Hi all, I’ve created a lab gRPC Goat 🐐 to help you learn and practice gRPC security.
Blog: https://t.co/kIKJ81r8nP
Repo: https://t.co/fg6Bk5hngN
Give it a try and kindly share your feedback! Keep learning !
#grpc_security#grpc#grpc_goat#vulnerable_lab#dvwa_grpc
Hi sir.
Even today lots of traffic Jam due to improper signal timings in Marathahalli Junction Signal traffic from Bellandur side to HAL Road. Kindly check the traffic to increase timing where traffic is huge when other sides have no traffic. @Jointcptraffic
ಎಚ್.ಎ.ಎಲ್ (HAL) ವಿಮಾನ ನಿಲ್ದಾಣ ಸಂಚಾರಿ ಪೊಲೀಸ್ ಠಾಣೆಯ ವ್ಯಾಪ್ತಿಯಲ್ಲಿ ಬರುವ ಮಾರತ್ ಹಳ್ಳಿ ಸೇತುವೆ ಜಂಕ್ಷನ್ನಲ್ಲಿ, ಸಂಚಾರ ದಟ್ಟಣೆಯನ್ನು ಸುಧಾರಿಸುವ ಮತ್ತು ಸಂಚಾರ ನಿರ್ವಹಣೆಯನ್ನು ಹೆಚ್ಚಿಸುವ ಉದ್ದೇಶದಿಂದ ಪ್ರಸ್ತಾಪಿಸಲಾದ ಜಂಕ್ಷನ್ ಮಾರ್ಪಾಡುಗಳನ್ನು ಮೌಲ್ಯಮಾಪನ ಮಾಡಲು ಡಿಸಿಪಿ ಸಂಚಾರಿ ಪೂರ್ವ (DCP Traffic East) ಅವರೊಂದಿಗೆ ಜಂಟಿ ಪರಿಶೀಲನೆ ನಡೆಸಲಾಯಿತು.
ಪರಿಶೀಲನೆಯ ಸಂದರ್ಭದಲ್ಲಿ, ಮಾರತ್ ಹಳ್ಳಿ ಸೇತುವೆ ಜಂಕ್ಷನ್ನಲ್ಲಿ ಪೀಕ್-ಅವರ್ (ಗರಿಷ್ಠ ದಟ್ಟಣೆಯ ಸಮಯದ) ಸಂಚಾರ ದಟ್ಟಣೆ, ವಾಹನಗಳು ತಿರುವು ತೆಗೆದುಕೊಳ್ಳುವಾಗ ಉಂಟಾಗುವ ಅಡಚಣೆಗಳು, ಸಿಗ್ನಲ್ ಸಮಯದ ದಕ್ಷತೆ ಮತ್ತು ಪಾದಚಾರಿಗಳ ಸುರಕ್ಷತೆಯ ಅಂಶಗಳನ್ನು ಪರಿಶೀಲಿಸಲಾಯಿತು. ಅಲ್ಲದೆ, ಸಂಚಾರ ವಿಳಂಬವನ್ನು ಕಡಿಮೆ ಮಾಡಲು ಮತ್ತು ಪ್ರಯಾಣಿಕರ ಅನುಕೂಲತೆಯನ್ನು ಸುಧಾರಿಸಲು ಅಗತ್ಯವಿರುವ ಜಂಕ್ಷನ್ ಮಾರ್ಪಾಡುಗಳ ಬಗ್ಗೆ ಚರ್ಚಿಸಲಾಯಿತು.
Conducted a joint inspection at Marathahalli Bridge Junction under the jurisdiction of HAL Airport Traffic Police Station, along with the DCP Traffic East, to assess the proposed junction modifications aimed at improving traffic flow and enhancing traffic management.
During the inspection, peak-hour congestion at Marathahalli Bridge Junction, turning-movement bottlenecks, signal timing efficiency and pedestrian safety aspects were reviewed, and necessary junction modifications were discussed to reduce traffic delays and improve commuter convenience
#TrafficManagement #RoadSafety #BengaluruTrafficPolice #TrafficUpdate #PublicSafety #NammaBengaluru
@ChristinMP_@krishnabgowda@krishnabgowda Sir, this is exactly why Bengaluru’s infrastructure keeps failing.
