Lightnews — Scholar-powered news

Adrian Sanabria @sawaba.bsky.social · 5h

Too many books, not enough hours in a day

Adrian Sanabria @sawaba.bsky.social · 5h

This is so cool! Respect for reading it yourself, it’s a ton of work!

2

Reposted by Adrian Sanabria

Tanya Janca | SheHacksPurple @shehackspurple.bsky.social · 5h

I released a new blog post: What it's Like to Record an Audiobook. There are photos, a video, and stories, just like always!

https://twp.ai/9PVhDM

1 1 4

Adrian Sanabria @sawaba.bsky.social · 15h

100% would buy this book

I wouldn’t read it though.

3 months later, I’d also buy the audiobook, and then I’d listen to that

Kevin Collier @kevincollier.bsky.social · 15h

I want an internet IP lawyer to flesh this out better than I could (and let me know if you know where one has), but I kinda can't get over how the IP industries steamrolled tech in the late 90s and early aughts and now tech is steamrolling the IP industries.

1 1

Reposted by Adrian Sanabria

Kevin Collier @kevincollier.bsky.social · 15h

I want an internet IP lawyer to flesh this out better than I could (and let me know if you know where one has), but I kinda can't get over how the IP industries steamrolled tech in the late 90s and early aughts and now tech is steamrolling the IP industries.

5 10 42

Reposted by Adrian Sanabria

Keith W. Dickinson @keithwdickinson.bsky.social · 20h

Today is a day when arts degrees are worthless, but the product of those degrees is so valuable it would kill an entire industry if they were made to pay for it.

The Verge @theverge.com · May 26

Nick Clegg says asking artists for use permission would ‘kill’ the AI industry

Paul McCartne, Elton John and others signed an open letter.

buff.ly

360 8.3K 22K

Reposted by Adrian Sanabria

Senator Ron Wyden @wyden.senate.gov · 3d

They’re using American tax dollars to fund infrastructure in Argentina because that’s where they’re all going to flee when we kick them out of office

Ryan Grim @ryangrim.bsky.social · 7d

After announcing a $20 billion bailout of Argentina, the White House now says it's pausing $18 billion in funding for NYC infrastructure projects

Russ Vought would love nothing more than to tear this country down to its studs

660 4.2K 14K

Adrian Sanabria @sawaba.bsky.social · 4d

For whomever needs to hear it

1. Bad Bunny is American
2. Rihanna is not
3. Shakira is not
47. Exactly 0 people complained about The Rolling Stones playing the half time show
48. The Who is not
49. U2 is not
50. Etc

5

Adrian Sanabria @sawaba.bsky.social · 5d

Prediction: 🌶️🌶️🌶️

runZero (Official Account) @runzero.com · 5d

📺 Live Webcast: Fixing a Broken System
📅 Oct 29 • 2PM ET

Legacy vuln mgmt leaves 25–40% of assets invisible. Join @ hdm.io, @todb.hugesuccess.org & @sawaba.bsky.social as they unpack blind spots, failed scans, & what’s next.

👉 www.scworld.com/cybercast/fi...

1

Reposted by Adrian Sanabria

runZero (Official Account) @runzero.com · 5d

📺 Live Webcast: Fixing a Broken System
📅 Oct 29 • 2PM ET

Legacy vuln mgmt leaves 25–40% of assets invisible. Join @ hdm.io, @todb.hugesuccess.org & @sawaba.bsky.social as they unpack blind spots, failed scans, & what’s next.

👉 www.scworld.com/cybercast/fi...

1 1

Adrian Sanabria @sawaba.bsky.social · 5d

Great quote! See you in Atlanta?

1 1

Reposted by Adrian Sanabria

J Wolfgang Goerlich @jwgoerlich.bsky.social · 5d

Thanks, #GrrCon.

3 1 16

Reposted by Adrian Sanabria

Zack Whittaker @zackwhittaker.com · 12d

ICYMI: A viral app called Neon, which pays you to record your phone calls so your audio can be used to train AI, has gone offline after I discovered a security lapse that allowed any user to access the phone numbers, call recordings, and call transcriptions of any other user.

Exclusive: Neon takes down app after exposing users' phone numbers, call recordings, and transcripts

Call recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user.

techcrunch.com

4 30 66

Reposted by Adrian Sanabria

Taggart @taggart-tech.com · 13d

I really can't stress enough how shoddy the programming in this space is. Everywhere you look, it's slapdash and insecure.

techcrunch.com/2025/09/25/v...

Exclusive: Neon takes down app after exposing users' phone numbers, call recordings, and transcripts

Call recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user.

techcrunch.com

1 1

Adrian Sanabria @sawaba.bsky.social · 13d

Live again today from #oktane 2025. We’ll be kicking off at 9:40am PST with the intro followed by a series of interviews with Mandy.

Then I’ll be doing Enterprise Security Weekly live, starting at 2:40pm PST!

https://www.youtube.com/live/K-JTuv9-1CI?si=IpM1VKqqgMGo8M-n

Adrian Sanabria @sawaba.bsky.social · 14d

Going live from #Oktane in 2 minutes

https://www.youtube.com/live/RfSEjWXNelk?si=ZhiNqnMms2otj3Df

1

Reposted by Adrian Sanabria

runZero (Official Account) @runzero.com · 14d

🎙️ @todb.hugesuccess.org joins @sawaba.bsky.social, Katie T., @jackiesinsecurity.bsky.social, Sean Metcalf + Ayman Elsawah on the ESW pod to chat:

💥 Vuln mgmt is ripe for disruption
⚠️ CVE checklists don’t stop breaches
🔑 Creds, misconfigs & EOL > “critical” CVEs

📺 www.runzero.com/resources/di...

1 5

Reposted by Adrian Sanabria

TProphet @tprophet.org · 15d

1/ Hi, I'm TProphet. I write the Telecom Informer for @2600.com. A lot of people have been asking me about www.nbcnews.com/politics/nat... given that I'm somewhat knowledgeable in the area.

Here's my take: I'm kind of astonished that this is public, and it isn't normal that it would ever be.

Secret Service agents dismantle network that could shut down New York cellphone system

Agents discovered electronic devices in five locations in and around the city that could be used to disable cellphone towers. The system could also be used for criminal activities.

www.nbcnews.com

10 180 370

Adrian Sanabria @sawaba.bsky.social · 18d

It's like he doesn't realize that traditional television is the least watched form of media.

Kimmel could have an audience 10x larger by launching a podcast or a YouTube channel in a few weeks.

9

Adrian Sanabria @sawaba.bsky.social · 18d

Remember that time Oracle forgot to include access control for virtual disks, and you could mount any disk image belonging to any other Oracle Cloud customer if you knew the disk id?

This thing Microsoft did is worse

dirkjanm.io/obtaining-gl...

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens

While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise ...

dirkjanm.io

5 5

Adrian Sanabria @sawaba.bsky.social · 21d

That makes a lot more sense - I couldn't imagine them being able to avoid having naming collisions.

Adrian Sanabria @sawaba.bsky.social · 21d

Put together a summary of all the NPM hijinks over the last 3 weeks, mostly to help myself get everything organized and straight in my head

defendersinitiative.substack.com/p/npm-anothe...

NPM: aNother Pummeling, Man

Supply chain attacks have been ramping up, but NPM has had a particularly bad time this past month - what can we learn from it?

defendersinitiative.substack.com

1

Adrian Sanabria @sawaba.bsky.social · 21d

I wonder if that agreement to normalize threat actor names is ever gonna happen

1

Adrian Sanabria @sawaba.bsky.social · 21d

And how is this the most positive thing in my timeline by a long stretch?

Adrian Sanabria @sawaba.bsky.social · 21d

Who is naming these things?

2