Happygeek
@happygeek.bsky.social
Veteran cybersecurity journalist and hacker, senior contributor at Forbes.com, contributing editor PC Pro.
Unmanaged passwords = shite.
New Slipknot song or sage security advice?
#infosec
www.techfinitive.com/latest-have-...
New Slipknot song or sage security advice?
#infosec
www.techfinitive.com/latest-have-...
Latest Have I Been Pwned update gives 1.3 billion new reasons to stop relying on passwords
I will readily admit that I sound like a broken record when it comes to the need to stop using magical thinking about passwords and account security. Relying upon a password to protect your data is li...
www.techfinitive.com
November 6, 2025 at 1:09 PM
Unmanaged passwords = shite.
New Slipknot song or sage security advice?
#infosec
www.techfinitive.com/latest-have-...
New Slipknot song or sage security advice?
#infosec
www.techfinitive.com/latest-have-...
Nice job by X of confusing pretty much every fecker with this one. You'd have thought a communication platform would be able to communicate things better first time around.
#infosec #twitter #x
#socialmedia #technology #news
www.forbes.com/sites/daveyw...
#infosec #twitter #x
#socialmedia #technology #news
www.forbes.com/sites/daveyw...
X Issues November 10 ‘Account Will Be Locked’ Twitter Security Warning
Elon Musk’s X has confirmed accounts will be locked on November 10 if this Twitter security setting isn’t updated. What you need to know.
www.forbes.com
October 26, 2025 at 12:55 PM
Nice job by X of confusing pretty much every fecker with this one. You'd have thought a communication platform would be able to communicate things better first time around.
#infosec #twitter #x
#socialmedia #technology #news
www.forbes.com/sites/daveyw...
#infosec #twitter #x
#socialmedia #technology #news
www.forbes.com/sites/daveyw...
So, what is actually happening with regard to the WhatsApp zero-day that wasn't? Or was it?
#infosec #WhatsApp #hack #technology #news
www.forbes.com/sites/daveyw...
#infosec #WhatsApp #hack #technology #news
www.forbes.com/sites/daveyw...
The WhatsApp $1 Million Hack Mystery — What You Need To Know
Has WhatsApp been hacked with a $1 million zero-click zero-day exploit? Here’s everything we know so far.
www.forbes.com
October 24, 2025 at 10:08 AM
So, what is actually happening with regard to the WhatsApp zero-day that wasn't? Or was it?
#infosec #WhatsApp #hack #technology #news
www.forbes.com/sites/daveyw...
#infosec #WhatsApp #hack #technology #news
www.forbes.com/sites/daveyw...
This article @forbes.com has now been updated with an interesting counterpoint from @paulwalsh.bsky.social.
#Infosec
www.forbes.com/sites/daveyw...
#Infosec
www.forbes.com/sites/daveyw...
Password Hack Warning As New Threat Jumps From Your Laptop To Phone
As if by magic, this password hack jumps from your laptop to your smartphone — but it's you who waves the wand.
www.forbes.com
July 22, 2025 at 12:47 PM
This article @forbes.com has now been updated with an interesting counterpoint from @paulwalsh.bsky.social.
#Infosec
www.forbes.com/sites/daveyw...
#Infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Happy Monday security teams. It never rains but it comes thundering down with voluminous claps of thunder.
CrushFTP zero-day confirmed.
#infosec
www.forbes.com/sites/daveyw...
CrushFTP zero-day confirmed.
#infosec
www.forbes.com/sites/daveyw...
Critical Zero-Day Exposes FTP Servers To Attack
With Microsoft SharePoint servers still under attack, now comes the news that FTP servers have been hit by another critical zero-day exploit.
www.forbes.com
July 21, 2025 at 1:28 PM
By me @forbes.com: Happy Monday security teams. It never rains but it comes thundering down with voluminous claps of thunder.
CrushFTP zero-day confirmed.
#infosec
www.forbes.com/sites/daveyw...
CrushFTP zero-day confirmed.
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Global hack attack underway against SharePoint Server, no patch available and mitigations include pulling the internet plug.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Microsoft Confirms Ongoing Mass SharePoint Attack — No Patch Available
Microsoft has confirmed that SharePoint Server is under mass attack and no patch is yet available — here’s what you need to know and how to mitigate the threat.
www.forbes.com
July 20, 2025 at 10:58 AM
By me @forbes.com: Global hack attack underway against SharePoint Server, no patch available and mitigations include pulling the internet plug.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Cloaking-as-a-Service, the "you can't see me" threat you can't, erm, see, unless you can.
#kudos @slashnext
#infosec
www.forbes.com/sites/daveyw...
#kudos @slashnext
#infosec
www.forbes.com/sites/daveyw...
