📺 https://peer.adalta.social/w/dpr21TWFNsZeq8D6J8Wiwg 🔗 🇩🇪🇺🇸🇫🇷 🔗 ℹ️
Les Attaques par Injection de Prompts devront être une préoccupation majeure pour les applications basées sur des LLM.
@data0@indieweb.social
·
Apr 30, 2026
data0
@data0@indieweb.social
All kinds of tech nerd, software engineer and consultant, startup founder. From Assembly to Javascript. Always bet on the web! I love text. I hate pooptoots, memes or any other viral bs. Header image by https://unsplash.com/de/@dth_knight Some fedi/ipfs/decentralisation things I've done in the past:
indieweb.social
I couldn’t find a list of #Linux #kernel versions that include a patch for #copyfail, so I dug into the commit log and made one. Make sure you’re using at least the following version of your branch to mitigate against copyfail:
- 7.0-rc7 (any stable 7.x is safe)
- 6.19.12
- 6.18.22
- 6.12.85
- 6.6.137
- 6.1.170
- 5.15.204
- 5.10.254
See https://copy.fail for more info about the #exploit.
#privilegeescalation #vulnerability #cryptography #linuxadmin #sysadmin
24
4
41
@beyondmachines1@infosec.exchange
·
Apr 30, 2026
BeyondMachines 
@beyondmachines1@infosec.exchange
Enabling Good Cybersecurity for Everyone: Automated cybersecurity tools, learning and expert guidance for individuals and companies of all sizes. Because cybersecurity shouldn't be an enterprise feature. Sometimes a bot, sometimes not.
infosec.exchange
Copy Fail: Linux Kernel Flaw Grants Root Access On All Major Distributions
A Linux kernel vulnerability called “Copy Fail” (CVE-2026-31431) allows unprivileged local users to gain root privileges with 100% reliability by corrupting the shared page cache. The flaw affects nearly all Linux distributions since 2017 and enables container escapes because the memory corruption does not modify files on disk.
If you run Linux servers, especially shared environments like Kubernetes clusters, CI/CD runners, or multi-tenant hosts, patch your kernel immediately to a version that includes the fix (mainline commit a664bf3d603d) for CVE-2026-31431. If you can’t patch right away, disable the vulnerable module by running echo “install algif_aead /bin/false” > /etc/modprobe.d/disable-algif.conf followed by rmmod algif_aead, and for untrusted code environments block AF_ALG socket creation via seccomp as a long-term safeguard. #cybersecurity #infosec #advisory #vulnerability https://beyondmachines.net/event_details/copy-fail-linux-kernel-flaw-grants-root-access-on-all-major-distributions-w-l-v-0-c/gD2P6Ple2L
7
0
14
@hackerworkspace@infosec.exchange
·
Apr 24, 2026
HackerWorkspace
@hackerworkspace@infosec.exchange
Curated intelligence for the refined hacker. We filter the noise to bring you tradecraft, zero-days, and techniques that matter.
infosec.exchange
Non-delusional Mythos take
https://www.youtube.com/watch?v=m8P7O2BWIp8
#cybersecurity #aisecurity #vulnerability
0
0
1
@AAKL@infosec.exchange
·
Apr 22, 2026
AA
@AAKL@infosec.exchange
Always questioning. Latest news focused on #cybersecurity, #privacy, #Linux, #Apple, #Microsoft, #Google, #AI, and the tech industry in general. Toxicity is not tolerated. I follow like interests. Check your facts. - FactCheck.org https://www.factcheck.org/ - Reuters Fact Check https://www.reuters.com/fact-check/ - AP Fact Check https://apnews.com/ap-fact-check - Snopes https://www.snopes.com/ - Politifact https://www.politifact.com/ NordVPN Link Checker: https://nordvpn.com/link-checker/ Project 2025 Tracker https://www.project2025.observer/
infosec.exchange
Headline of the day:
"Claude Mythos Finds 271 Firefox Vulnerabilities"
Security Week: https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/ @SecurityWeek@infosec.exchange #Mozilla #Firefox #Claude #Anthropic #infosec #vulnerability
2
1
1
@h4ckernews@mastodon.social
·
Apr 11, 2026
Hacker News
@h4ckernews@mastodon.social
Unofficial Hacker News Bot, posting Top 10 stories.
mastodon.social
BlueHammer abuses Windows Defender's update process to gain SYSTEM access
https://hackingpassion.com/bluehammer-windows-defender-zero-day/
#HackerNews #BlueHammer #WindowsDefender #ZeroDay #Cybersecurity #Vulnerability #HackingNews
12
0
18
@indieauthornews@indieauthors.social
·
Mar 06, 2026
IndieAuthors.Social News
@indieauthornews@indieauthors.social
I am a news BOT created by IndieAuthors.Social to help inform indie authors and the readers that love them. If you write author-related news or blogs made available via RSS/ATOM feeds and would like me to share your posts, toot my human benefactor @indieauthors.social@admin to inquire further.
indieauthors.social
What You Edit Out Reveals Who You Are as a Writer
Your revision history actually shows your best writing Continue reading on The Writing Cooperative »
https://writingcooperative.com/what-you-edit-out-reveals-who-you-are-as-a-writer-086ccc4ebcf
#lifelessons #selfimprovement #writingtips #vulnerability #writing
0
0
2
@Hackread@mstdn.social
·
Feb 22, 2026
Hackread.com
@Hackread@mstdn.social
Mastodon account of the most reliable cybersecurity news platforms bringing exclusive dark web, tech, and hacking news. Contact: admin@hackread.com.
mstdn.social
📢⚠️ Researchers demonstrate multiple attacks against major password managers, including Bitwarden, LastPass, and Dashlane, showing how compromised servers and design flaws can expose encrypted vault data.
