Olivia
Online
šŖ¶Chilcano
@Chilcano
Cheshire
Joined November 2009
770 Following
737 Followers
21K Posts
Ā Pinned Tweet
That's the harsh reality for those of us who work in cybersecurity. šŖ
> Assume exposed software is brittle.
> The stuff is broken. Plan accordingly.
š
A friend told me something in a beer garden in Germany about 12 years ago:
āFlorian, donāt overthink whether this specific service is exploitable. The stuff is broken. Plan accordingly.ā
He meant software.
Most software looks stable because it runs under normal conditions. Look closer and you find memory leaks, parser bugs, unhandled input, bad defaults, forgotten modules, weird edge cases.
Now we have better fuzzing, better automation, AI-assisted auditing, variant hunting, more exploit dev, more eyes on everything.
So yes, patching matters.
But in a world where every kind of internet-facing software keeps producing fresh RCEs, you also need the boring stuff:
1. Reduce the attack surface
- expose fewer services
- disable unused modules, plugins and features
- donāt publish admin interfaces unless they really need to be reachable
2. Limit the blast radius
- run services with least privilege
- isolate internet-facing systems
- avoid shared accounts and credentials
3. Build visibility and control
- collect useful logs
- monitor weird errors, crashes and āshould never happenā events
- keep enough data to investigate later
- run regular compromise assessments
Assume exposed software is brittle.
The stuff is broken. Plan accordingly.
Microsoft discovered that Anthropic's Claude Code GitHub Action is vulnerable to prompt injection attacks via issues and Pull Requests https://t.co/GELEiI6oWo
I saw the Gemma 4 announcement two days ago, found some time tonight. Built a small CLI around it.
Gemma 4 12B can describe images, and it's just an 8GB model you can self-host, which means you can wire it into small utility tools without paying for a vision API.
I used it to generate alt text & blog outlines from whiteboard photos
Works well enough to be useful :D
š¤©How we contain Claude across productsš¤©
https://t.co/uMbBITD64h
@AnthropicAI just published what may be the best practical security article I've read on securing AI assistants. Covers:
ā Prompt injection
ā User phishing
ā Data exfiltration
ā MCP/tool risks
ā Sandbox escapes
ā VM isolation
ā Agent permissions
ā Multi-agent trust issues
Who to follow
DurƔn & DurƔn Abogados
@DDuranabogados
Despacho de Abogados dirigido por Miguel DurĆ”n y Miguel Ćngel DurĆ”n.
Profesionales, Cercanos y Humanos Ā”Tu caso nos importa!
ConsĆŗltanos š² 900 83 30 20
Flor Estela RenterĆa Medina
@florrent
Coordinadora de Servicios Educativos RegiĆ³n Laguna del Estado de Coahuila.
Nebulaworks 
@nebulaworks
We build what others only architect. Production-first cloud, data, AI, & ML engineering for the enterprise. AWS Advanced Partner. Shipping since 2014.
Someone hid a self-replicating worm inside 37 npm packages.
Written in Rust.
Hidden behind an eBPF kernel rootkit.
Talking to its operator over Tor.
It steals 86 environment variables.
AWS keys. GCP keys. Vault secrets. Kubernetes tokens.
Your Anthropic API key. Your OpenAI key.
Your Exodus wallet seed phrase.
Then it uses your own npm credentials to republish itself into your packages.
So your code infects the next developer.
Who infects the next one.
The commits were backdated up to 13 years.
The commit author name was āclaude.ā
The malware named itself after the AI to hide in plain sight.
The attacker also left their own wallet recovery phrase in the debug data.
Nobody is having a good day.
Check your preinstall hooks.
Thatās why the human element is always considered the weakest link in cybersecurity.
Cybersecurity is a broken industry. We rely on products that were designed to be sold, not used. And the incentives are completely screwed up.
I made this video about all of the ways things are bad, how we accidentally make it worse, and why new technology won't fix it.
