:55 PM
I’ll say it again, it’s not a stupid design - it’s more sinister than that. It’s subscriptions.
Reposted by Tor Vigesdal
All results from Day One of #Pwn2Own Ireland 2025 can be found at www.zerodayinitiative.com/blog/2025/10... - This will be updated throughout the day with results. #P2OIreland
Zero Day Initiative — Pwn2Own Ireland 2025: Day One Results
Welcome to Day One of Pwn2Own Ireland 2025! We have 17 attempts today with some exciting research on display. We’ll be posting results here as we have them, and follow us on Twitter , Mastodon , and...
www.zerodayinitiative.com
October 21, 2025 at 9:28 AM
All results from Day One of #Pwn2Own Ireland 2025 can be found at www.zerodayinitiative.com/blog/2025/10... - This will be updated throughout the day with results. #P2OIreland
Reposted by Tor Vigesdal
This remains the funniest way to hear about an internet outage, though.
October 20, 2025 at 8:41 AM
This remains the funniest way to hear about an internet outage, though.
I am glad it needs to be activated through Settings. All bets are off on when that switch will flip…
Microsoft adds Copilot voice activation on Windows 11 PCs #cybersecurity #hacking #news #infosec #security #technology #privacy
Microsoft adds Copilot voice activation on Windows 11 PCs
Microsoft says Windows 11 users can now start a conversation with the AI-powered Copilot digital assistant by saying the "Hey Copilot" wake word.
www.bleepingcomputer.com
October 17, 2025 at 3:51 AM
I am glad it needs to be activated through Settings. All bets are off on when that switch will flip…