Web Browser AI Hack Attacks Confirmed — What You Need To Know
Your web browser is hiding these hack attacks — what you need to know about the AI cloaking-as-a-service threat.
www.forbes.com
July 17, 2025 at 12:01 PM
By me @forbes.com: Cloaking-as-a-Service, the "you can't see me" threat you can't, erm, see, unless you can.
#kudos @slashnext
#infosec
www.forbes.com/sites/daveyw...
#kudos @slashnext
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Here we go again, Microsoft weakening trust in security updates. Sure, emoji search isn't exactly essential, but it is part of a slippery slope. The cumulative effect is a bad thing - yay or nay, dear readers?
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Microsoft Security Update Breaks Windows 10 Search Feature
The latest Microsoft Patch Tuesday security updates have done the opposite and broken yet another Windows feature. Here’s what you need to know.
www.forbes.com
July 14, 2025 at 11:47 AM
By me @forbes.com: Here we go again, Microsoft weakening trust in security updates. Sure, emoji search isn't exactly essential, but it is part of a slippery slope. The cumulative effect is a bad thing - yay or nay, dear readers?
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: AI in a hoodie. Pew Pew. Or maybe not...
#kudos Forescout and Michele Campobasso for the excellent research and analysis.
#infosec
www.forbes.com/sites/daveyw...
#kudos Forescout and Michele Campobasso for the excellent research and analysis.
#infosec
www.forbes.com/sites/daveyw...
From Vibe Coding To Vibe Hacking — AI In A Hoodie
Vibe coding is a phenomenon, and cyberattacks are fast-evolving thanks to AI. Is vibe hacking the next big thing in cyber?
www.forbes.com
July 13, 2025 at 12:12 PM
By me @forbes.com: AI in a hoodie. Pew Pew. Or maybe not...
#kudos Forescout and Michele Campobasso for the excellent research and analysis.
#infosec
www.forbes.com/sites/daveyw...
#kudos Forescout and Michele Campobasso for the excellent research and analysis.
#infosec
www.forbes.com/sites/daveyw...
Happy #Sunday security sleuths. By me @forbes.com: does anyone actually check Microsoft updates before pushing them out anymore? Serious question - with apologies to my Microsoft buddies.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Microsoft Confirms Windows 11 Update Causes Security Firewall Error
Another Windows update, another problem caused by an update — what you need to know as users report Windows Firewall error.
www.forbes.com
July 6, 2025 at 10:35 AM
Happy #Sunday security sleuths. By me @forbes.com: does anyone actually check Microsoft updates before pushing them out anymore? Serious question - with apologies to my Microsoft buddies.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Amazon Prime Day 2025 is fast approaching. Last year cybercriminals went into overdrive, with attacks up 80%.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Amazon Issues Security Warning As Prime Account Hacks Mount
As Prime Day 2025 is confirmed — Amazon warns of account hack attacks.
www.forbes.com
June 19, 2025 at 9:17 AM
By me @forbes.com: Amazon Prime Day 2025 is fast approaching. Last year cybercriminals went into overdrive, with attacks up 80%.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Another day, another Google Chrome security update.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Google Chrome Warning — Windows, Android, Mac And Linux Users Act Now
Don’t wait — all users should update Google Chrome now.
www.forbes.com
June 19, 2025 at 7:47 AM
By me @forbes.com: Another day, another Google Chrome security update.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: The GOAT of all credentials leaks, all new data (with the exception of 184 million records from May) the researchers say. #kudos @j4vv4d.com for advice.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
16 Billion Apple, Facebook And Google Passwords Leaked — Change Yours Now
Change all your account passwords now — don’t wait: 16 billion credentials are confirmed as having been leaked.
www.forbes.com
June 18, 2025 at 1:47 PM
By me @forbes.com: The GOAT of all credentials leaks, all new data (with the exception of 184 million records from May) the researchers say. #kudos @j4vv4d.com for advice.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: The truth is out there, but the XFiles attackers aren't the ones telling it.
#InfoSec
www.forbes.com/sites/daveyw...
#InfoSec
www.forbes.com/sites/daveyw...
Your Passwords Are At Risk — New Windows XFiles Attack Confirmed
This new password-stealing attack targets Windows users — here’s what you need to know about the XFiles threat.
www.forbes.com
June 17, 2025 at 1:05 PM
By me @forbes.com: The truth is out there, but the XFiles attackers aren't the ones telling it.
#InfoSec
www.forbes.com/sites/daveyw...
#InfoSec
www.forbes.com/sites/daveyw...
By me @forbes.com: You have patched CVE-2025-33073 already, right? Riiiight? #kudos @Synacktiv
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Update Windows Now — Microsoft Confirms System Takeover Danger
Microsoft has issued a warning that Windows hackers could gain system privileges using this authentication relay attack — an update is available; apply now.
www.forbes.com
June 16, 2025 at 1:04 PM
By me @forbes.com: You have patched CVE-2025-33073 already, right? Riiiight? #kudos @Synacktiv
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: New Ransomware-as-a-Service group adds nasty file wiper to the payment leverage threat arsenal.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
This New Ransomware Can Irrevocably Destroy Your Files — Backup Now
Be warned, this ransomware threat can permanently erase your files — act now.
www.forbes.com
June 16, 2025 at 10:43 AM
By me @forbes.com: New Ransomware-as-a-Service group adds nasty file wiper to the payment leverage threat arsenal.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me at @forbes.com: Another "not a silver bullet" piece of advice, but still a valuable weapon for ordinary users and one that far too many either don't know about or don't realize is so easy to use.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Use These Secret Gmail Addresses To Prevent Hack Attacks — Here’s How
Your Gmail account is at risk — use these secret email addresses now.
www.forbes.com
June 15, 2025 at 1:37 PM
By me at @forbes.com: Another "not a silver bullet" piece of advice, but still a valuable weapon for ordinary users and one that far too many either don't know about or don't realize is so easy to use.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: I don't have a reputation for being pro-Google, or pro any tech vendor, truth be told, but praise where praise is due: I think this is a good (if not perfect) move. Every little helps.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Critical Google Messages Security Update For 1 Billion Users Confirmed
This update is a Google Messages game-changer — what to know.
www.forbes.com
June 15, 2025 at 10:42 AM
By me @forbes.com: I don't have a reputation for being pro-Google, or pro any tech vendor, truth be told, but praise where praise is due: I think this is a good (if not perfect) move. Every little helps.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Don't follow the Spice Girls for cybersecurity advice as "2 become 1" is all wrong, at least as far as Outlook 2-click encryption is concerned.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Microsoft Confirms Security Pause For Outlook Email Encryption
Microsoft is about to change how Outlook encryption works — here’s what you need to know.
www.forbes.com
June 14, 2025 at 12:00 PM
By me @forbes.com: Don't follow the Spice Girls for cybersecurity advice as "2 become 1" is all wrong, at least as far as Outlook 2-click encryption is concerned.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Don't listen to Cat Stevens/Yusuf Islam for cybersecurity advice, "it's not time to make a change" is wrong. Listen to Google, at least on this occasion.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Change Your Gmail Password Now, Google Tells 2 Billion Users
Google says change your Gmail password as attacks continue — don't wait, act now.
www.forbes.com
June 14, 2025 at 9:27 AM
By me @forbes.com: Don't listen to Cat Stevens/Yusuf Islam for cybersecurity advice, "it's not time to make a change" is wrong. Listen to Google, at least on this occasion.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Clever researcher + airgapped system + smartwatch = big trouble for your most confidential data. #kudos Mordechai Guri.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
How Hackers Use A Smartwatch To Steal Highly Confidential Data
The newly revealed SmartAttack cyberattack can steal highly sensitive data from the most secure systems using a smartwatch. Here’s what you need to know.
www.forbes.com
June 13, 2025 at 2:54 PM
By me @forbes.com: Clever researcher + airgapped system + smartwatch = big trouble for your most confidential data. #kudos Mordechai Guri.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me @forbes.com: Use Microsoft Entra ID? Watch out, watch out, there's a password-spraying bastard about.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
Microsoft Users Warned Of Ongoing Password Spraying Attack — Act Now
Ongoing SneakyStrike password spraying attack confirmed with tens of thousands of Microsoft accounts already being targeted.
www.forbes.com
June 13, 2025 at 2:49 PM
By me @forbes.com: Use Microsoft Entra ID? Watch out, watch out, there's a password-spraying bastard about.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
By me at TechFinitive: EchoLeak might be a world first, but it ain't gonna be the last AI CVE.
#infosec
www.techfinitive.com/echoleak-zer...
#infosec
www.techfinitive.com/echoleak-zer...
EchoLeak zero-click vulnerability for Microsoft 365 Copilot AI is a world first - it won’t be the last
Find out why the EchoLeak zero-click vulnerability is a major concern and how it impacts organizations using Microsoft 365 Copilot.
www.techfinitive.com
June 12, 2025 at 10:25 AM
By me at TechFinitive: EchoLeak might be a world first, but it ain't gonna be the last AI CVE.
#infosec
www.techfinitive.com/echoleak-zer...
#infosec
www.techfinitive.com/echoleak-zer...
By me @forbes.com : Old macOS is under a password attack, ee aye ee aye oh of course it is.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...
New Apple Passwords Attack Confirmed — What You Need To Know
This new and ongoing Apple passwords attack has now been confirmed — here’s what you need to know about the AMOS threat.
www.forbes.com
June 8, 2025 at 1:59 PM
By me @forbes.com : Old macOS is under a password attack, ee aye ee aye oh of course it is.
#infosec
www.forbes.com/sites/daveyw...
#infosec
www.forbes.com/sites/daveyw...