Lorenzo Ordóñez
@lordman1982.bsky.social
Hago cosas con cosas. Padre. Mi única zona de confort es mi familia.
I do stuff with stuff. Father. My only comfort zone is my family.
I do stuff with stuff. Father. My only comfort zone is my family.
Portugal updates cybercrime law to exempt security researchers
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Portugal updates cybercrime law to exempt security researchers
Portugal has modified its cybercrime law to establish a legal safe harbor for good-faith security research and to make hacking non-punishable under certain strict conditions.
www.bleepingcomputer.com
December 13, 2025 at 12:00 PM
Portugal updates cybercrime law to exempt security researchers
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
MCP servers emerge as new supply chain risk as real attacks accelerate
www.scworld.com/feature/mcp-...
www.scworld.com/feature/mcp-...
MCP servers emerge as new supply chain risk as real attacks accelerate
Recent MCP breaches show how privileged servers enable data theft, stressing need for strict controls.
www.scworld.com
December 13, 2025 at 9:00 AM
MCP servers emerge as new supply chain risk as real attacks accelerate
www.scworld.com/feature/mcp-...
www.scworld.com/feature/mcp-...
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
therecord.media/fincen-treas...
therecord.media/fincen-treas...
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
The Financial Crimes Enforcement Network (FinCEN) released a study covering 4,194 ransomware incidents that were reported through the Bank Secrecy Act over the three-year period.
therecord.media
December 12, 2025 at 9:01 PM
More than $2 billion in payments from 4,000 ransomware incidents reported to Treasury in recent years
therecord.media/fincen-treas...
therecord.media/fincen-treas...
CVE-2025-55182 (React2Shell) Opportunistic Exploitation In The Wild: What The GreyNoise Observation Grid Is Seeing So Far
www.greynoise.io/blog/cve-202...
www.greynoise.io/blog/cve-202...
CVE-2025-55182 (React2Shell) Opportunistic Exploitation In The Wild: What The GreyNoise Observation Grid Is Seeing So Far
GreyNoise is already seeing opportunistic, largely automated exploitation attempts consistent with the newly disclosed React Server Components (RSC) “Flight” protocol RCE—often referred to publicly…
www.greynoise.io
December 12, 2025 at 4:00 PM
CVE-2025-55182 (React2Shell) Opportunistic Exploitation In The Wild: What The GreyNoise Observation Grid Is Seeing So Far
www.greynoise.io/blog/cve-202...
www.greynoise.io/blog/cve-202...
Reposted by Lorenzo Ordóñez
Australia se convierte en el primer país en prohibir las redes sociales a menores de 16 años dozz.es/3pqip4
Australia se convierte en el primer país en prohibir las redes sociales a menores de 16 años
dozz.es
December 9, 2025 at 9:29 PM
Australia se convierte en el primer país en prohibir las redes sociales a menores de 16 años dozz.es/3pqip4
CISA issues joint guidance on secure use of AI in OT systems
www.scworld.com/news/cisa-is...
www.scworld.com/news/cisa-is...
CISA issues joint guidance on secure use of AI in OT systems
The document outlines four key principles to follow when considering AI use in OT.
www.scworld.com
December 9, 2025 at 9:00 AM
CISA issues joint guidance on secure use of AI in OT systems
www.scworld.com/news/cisa-is...
www.scworld.com/news/cisa-is...
Reposted by Lorenzo Ordóñez
Microsoft fixes Windows shortcut flaw exploited for years
www.theregister.com/2025/12/04/m...
www.theregister.com/2025/12/04/m...
Microsoft fixes Windows shortcut flaw exploited for years
: Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files
www.theregister.com
December 8, 2025 at 9:00 PM
Microsoft fixes Windows shortcut flaw exploited for years
www.theregister.com/2025/12/04/m...
www.theregister.com/2025/12/04/m...
React2Shell (CVE-2025-55182): Critical React Vulnerability | Wiz Blog
www.wiz.io/blog/critica...
www.wiz.io/blog/critica...
React2Shell (CVE-2025-55182): Critical React Vulnerability | Wiz Blog
React2Shell (CVE-2025-55182) is a critical RCE vulnerability in React Server Components. Learn which versions are impacted and how to mitigate.
www.wiz.io
December 8, 2025 at 4:00 PM
React2Shell (CVE-2025-55182): Critical React Vulnerability | Wiz Blog
www.wiz.io/blog/critica...
www.wiz.io/blog/critica...
Reposted by Lorenzo Ordóñez
Es que totalmente. Miedo a la IA de qué. Lo que hay es rechazo a neoliberpollas, vendehumos, holdeamierdas, y demás caterva de catetos de pacotilla moviendo estafas piramidales e inflando una burbuja que nos va a joder vivos a todos.
December 8, 2025 at 2:14 PM
Es que totalmente. Miedo a la IA de qué. Lo que hay es rechazo a neoliberpollas, vendehumos, holdeamierdas, y demás caterva de catetos de pacotilla moviendo estafas piramidales e inflando una burbuja que nos va a joder vivos a todos.
Reposted by Lorenzo Ordóñez
Reposted by Lorenzo Ordóñez
He recuperado esta maravilla de meme 🤣
December 7, 2025 at 11:45 PM
He recuperado esta maravilla de meme 🤣
Reposted by Lorenzo Ordóñez
Picard management tip: If you only play to your strengths you may look competent but ultimately you will stagnate. Play to your weaknesses as well. Improve with practice. There is so much more to learn.