Read: https://hackread.com/researchers-demonstrate-password-managers-attacks/
#CyberSecurity #PasswordManager #Vulnerability #Privacy
1
0
4
@tomas@indieauthors.social
·
Feb 16, 2026
Tomas Loveniers
@tomas@indieauthors.social
Ik schrijf altijd alles tegelijk en nu op zoek naar enthousiaste vragen en reacties om me aan te vullen waar het kan. TAO in de materiële wereld TAO in de ideeënwereld #gent #9000
indieauthors.social
Progress stories ignore our vulnerability to Others. Thinking through self-containment (at any scale) - an essential element of progress literature - negates transformation through encounters and all patterns of confluence and influence.
An alternative narrative could be to acknowledge a perpetual state of precarity. A precarious world is a world without progress teleology. Agnostic about where we're going, we might then look for what has been ignored by the current hegemonic story.
We are surrounded by many world-making projects; human and not-human. And usually these overlap too. Instead of colonial histories, we must fill both history and future with these 'contamination traditions'.
#vulnerability #theOthers #selfcontainment #progressteleology #transformationthroughencounters #TSING
0
0
0
📺 https://peer.adalta.social/w/qce11wDNyBC78tLqnRKmds 🔗 🇩🇪🇺🇸🇫🇷
La configuration d’un système NetBSD en lecture seule atténue un point de vulnérabilité critique souvent négligé : la corruption du système de fichiers sur des supports de stockage peu fiables.
0
0
0
📺 https://peer.adalta.social/w/nQCwqAv8Gf7ahWVFEfdz2R 🔗 🇩🇪🇺🇸🇫🇷
A practical guide to hardening embedded systems by eliminating file system write vulnerabilities through a memory-backed root configuration.
0
0
0
📺 https://peer.adalta.social/w/bG7GEPHbVSBzsFmeoM1LAD 🔗 🇩🇪🇺🇸🇫🇷
Die Absicherung des Dateisystems als kritische Maßnahme gegen Datenkorruption und Ausfälle
0
0
0
High severity authorization #vulnerability in Keycloak:
- Of course it’s because of JWT
- If a project with a sole purpose is authn/authz is getting #JWT wrong, you probably are too.
5
0
0
📺 https://peer.adalta.social/w/ha7u8osqJ9djsMHeNLvuaH 🔗 🇩🇪🇺🇸🇫🇷
Une faille de dépassement de tampon accessible à distance compromet l’intégrité des réseaux, avec un exploit public disponible.
0
0
0
📺 https://peer.adalta.social/w/kpVddxKp2FBwhdvJ28fzU2 🔗 🇩🇪🇺🇸🇫🇷
A publicly released exploit for a critical buffer overflow in Tenda routers demands immediate action from network defenders.
0
0
0
📺 https://peer.adalta.social/w/jG6JrBKpEnD9cTemxKWzzY 🔗 🇩🇪🇺🇸🇫🇷
Ein veröffentlichter Proof-of-Concept-Exploit für einen Remote-Buffer-Overflow erhöht das Risiko für ungepatchte Netzwerke erheblich.
0
0
0
@harrysintonen@infosec.exchange
·
Feb 06, 2026
Harry Sintonen
@harrysintonen@infosec.exchange
Infosec consultant at REVƎЯSEC https://reversec.com - Coding, Research + various other interests
infosec.exchange
Apparently AMD's AutoUpdate downloads the updates over HTTP and executes them without any validation (presumably as SYSTEM user). AMD was notified of the vulnerability but according to them "attack requiring physical access to victim's computer/device, man in the middle or compromised user accounts" are out of scope.
Madness.
source: https://mrbruh.com/amd/
#vulnerability #infosec #cybersecurity
73
0
80
📺 https://peer.adalta.social/w/tuYBhErBwiJHz3GM2eKdaS 🔗 🇩🇪🇺🇸🇫🇷
Une faille de sécurité majeure force une mise à jour obligatoire et immédiate pour tous les déploiements.
0
0
0
@Schlumpf23@social.linux.pizza
·
Jan 31, 2026
Schlumpf23
@Schlumpf23@social.linux.pizza
Long time Linux user (since the late 90s), found a home with Arch for the last 6yrs. Lover of extreme and brutal writing and music. Huge fan of W.S.Burroughs, probably the greatest American writer of the 20th Century.
social.linux.pizza
800K Linux servers with a Telnet vulnerability. Unless you need it to talk to some legacy systems, turn Telnet off, it's 2026.
https://www.youtube.com/watch?v=81fq__6a1FQ
#Telnet #Vulnerability
0
0
0
📺 https://peer.adalta.social/w/czT4evi4npSbK3nLpqUYfP
Kritische RCE-Schwachstelle in Cisco Unified Communications Ein unauthentifizierter Angreifer kann übe
#security #vulnerability #cve #cloud #rce
0
0
0