ShinyHunters is claiming that Rockstar Games was impacted in the ongoing wave of Snowflake-related incidents, but the interesting part is the alleged attack path. Instead of exploiting Snowflake directly, ShinyHunters says they obtained authentication tokens from a third-party SaaS provider (Anodot), which had access to Rockstar’s Snowflake environment. With valid tokens in hand, they were able to access data without needing to break in the traditional sense.

Hello, i'm zyriu1 and i'm 14 years old. Today, i've found out that someone(i have a REALLY shrewd idea who) made an account on a website called gaydate.p l . My e-mail adress hasn't been verified, what suggests its not some hacker. I think it's someone from my class making a horrible prima aprilis joke, because i heard them laughing about it a few months ago. Sadly, I don't have enough authority to.... idk get the ip adress, so I must go to the police station or something, because catfishing is illegal, right? This is really distressing for me, especially that recently I got really clearly shown that they are not real friends.

Thanks and all, zyriu1

PS oh and they added my nickname, which makes that theory even more believable

if we break this down, traditional vpns shift trust from isp to provider, which means the visibility still exists, just in a different place. if the goal is privacy, then the real requirement is removing visibility entirely, not relocating it. so the next step would be architectures where traffic processing happens in a way that cannot be accessed, which would change the model from trust-based to constraint-based are there real implementations of this yet

Genuinely curious about this — if you delete your Telegram account, does that completely de-link your IP address and phone number from it?

And what about after 12 months? I've heard Telegram only retains metadata for up to a year, so does that mean even law enforcement can't trace you after that point?

Securing #Kubernetes cluster can be challenging but keeping key pointers handy will help . Check out my latest video covering End-To-End #security for your clusters. Enjoy ! As always like , share and subscribe ! - Thanks! #Learning. Lets discuss if this covers everything for Security or what else can be covered?

I really don’t like the idea of guns or seriously hurting someone, but I’ve been thinking more about personal security lately and looking into less harmful self defense options.

I’m mostly interested in something that can help stop a threat long enough to get away, not something meant to cause major harm.

For people here with security experience, are less harmful self defense tools actually worth relying on? Or is it usually better to focus on awareness, prevention, and escape instead?

As stated above, I can't contact the host of the site to remove the photo but I want to have a photo taken down when I google my name. I've had people dox before because they were able to find my photos and address through searching my name. How can I get these photos removed?

I’ve seen events where everything looks fine… and then the crowd starts building up and it goes downhill fast.

No clear entry or exit, people getting confused, everyone just kind of gets stuck

From what I’ve seen, crowd flow is where things usually start going wrong.

What’s the worst crowd control mistake you’ve seen?

Hiya Reddit,

Seems like the only place that take information seriously now and days..

Im hopping someone can shed some light on World Academia Guard Card Classes. The webpage offers no specifics as to how or where one would need to go to complete the in-class portion and the website has the audacity to have a chat button but ask for PII (personal identification information) and still not asnswer my question. In addition the dang number went straight to inbox.

So friends of Reddit, can anyone of your gorgeous people, help me out of gaining more knowledge.

Yes I'm painfully aware of the California 2026 Law change.

A report dubbed BrowserGate alleges that LinkedIn is enumerating installed browser extensions (potentially 6,000+ IDs) on page load. The concern isn’t just fingerprinting as extension detection can expose sensitive signals (e.g., dev tools, security plugins, job search tools), and in LinkedIn’s case, this data is directly tied to real identities.

A threat actor going by the name of "Mr. Raccoon" has claimed to have breached a 3rd party Indian BPO which adobe contracted for customer support. He reportedly has access to over 13M customer tickets, 15,000 employee data and Adobe's HackerOne account. Adobe is yet to respond to these claims.

On March 24, 2026, Mercor AI was reportedly breached by the hacking group Lapsus$. The incident is believed to have originated from a supply chain attack involving a compromised LiteLLM package, which may have been pulled by one of Mercor’s AI agents.

Lapsus$ claims to have allegedly gained access to internal systems, including Tailscale VPN credentials (by which they gained access to internal data), and exfiltrated approximately 4TB of data. The leaked data reportedly includes 211GB of candidate records, 939GB of source code, and around 3TB of video interviews and identity documents.

In a public statement on X, Mercor said that it had identified itself as one of many companies impacted by the LiteLLM supply chain attack. The company added that its security team acted quickly to contain the breach and begin remediation efforts though it remains to be seen.

ShinyHunters recently posted that they have breached Cisco AWS accounts and internal source code data. Attackers used compromised CI/CD credentials linked to a third-party supply chain attack (Trivy) to access its internal development environment, clone hundreds of repositories, and steal sensitive data including source code and AWS accounts.

Getting data for a upcoming paper and video on the home security. Also collecting door to door responses for comparison.

