Olivia
Online
Stefan Schmidt
@Zap42
🎧 🛀 🌌 👽☁ full stack begins at layer 1 | high speed copy&paste | only DNS is truly web-scale | his password ¯ \ _ (ツ) _ / ¯ @[email protected]
Berlin, Germany
Joined November 2007
2.3K Following
621 Followers
12.9K Posts
For more than 20 years, I have supported MSRC, dating back to my times as a security researchers at eEye. I have spoken at conferences, defended their program & methods publicly, & shared examples and results of productive collaboration even when many, many researchers strongly disagreed with me.
That history makes this especially difficult to say.
The current treatment of security researchers is deeply disappointing. Trust between vendors & the research community is hard-earned & easily lost. Researchers are not the enemy. They are often the first line of defense for customers, helping identify and responsibly report issues before malicious actors can exploit them. Alienating these individuals carries real consequences for the security ecosystem as a whole.
I've spent decades advocating for constructive engagement between Microsoft & the security community. What we all are seeing today falls short of the standards that built that relationship in the first place.
I hope this message reaches the people who still remember why that relationship mattered. Not because researchers are asking for special treatment but because mutual respect, transparency & good-faith engagement have always produced better outcomes for everyone involved. Microsoft's relationship with the security community was once viewed as a model for the industry. I truly hope it can be again.
🚨 73 Microsoft GitHub repos just went dark.
They were hit by Miasma, a self-replicating supply chain attack spreading through trusted open-source channels.
Azure and MicrosoftDocs repos were among those impacted.
Read this: https://t.co/J1Pyrr4mlR
GPS navigation includes a publicly broadcast 176-bit special-message field that have carried high-entropy payloads for years. It looks like a one-way encrypted control or key-distribution channel. Effectively a GPS-transmitted, world-reachable number station. The publicly receivable GPS navigation signal appears to leak operational metadata about military cryptographic logistics? @sjmurdoch https://t.co/A7nu6HJe39
Who to follow
Lord Mendel Mobach 💉💉💉💉🦠💉
@bugblauw
⚭@kmkoldenhof †
Tweets van mij zijn altijd op de persoon gericht.
"Cryptohalfgod"
"Opensource plunderaar"
"bekend van https://t.co/mcKgFDJRom"
Philippe Dorthe
@phdorthe33
Président du Grand Port Maritime de Bordeaux.
Conseiller régional honoraire de la NouvelleAquitaine.
Conseiller départemental honoraire de la Gironde.
chrisbacos
@chrisbacos
Adult biz veteran. BDSM/fetish practitioner. I like rock music, world affairs, politics, fashion, science, metaphysics, finance, sports, and travel. Democrat
@halvarflake More people on an ICE train compared to an airplane plus the expectation is that one is able to work on the train so just about everybody who has a laptop with them at least tries. Also Qualcomm: https://t.co/JTgM054LoW
thanks to Claude Mythos i was able to open vim on my car infotainment screen, just to end up bricking it because the terminal does not support the colon key and restarting the car doesn’t restart the headunit
@UK_Daniel_Card Played CS on it back in the days, what makes them odd and still being sold however seems to be that they are relatively unimpressed with tilt so you find them on ships bridges and engineering.
Angry devs vow to flee GitHub Copilot as metered billing takes hold https://t.co/eTpnxqrDcX
Sam Altman has discovered that the thing he sells by the token is expensive when you use a lot of tokens. Truly the Copernicus of his generation.
lol
🇨🇦 Canada: BCD Travel Data Allegedly Leaked by ShinyHunters Ransomware Group
* Threat actor claims to have compromised BCD Travel after failed extortion negotiations
* Listing alleges theft of more than 700,000 Salesforce records and data from multiple SharePoint environments
* Attackers claim to possess over 30 GB of compressed data
* Stolen information allegedly includes internal corporate documents, customer records, and business-related data
* The leak was updated on June 2, 2026, suggesting ongoing activity or additional data publication
Analyst Note:
BCD Travel is one of the world's largest corporate travel management companies, serving multinational organizations and government entities. If the claims are accurate, exposure of Salesforce and SharePoint environments could provide attackers with valuable customer information, internal business processes, contracts, travel records, and operational intelligence. At this stage, the claims should be considered unverified until confirmed by the organization or independent analysis.
#DDW #Intelligence #DarkWeb #BCDTravel
🤔
@PictureThisAI Ist das Brawndo the thirst mutilator?
Yeah, so pretty much this guy is releasing an exploit in solidarity with Nightmare Eclipse guy. He said he notified GitHub about the exploit 60 minutes before releasing this paper.
I don't do web stuff, and I'm not a VSCode nerd, so I'm confused by the underlying technologies.
If you're a stinky GitHub and VSCode nerd maybe you'll understand.
tl;dr click github dev, github dev opens editor, in github dev editor have javascript, javascript does shortcuts automatically. github treats javascript shortcuts as real human input, or something. use javascript shortcut stuff to automatically install vscode extension. the vscode extension steals your data
tl;dr tl;dr user clicks 1 link, 1 click steals all data from your github
https://t.co/uh17usZeEH
Introducing HTTP/2 Bomb: a remote DoS in nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora. A single client pins 32GB of server memory in 10s. Found by Codex.
Blog post: https://t.co/WO9MeExoun
PoCs: https://t.co/NpVgEHBHPl
"Your doner is so awful, you better feed it to the cats."
A 1* Google review for a doner place in Berlin. Their reaction is phenomenal. 😁
Stop paying $20 per month for Claude Code. McDonald’s AI bot is FREE.
Someone asked a McDonald’s support assistant how to reverse a linked list in Python.
It answered correctly. Actual code.
We’re definitely at peak AI now.
POV: you're still using GitHub Copilot after June 1st, 2026
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers