I'm actually getting tired of this shit. Someone get these open source software nerds on the phone and tell them ... I don't know. I've lost track of which supply chain attack were caused by what, there's been too many.
Someone just fucking do something, oh my lord
INSTEAD OF WATCHING AN HOUR OF NETFLIX TONIGHT.
This 1 hour Stanford lecture by Joel Peterson will teach you more about negotiation and getting what you want than most people learn in years.
Bookmark it and give it an hour, no matter what.
🇵🇱 Alleged database belonging to https://t.co/bBLJUBaz0t has been advertised on a cybercrime forum, with the threat actor claiming to possess approximately hundreds of thousands of customer records containing account, contact, and website activity data.
* Threat actor claims the dataset originates from https://t.co/bBLJUBaz0t, one of Poland’s largest hosting and domain service providers
* Advertised data includes customer names, email addresses, postal addresses, usernames, phone numbers, dates of birth, and account metadata
* Login password hashes are reportedly included rather than plaintext passwords
* Additional records allegedly contain website session tracking data, user activity metrics, engagement statistics, and marketing campaign information
* Dataset appears to combine CRM, web analytics, and customer management records
* Potential Impact:
* Targeted phishing campaigns against https://t.co/bBLJUBaz0t customers
* Credential cracking attempts against hashed passwords
* Account takeover risks where passwords are reused elsewhere
* Enhanced social engineering using personal and account information
* Business intelligence exposure through marketing and engagement data
* Analyst Note: The advertised structure resembles a blend of CRM, customer support, web analytics, and marketing datasets. The presence of password hashes, customer contact information, and website session data would make the dataset particularly valuable for cybercriminals if authentic. At this stage, the origin of the data and any attribution to https://t.co/bBLJUBaz0t remain unverified and require independent validation.
#DDW #Intelligence #Poland #HomePL
🚨 Anthropic just showed a 27-minute workshop on how to actually do prompts for Claude.
Taught by the people who built it.
Free. No registration. No paywall.
I've seen $300 courses that don't cover what they teach in the first 8 minutes.
Watch it and bookmark it now.
GitHub, a company owned by Microsoft, was compromised.
A GitHub employee browsing the VS Code marketplace, an asset owned and operated by Microsoft, inadvertently donated a malicious VS Code extension, which Microsoft offers guidance and best practices on to avoid
Mind blown alert 🤯! Nguyen Hoang Thach (@hi_im_d4rkn3ss) of STARLabs SG (@starlabs_sg) used a Memory Corruption bug to exploit VMware ESXi with the Cross-tenant Code Execution add-on, earning a sweeeeeet $200,000 and 20 Master of Pwn points. Full win let's go! #Pwn2Own #P2OBerlin
@oak_investor Bardzo ciekawy moment !!! - Kontekst Miesieczny - Wejscie na D1 i tam bedzie trzeba reagowac na to co cena pokaze. TP-? 105-107. Bardzo krotko ze SL jezeli dzienna zamknie sie ponizej 88 to moze byc nie ciekawie.