DARK LORD RYAN

🔐 Let’s Encrypt has made 6-day IP-based TLS certificates Generally Available Source: https://t.co/E7mTQb1UgL Let’s Encrypt, a key provider of free TLS certificates, has rolled out short-lived and IP address-based certificates for general use. These new options became available starting in early 2026, addressing long-standing issues in certificate security. Short-lived certificates last just 160 hours, about six and a half days, while IP-based ones tie directly to IP addresses instead of domain names. Users activate them by choosing the "short-lived" profile in their ACME client. #cybersecurityNews

Most people lock down passwords but forget what’s already public. 🧾 Home addresses and phone numbers are listed on data broker sites anyone can search. That visibility increases the risk of doxxing, scams, and real-world harassment. 🔗 How public data turns into a safety risk → https://t.co/OaEabSpDfM

🚨 AWS Console Supply Chain Attack Let Attackers Hijack AWS GitHub Repositories Source: https://t.co/bBdYltmGB8 A critical misconfiguration in AWS CodeBuild enabled unauthenticated attackers to seize control of key AWS-owned GitHub repositories, including the widely used AWS JavaScript SDK powering the AWS Console itself. The CodeBreach originated from unanchored regular expression patterns in CodeBuild webhook filters for the ACTOR_ID parameter, which should restrict builds to trusted GitHub user IDs. Without ^ and $ anchors, the filter matched any user ID containing an approved substring, allowing bypass via "eclipse" events where new, longer GitHub IDs incorporate older maintainer IDs. #cybersecuritynews

🇨🇳 A China-linked threat actor has targeted North American critical infrastructure. Tracked as UAT-8837, the group seeks initial access to high-value networks, then maps Active Directory and steals credentials using mostly open-source tools. Talos says a Sitecore zero-day was recently exploited to gain entry. 🔗 Read → https://t.co/QzgJyQg326

🚨 Fortinet fixed a CVSS 9.4 bug in FortiSIEM that allows unauthenticated code execution. The issue is in the phMonitor service on TCP port 7900. Crafted requests can trigger OS command injection, enabling file writes as admin and escalation to root via a scheduled task. 🔗 Details → https://t.co/e6sbJCXjie 🔐 Patch now. Restrict access to port 7900.

📊 New research across 4,700 websites finds 64% of third-party apps access sensitive data without business justification, up from 51% last year. The increase reflects governance gaps, not new exploits. Marketing scripts and tag managers account for much of the exposure. 🔗 Key findings and accountability breakdown → https://t.co/HCOymtENW8

🛑 Microsoft says it disrupted RedVDS, a crimeware-as-a-service platform tied to phishing and financial fraud. For $24/month, criminals rented disposable, no-log Windows RDP servers to run scams at scale. Microsoft links RedVDS activity to ~$40M in reported U.S. fraud losses since March 2025. 🔗 Details here → https://t.co/dxu1Cgpg0e