December 7, 2025 at 3:04 PM
Picard management tip: If you only play to your strengths you may look competent but ultimately you will stagnate. Play to your weaknesses as well. Improve with practice. There is so much more to learn.
Reposted by Lorenzo Ordóñez
![@hotjamz (@hotjamz)
he's makin a list
it's kept in plain text
an elf just got phished
you know what is next
santa claus has leaked 2.2 billion user's [sic]
names, addresses, naughty/nice statuses,
and the times they are asleep in their homes](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:4djfp3b27soxcfkxhirydi6d/bafkreidpjnj7lmsl3rzlntcybnm3lbxtwf46gt224msd6vt3npbcrmey4m@jpeg)
Reposted by Lorenzo Ordóñez
Reposted by Lorenzo Ordóñez
Así es como se comunica que España no participará en Eurovision. Bravo RTVE. Bravo Silvia Intxaurrondo. Una vez más.
December 6, 2025 at 11:18 AM
Así es como se comunica que España no participará en Eurovision. Bravo RTVE. Bravo Silvia Intxaurrondo. Una vez más.
Is Your Android TV Streaming Box Part of a Botnet? – Krebs on Security
krebsonsecurity.com/2025/11/is-y...
krebsonsecurity.com/2025/11/is-y...
Is Your Android TV Streaming Box Part of a Botnet?
On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming…
krebsonsecurity.com
December 5, 2025 at 9:01 PM
Is Your Android TV Streaming Box Part of a Botnet? – Krebs on Security
krebsonsecurity.com/2025/11/is-y...
krebsonsecurity.com/2025/11/is-y...
Critical Vulnerabilities in FluentBit Expose Cloud Environments to Remote Takeover
www.oligo.security/blog/critica...
www.oligo.security/blog/critica...
Critical Vulnerabilities in FluentBit | Oligo Security
A new chain of 5 critical vulnerabilities within Fluent Bit allows attackers to compromise cloud infrastructure
www.oligo.security
December 5, 2025 at 4:02 PM
Critical Vulnerabilities in FluentBit Expose Cloud Environments to Remote Takeover
www.oligo.security/blog/critica...
www.oligo.security/blog/critica...
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
thehackernews.com/2025/12/mali...
thehackernews.com/2025/12/mali...
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
Malicious npm package mimics an ESLint plugin, embeds an AI-tricking prompt, and steals environment variables via a post-install script.
thehackernews.com
December 5, 2025 at 12:03 PM
Malicious npm Package Uses Hidden Prompt and Script to Evade AI Security Tools
thehackernews.com/2025/12/mali...
thehackernews.com/2025/12/mali...
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
thehackernews.com/2025/12/goog...
thehackernews.com/2025/12/goog...
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against…
thehackernews.com
December 5, 2025 at 9:33 AM
Google Patches 107 Android Flaws, Including Two Framework Bugs Exploited in the Wild
thehackernews.com/2025/12/goog...
thehackernews.com/2025/12/goog...
India demands smartphone makers install government app
www.theregister.com/2025/12/02/i...
www.theregister.com/2025/12/02/i...
India demands smartphone makers install government app
: 'Sanchar Saathi' shares data to help fight fraud and protect carrier security
www.theregister.com
December 4, 2025 at 9:02 PM
India demands smartphone makers install government app
www.theregister.com/2025/12/02/i...
www.theregister.com/2025/12/02/i...
Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
It's unfortunately no longer enough to force websites to check your government-issued ID before you can access certain content, because politicians have now discovered that people are using Virtual…
www.eff.org
December 4, 2025 at 4:01 PM
Lawmakers Want to Ban VPNs—And They Have No Idea What They're Doing
www.eff.org/deeplinks/20...
www.eff.org/deeplinks/20...
TaskHound: automatizando la detección de tareas programadas peligrosas en entornos Windows
www.hackplayers.com/2025/11/task...
www.hackplayers.com/2025/11/task...
TaskHound: automatizando la detección de tareas programadas peligrosas en entornos Windows
En seguridad ofensiva y defensiva hay piezas del sistema que, por pura costumbre, terminan olvidadas. Todos hablamos de servicios, privilegi...
www.hackplayers.com
December 4, 2025 at 12:01 PM
TaskHound: automatizando la detección de tareas programadas peligrosas en entornos Windows
www.hackplayers.com/2025/11/task...
www.hackplayers.com/2025/11/task...
Prompt Injection Through Poetry - Schneier on Security
www.schneier.com/blog/archive...
www.schneier.com/blog/archive...
Prompt Injection Through Poetry - Schneier on Security
In a new paper, “Adversarial Poetry as a Universal Single-Turn Jailbreak Mechanism in Large Language Models,” researchers found that turning LLM prompts into poetry resulted in jailbreaking the…
www.schneier.com
December 4, 2025 at 9:00 AM
Prompt Injection Through Poetry - Schneier on Security
www.schneier.com/blog/archive...
www.schneier.com/blog/archive...
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
thehackernews.com/2025/11/ms-t...
thehackernews.com/2025/11/ms-t...
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
Attackers exploit Teams guest access and unprotected external tenants to bypass Microsoft Defender safeguards
thehackernews.com
December 3, 2025 at 9:00 PM
MS Teams Guest Access Can Remove Defender Protection When Users Join External Tenants
thehackernews.com/2025/11/ms-t...
thehackernews.com/2025/11/ms-t...