This road was newly built just 6–7 months ago. A month ago, it was dug up for drainage work and left in a poor condition after completion.
@thehosteller Very disappointed with my stay at The Hosteller Manali ( RESHOM18225). Around 20 guests, including people from other dorms, gathered in our dorm, shouting, talking loudly, switching lights on/off, smoking until 2:30 AM+. Impossible to sleep. Requesting a full refund
Not everyone who reports to Google Cloud VRP does a writeup, but critical bugs still show up in CVEs and release notes
Made a tool that aggregates both so you can see the types of bugs getting found in GCP
https://t.co/S8C6q67r2N
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
Security things from the last few days:
- CopyFail (linux pwn'd)
- CopyFail 2/Dirty Frag
- 13 advisories in Next.js
- Over 70 CVEs addressed in MacOS 26.5
- ~50 CVEs addressed in iOS 26.5
- YellowKey (Windows Bitlocker pwn'd entirely)
- GreenPlasma (Windows privilege escalation)
- CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE
- CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access
- Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning)
- Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too"
- Canvas (popular LMS used in most schools) pwn'd entirely
- PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300
Are you scared yet?
‼️🚨 UPDATE: The TanStack npm attack is now a full campaign.
'Mini' Shai-Hulud has hit:
- OpenSearch
- Mistral AI
- Guardrails AI
-UiPath
- Squawk packages across npm and PyPI
The malware specifically targets AI developer tooling. It hooks into Claude Code (.claude/settings.json) and VS Code (.vscode/tasks.json) to re-execute on every tool event, long after the infected package is gone. npm uninstall does not fix this.
🚨SECURITY ALERT: Ongoing supply chain attack - “Shai-Hulud: Here We Go Again”
We are continuing to track the latest attack in the “Shai-Hulud: Here We Go Again” campaign - Up until now 406 package versions were detected as compromised, including npm scopes @tanstack, @squawk, @uipath, and spreading to PyPI packages mistralai and guardrails-ai. JFrog Curation customers using an Immaturity policy were fully protected from this attack, as all of the hijacked packages were flagged in less than 24 hours.
See our blog for a full analysis of this attack, including an ongoing list of compromised packages (link shared soon in this thread).
A few months ago, I found a Prompt Injection vulnerability on Google Tasks.
It was simple, yet tricky.
Google rewarded me with a $15,000 bounty for it.
Here's the full story:
I achieved a cross-tenant #RCE in #GoogleCloud simply by abusing predictable bucket names. 🪣
In my latest research for @FocalSecurity, I look into "Bucket Squatting" - a cross-tenant attack that landed me 3 critical vulnerabilities in GCP.
Here is how it works:
🚨 BREAKING: Wiz Research discovered Remote Code Execution on https://t.co/SvN2lGsnbO with a single git push
The flaw in @github allowed unauthorized access to millions of repositories belonging to other users and organizations 🤯
Why is no one talking about this?
@nvidia is offering around 80 AI models via hosted APIs absolutely for free.
You get access to MiniMax M2.7, GLM 5.1, Kimi 2.5, DeepSeek 3.2, GPT-OSS-120B, Sarvam-M etc.
This plugs straight into OpenClaude, OpenCode, Zed IDE, Hermes agent and even with Cursor IDE.
Setup:
– Grab API key: https://t.co/Wfdclm0hY2
– base_url = "https://t.co/VOGC10LmGP"
– api_key = "$NVIDIA_API_KEY"
– select model (e.g. minimaxai/minimax-m2.7)
If you’re building or experimenting, this is basically free inference.
Lock in and start building today anon.
Thank me later.
A traffic deadlock at munnekolala near asha tiffins, because of some incompetent officials from @chairmanbwssb , fust they dugged whole area 1 month ago, and then they dumped pipes on the road for last 2 weeks with no work going on.
@blrcitytraffic wake up! Wake up!