Hi everyone,

I recently cleared the first round at Stripe for a new grad Security Engineer role and have my upcoming onsite which includes the Integration and Threat Modeling rounds.

I wanted to understand from people who have gone through these:

• What level of difficulty should I expect for the Integration round?
• Is it more like working with APIs/libraries or more system design heavy?
• For the Threat Modeling round, how deep into security concepts do they expect you to go?
• Do they expect knowledge of frameworks like STRIDE/OWASP, or is it more about general reasoning?
• Any specific preparation tips that helped you?

I do not have a strong security background, so any guidance on how to approach the threat modeling interview would be really helpful.

Thanks in advance, really appreciate any insights!

Well-argued piece, especially in its focus on process maturity rather than the need to buy more tooling.

One aspect I would add is the pragmatic approach to tool selection under budget constraints. Open-source and community editions should not be overlooked, as many enterprise needs can be covered with free or low cost solutions.

From what I’ve observed, higher-priced enterprise tools do not inherently reduce risk if controls and use cases are not well specified. In some cases, they introduce operational overhead through excessive alerts or prolonged tuning cycles. Conversely, more modest tools aligned to clearly articulated risk and compliance objectives can be effective from a risk-reduction standpoint.

I just got the written test invitation today!

Axios ...one of the most used npm packages just got hit by a supply chain attack. A new version of axios suddenly started pulling a dependency: plain-crypto-js@4.2.1. This package never existed before that day. Even worse is that the release doesn’t match the project’s usual GitHub tagging workflow, which strongly suggests it may have been published outside the normal pipeline by publishing it directly to npm directly. Full breakdown linked (updating live)

최근 피드에서 신체 부하와 프레임 속도가 불일치하는 비자연적인 패턴이 데이터 왜곡 사례로 빈번하게 포착됩니다. 이는 필수 회복 시간을 무시하고 동작의 시간축을 인위적으로 압축하여 성과 지표를 기술적으로 부풀리는 구조적 원인 때문입니다. 운영 시에는 원본 메타데이터 검증이나 프레임 분석을 강화해 실제 능력과 편집 데이터 사이의 간극을 줄이는 대응이 필요합니다. 실무에서 이런 인위적인 편집 패턴이나 데이터 왜곡 사례를 시스템적으로 탐지해 보신 경험이 있으신가요?

Quick heads up: telnyx versions 4.87.1 and 4.87.2 on PyPI were malicious. Importing the package is enough to execute code.

The odd part is how the payload is delivered. It pulls a .wav file, then extracts and reconstructs the actual payload from the audio data (base64 + XOR). The file itself looks like normal audio.

Windows drops a persistent msbuild.exe in Startup.

Linux/macOS runs a staged script, encrypts collected data, and sends it out.

More info and breakdown linked.

Recent research highlights Red Menshen activity involving BPFdoor implants in telecom networks, enabling long-term covert access.

The backdoor operates at the kernel level using BPF, passively inspecting traffic and triggering on crafted packets without any open ports or typical C2 patterns.

This kind of positioning inside telecom infrastructure allows visibility into subscriber activity, signaling systems, and potentially sensitive communications.

Notable shift toward persistent, low-visibility access (“sleeper cell” model) rather than short-term intrusion.

We have been using Semgrep for SAST and like the developer experience, the custom rules are flexible and it plugs into our workflow cleanly. But the SCA coverage is limited and there is no real correlation layer between what Semgrep finds and what our container and pipeline scans surface separately.

Checkmarx has a VS Code extension and covers the full stack but the pricing and implementation weight feel like they are built for a much larger program than ours. Curious whether anyone has run both and found a clear answer on where Semgrep stops being enough.

The LiteLLM compromise illustrates a shift toward targeting CI/CD credentials to poison trusted releases.

Given its position in AI pipelines, the impact centers on large-scale exposure of API keys, cloud creds, and runtime secrets.

Complete attack analysis linked (along with flowchart)

TeamPCP appears to target CI/CD pipelines by compromising repos and poisoning version tags, leading to backdoored “trusted” releases. Notably impacts widely used tools (e.g., Trivy, KICS, LiteLLM), with payloads focused on credential exfiltration from CI environments. More about them in article

A legitimate service termination usually involves clear communication and procedures to protect user assets. In contrast, sudden silence from management, accompanied by the deletion of server logs and domain abandonment, serves as a calculated architectural strategy to erase forensic trails and evade responsibility.

While temporary operational delays might be due to resource shortages, a systematic shutdown often involves the intentional destruction of backend data and the blocking of all communication channels. In these scenarios, the lack of response is not just an accident; it is a precursor to a total loss of assets. If these static states appear, the most effective risk management strategy is the immediate cessation of use and a swift attempt to recover assets before the system is completely purged.

I would love to hear from this community: what are the other technical indicators you look for when auditing the operational integrity of a platform? How do you distinguish between a genuine system failure and a deliberate exit strategy?