Every time a major company tells users to run "curl url | bash" to install thier tool, it irresponsibly normalizes a dangerous security anti-pattern.
You should be promoting secure behavior by default, not the other way round:
https://t.co/EckhRwdNko just got a major upgrade.
For anyone who doesn't know what Prechained is:
It's a free, open-source cryptographic archive of the software supply chain. Every package version we capture gets SHA-384 fingerprinted and permanently archived to GitHub ā before any attack is disclosed, before any takedown, before any security researcher publishes a finding.
The receipt already exists. That's the point.
What's new:
ā Real-time npm monitoring. New packages published to npm are monitored in real time, Not a curated list ā the entire feed.
ā Live Threat Feed. Automatic detection of fingerprint mutations, new install hooks, publisher changes, and size spikes. Every finding links to verifiable before/after receipts.
ā Incident Registry. Community-submitted and auto-detected incidents in one place. Submit a package. Get a cryptographic receipt.
ā 8 ecosystems. npm, PyPI, Cargo, RubyGems, NuGet, Maven, Packagist, GitHub.
Free. No login. No account. AGPL-3.0.
https://t.co/uSzJhhvPxM
#SupplyChainSecurity #npm #CyberSecurity #infosec #SoftwareSupplyChain #OpenSource #SBOM #DevSecOps #PackageSecurity #CyberThreats #CMMC #OSS
cc @OpenSSF @socketdotdev @SwiftOnSecurity @Ransom_DB
ā ļø New "IronWorm" supply-chain attack: 30+ npm packages from @ asteroiddao shipped a malicious Rust binary firing on preinstall.
It sweeps 86 env vars + 20 credential files (AWS, GCP, Vault, npm, plus AI keys like Anthropic & OpenAI), hits Exodus wallets, hides behind an eBPF rootkit, and beacons over Tor. Self-propagates via npm Trusted Publishing OIDC, with backdated commits faked as claude/dependabot/renovate.
This is fun: "nano is a lightweight SIEM in Rust on ClickHouse, with a piped query language, a real detection lifecycle, and AI that does actual investigation work." https://t.co/tTEbVxPGwt
A decoy fires only when someone accesses a resource no legitimate user would touch. Plant tripwires across network, identity, data, and AI agent configs to create asymmetry in your security architecture.
https://t.co/mqWcwtOVzG
We built four malicious skills to test whether skill scanners actually work. Three took less than an hour to conceive and implement. ClawHub, Cisco, and Vercel's https://t.co/nUlnRcQWyG marked them as safe. š§µ
OSV-Scanner ā Open Source Vulnerability Scanner by Google šš„
Find known vulnerabilities across:
ā
npm, Maven, PyPI, Go, Rust, PHP, Ruby, Java & more
ā
Linux OS packages
ā
Container images
ā
License compliance issues
Key features:
ā¢ Recursive source code scanning
ā¢ Container vulnerability scanning
ā¢ Offline vulnerability database support
ā¢ License auditing
ā¢ Guided dependency remediation
ā¢ Call analysis to reduce false positives
š https://t.co/tgvoDyFp1x
For developers and AppSec teams, it's one of the most practical tools for identifying vulnerable dependencies using the OSV[.]dev database.
#CyberSecurity #AppSec #DevSecOps #OpenSource #VulnerabilityManagement #OSVScanner
The software supply chain has a new predator. š
Meet Iron Worm, the "rustier cousin" of the infamous Shai-Hulud worm. Just like its predecessor, it burrows into dev environments, steals credentials, and self-propagates through trusted GitHub and npm workflows.
Except this one is built in heavy, async Rust, hides behind an eBPF kernel rootkit, and talks over Tor.
Full teardown of the beast:
https://t.co/9Tn4G8tluW
Introducing HTTP/2 Bomb: a remote DoS in nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client pins 32GB of server memory in 10s. Found by Codex.
Blog post: https://t.co/WO9MeExoun
PoCs: https://t.co/NpVgEHBHPl
Do you think Microsoft lets their own employees do this?
šØ Claude Code's GitHub Actions Vulnerability Lets Attackers Compromise Any Repository
Source: https://t.co/lb0fzVp2ox
A critical supply chain vulnerability in Claude Code's GitHub Actions that could allow attackers to compromise any repository using Anthropic's official CI/CD workflow, including Anthropic's own infrastructure.
When combined with prompt injection techniques, it could enable a fully unauthenticated external attacker to exfiltrate secrets, steal OIDC tokens, and push malicious code to any downstream repository that depends on the Claude Code GitHub Actions workflow.
Claude Code GitHub Actions restricts workflow execution to users with write or admin access. However, the checkWritePermissions function unconditionally trusted any actor ending in [bot] regardless of actual permissions.
#cybersecuritynews
![The_Cyber_News's tweet photo. šØ Claude Code's GitHub Actions Vulnerability Lets Attackers Compromise Any Repository
Source: https://t.co/lb0fzVp2ox
A critical supply chain vulnerability in Claude Code's GitHub Actions that could allow attackers to compromise any repository using Anthropic's official CI/CD workflow, including Anthropic's own infrastructure.
When combined with prompt injection techniques, it could enable a fully unauthenticated external attacker to exfiltrate secrets, steal OIDC tokens, and push malicious code to any downstream repository that depends on the Claude Code GitHub Actions workflow.
Claude Code GitHub Actions restricts workflow execution to users with write or admin access. However, the checkWritePermissions function unconditionally trusted any actor ending in [bot] regardless of actual permissions.
#cybersecuritynews](https://pbs.twimg.com/media/HJzhUNNaYAAhsop.jpg)
Apple open-sources its Apple post-quantum cryptographic code and verification tools, revealing a hidden ML-DSA digital signature bug.
#AppleSecurity #PostQuantumCryptography #PQC #OpenSource #CyberSecurity #Cryptography #iMessage
https://t.co/vUCfDv2jiA
š³ DockSec ā AI-Powered Docker Security Scanner
Container security reports are often filled with hundreds of CVEs, making it difficult to know what actually matters.
DockSec helps developers focus on the risks that affect their specific Docker environment.
ā¢ Combines Trivy, Hadolint, and Docker Scout
ā¢ AI-powered vulnerability analysis
ā¢ Plain-English security explanations
ā¢ Dockerfile remediation guidance
ā¢ Security scoring (0ā100)
ā¢ HTML, PDF, JSON, CSV reporting
ā¢ GitHub Actions integration
ā¢ Supports OpenAI, Claude, Gemini, and Ollama
How it works:
š Scan ā Trivy, Hadolint, Docker Scout
š§ Analyze ā Correlates findings and reduces noise
š ļø Recommend ā Suggests actionable fixes
š Report ā Generates professional security reports
Key use cases:
ā¢ Dockerfile reviews
ā¢ Container hardening
ā¢ CI/CD security checks
ā¢ DevSecOps workflows
ā¢ Vulnerability prioritization
ā¢ Security posture tracking
Instead of reviewing 200+ raw CVEs, DockSec highlights what is actually relevant and provides practical remediation guidance.
š https://t.co/LLXWcAxUjN
#Docker #ContainerSecurity #DevSecOps #OWASP #CyberSecurity #CloudSecurity #Kubernetes #AppSec #AI #InfoSec
Last Seen Users on Sotwe
Fera
Seen from Indonesia
Eivor
Seen from United States
sidra Noor
Seen from Pakistan
ąøąøąøąøŖąø²ąø§ą¹ąøą¹ą¹ąøąø£ąø²ąøš¤
Seen from Thailand
GodxPetra
Seen from Kuwait
TesettĆ¼r
Seen from Netherlands
Risz
Seen from Indonesia
Mert korkmaz
Seen from Turkey
Gay BDSM
Seen from Turkey
mombod
Seen from Netherlands
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers