Former Syrian Security Official Indicted in Austria
Prosecutors say a Syrian security official accused of torture hid in plain sight in Europe for years, protected by Israeli and Austrian intelligence agents. ⌘ Read more
Algeria Pardons Writer Boualem Sansal at Germany’s Request
Boualem Sansal, an Algerian-French writer, was arrested on accusations of undermining national security during a visit to his homeland a year ago and sentenced to five years in prison. ⌘ Read more
Docker Desktop 4.50: Indispensable for Daily Development
Docker Desktop 4.50 represents a major leap forward in how development teams build, secure, and ship software. Across the last several releases, we’ve delivered meaningful improvements that directly address the challenges you face every day: faster debugging workflows, enterprise-grade security controls that don’t get in your way, and seamless AI integration that makes modern development… ⌘ Read more
ClickFix May Be the Biggest Security Threat Your Family Has Never Heard Of
An anonymous reader quotes a report from Ars Technica: ClickFix often starts with an email sent from a hotel that the target has a pending registration with and references the correct registration information. In other cases, ClickFix attacks begin with a WhatsApp message. In still other cases, the user receives the URL at the t … ⌘ Read more
sudo-rs Affected By Multiple Security Vulnerabilities - Impacting Ubuntu 25.10
The Ubuntu 25.10 transition to using some Rust system utilities continues proving quite rocky. Beyond some early performance issues with Rust Coreutils, breakage for some executables, and broken unattended upgrades due to a Rust Coreutils bug, it’s also sudo-rs now causing Ubuntu developers some headaches. There are two moderate security issues affecting sudo-rs, the Rust version of sudo being used by Ubuntu 25.10… ⌘ Read more
FFmpeg To Google: Fund Us or Stop Sending Bugs
FFmpeg, the open source multimedia framework that powers video processing in Google Chrome, Firefox, YouTube and other major platforms, has called on Google to either fund the project or stop burdening its volunteer maintainers with security vulnerabilities found by the company’s AI tools. The maintainers patched a bug that Google’s AI agent discovered in code for decoding a 1995 vi … ⌘ Read more
China’s New Scientist Visa is a ‘Serious Bid’ For the World’s Top Talent
China has introduced a visa that will allow young foreign researchers in science, technology, engineering and mathematics to move there without having to secure a job first. From a report: Before the introduction of the K visa, most foreign STEM researchers hoping to move to China had to find a job in advance and then apply for a work visa … ⌘ Read more
Intel Releases New CPU Microcode, Publishes 30 New Security Advisories
It’s “Patch Tuesday” and Intel is out with new CPU microcode for Linux users in addition to making public 30 new security advisories that affect a range of Intel products… ⌘ Read more
Firefox 145 Drops Support For 32-bit Linux
BrianFagioli writes: Mozilla has released Firefox 145.0, and the standout change in this version is the official end of support for 32-bit Linux systems. Users on 32-bit distributions will no longer receive updates and are being encouraged to switch to the 64-bit build to continue getting security patches and new features. While most major Linux distributions have already moved past 32-bit … ⌘ Read more
Lima becomes a CNCF incubating project
The CNCF Technical Oversight Committee (TOC) has voted to accept Lima as a CNCF incubating project. Lima enables secure, isolated environments for running cloud native and AI workloads. What is Lima? Where Does It Fit in… ⌘ Read more
ProcessOne: On Signal Protocol and Post-Quantum Ratchets
Signal improved its protocol to prepare encrypted messaging for the quantum era.
They call the improvement “Triple Ratchet” (or SPQR = Signal Post-Quantum Ratchet).
[Signal Protocol and Post-Quantum Ratchets\ \ We are excited to announce a significant advancement in the security … ⌘ Read more
↳
In-reply-to
»
@prologic all I can say or, rather, express is…
⤋ Read More
@bender@twtxt.net yeah it wasn’t so much of a browser thing, more of a security/abuse thing. If you upload large media, we downsize/downscale it, etc.
**The Authorization Circus: Where Security Was the Main Clown **
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-authorization-circus-where-security-was-the-main-clown-f4b84ca9356f?source=rss—-7b … ⌘ Read more
French lawmakers vote to tax American retirees who freely benefit from social security ⌘ Read more
Bank of America Faces Lawsuit Over Alleged Unpaid Time for Windows Bootup, Logins, and Security Token Requests
A former Business Analyst reportedly filed a class action lawsuit claiming that for years, hundreds of remote employees at Bank of America first had to boot up complex computer systems before their paid work began, reports Human Resources Director magazine:
… ⌘ Read more
Most DevSecOps Advice Is Useless without Context—Here’s What Actually Works
Generic DevSecOps advice may sound good on paper, but it often fails in practice because it ignores team context, workflow, and environment-specific needs. Overloaded controls, broad policies, and misapplied tools disrupt the flow of development. And once flow breaks, security measures are the first to get bypassed. The way forward isn’t more rules but smarter… ⌘ Read more
US Congressional Budget Office Hit By Suspected Foreign Cyberattack
An anonymous reader quotes a report from BleepingComputer: The U.S. Congressional Budget Office (CBO) confirms it suffered a cybersecurity incident after a suspected foreign hacker breached its network, potentially exposing sensitive data. In a statement shared with BleepingComputer, CBO spokesperson Caitlin Emma confirmed the “security incid … ⌘ Read more
US flight cancellations accelerate as airlines comply with government shutdown order
JOSH FUNK and RIO YAMAT, Reporters - Associated Press
_Stephan: I just got an email from a reader who has spent two days trying to get out of Chicago, but her flight has been canceled again and again. I have been warned not to fly because I would have to go through a security check and publishing SR may cause me to be detained, so I don’t have any person … ⌘ Read more
Cloud Native Computing Foundation Announces Graduation of Crossplane
Graduation marks Crossplane’s readiness for widespread use and its evolution from a control plane framework to groundwork for intelligent, secure, and scalable cloud operations and platform engineering Key Highlights: SAN FRANCISCO, Calif. – November 6, 2025… ⌘ Read more
Grinn GenioBoard Offers MediaTek Genio 700 SoM, Dual M.2 Expansion, and CRA-Ready Security
Grinn has unveiled the GenioBoard, a compact single-board computer aimed at accelerating development of embedded and AI-enabled systems. It integrates the company’s GenioSOM-510 and GenioSOM-700 modules built on MediaTek’s Genio processor family, combining multiple Arm Cortex-A cores with an integrated GPU and NPU for edge inference applications. Powered by the Medi … ⌘ Read more
The Louvre’s Video Surveillance Password Was ‘Louvre’
A bungled October 18 heist that saw $102 million of crown jewels stolen from the Louvre in broad daylight has exposed years of lax security at the national art museum. From trivial passwords like ‘LOUVRE’ to decades-old, unsupported systems and easy rooftop access, the job was made surprisingly easy. PC Gamer reports: As Rogue cofounder and former Polygon arch-jester Cass … ⌘ Read more
Danish Authorities In Rush To Close Security Loophole In Chinese Electric Buses
An anonymous reader quotes a report from the Guardian: Authorities in Denmark are urgently studying how to close an apparent security loophole in hundreds of Chinese-made electric buses that enables them to be remotely deactivated. The investigation comes after transport authorities in Norway, where the Yutong buses ar … ⌘ Read more
iOS 18.7.2 & iPadOS 18.7.2 Security Updates Released
iOS 18.7.2 and iPadOS 18.7.2 are available for iPhone and iPad users who are not running iOS 26 and who do not want to install iOS 26.1 update onto their devices. The iOS 18.7.2 and iPadOS 18.7.2 updates are security releases and do not include any new features or changes. Separately, iOS 26.1, iPadOS 26.1, … Read More ⌘ Read more
Louvre heist suspect is social media star and former museum security guard, reports say ⌘ Read more
oss-security - runc container breakouts via procfs writes: CVE-2025-31133, CVE-2025-52565, and CVE-2025-52881
Comments ⌘ Read more
MacOS Sequoia 15.7.2 & MacOS Sonoma 14.8.2 Updates Released
MacOS Sequoia 15.7.2 and macOS Sonoma 14.8.2 are available as software updates for Mac users who are not running the macOS Tahoe operating system. Safari 26.1 is also available as an update for these versions of MacOS. These are security updates for macOS Sonoma and Sequoia, and the updates do not include new features or … [Read More](https://osxdaily.com/2025/11/04/macos-sequoia-15-7-2-macos-sonoma-14-8-2-updat … ⌘ Read more
Turris Omnia NG Introduced with OpenWRT-Derived OS, Wi-Fi 7, and 10 Gbps Networking
CZ.NIC has launched the Turris Omnia NG router, described as a new open-source device focused on security, performance, and modularity. It features a quad-core processor, Wi-Fi 7 connectivity, and M.2-based expandability, targeting users who require a long-lasting and adaptable networking platform. The Omnia NG is powered by a quad-core ARMv8 processor operating at 2.2 GHz […] ⌘ Read more
MacOS Tahoe 26.1 Update Released for Mac
Apple has released macOS Tahoe 26.1 for all Mac users, being the first major point release software update for macOS Tahoe since it debuted a few months ago. macOS Tahoe 26.1 includes a few new features, some bug fixes, and security patches, making it an important update to install for any Mac user that is … Read More ⌘ Read more
iOS 26.1 Update Released for iPhone & iPad
Apple has released iOS 26.1 for iPhone, and iPadOS 26.1 for iPad. These are the first major point release updates for iOS 26, and offer a few changes, new features, bug fixes, and security enhancements, and are therefore recommended for users running iOS 26 or iPadOS 26. You will find a new toggle for Liquid … Read More ⌘ Read more
Kristi Noem refuses state’s request not to use tear gas near children on Halloween
Carl Gibson, Contributing Writer - Raw Story
Stephan: The defining characteristics of the Trump vassals are their incompetence, their nastiness, and their desire to live the life of the uber-rich, and be protected while doing so from ordinary Americans. No one demonstrates this more openly than Department of Homeland Security Secretary Kristi Noem
 **
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-m … ⌘ Read more
Securing the software supply chain: How distroless containers defend against npm malware attacks
The wake-up call: npm ‘is’ package compromise In July 2025, the npm package “is”—downloaded millions of times each week—was quietly hijacked. A simple phishing email to its maintainer opened the door for attackers to inject malicious… ⌘ Read more
theCUBE Research economic validation of Docker’s development platform
Docker’s impact on agentic AI, security, developer productivity, costs, ROI An independent study by theCUBE Research To investigate Docker’s impact on developer productivity, software supply chain security, agentic AI development, cost savings, and ROI, TheCUBE Research asked nearly 400 enterprise IT & AppDev leaders from medium to large global enterprises. The industry context is that… ⌘ Read more
$1000 Bounty: GitLab Security Flaw Exposed
How a $1000 Bounty Hunt Revealed a GraphQL Type Check Nightmare Allowing Maintainers to Nuke Repositories
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/1000-bounty-gitlab-security-flaw-exposed-dd30978 … ⌘ Read more
DietPi October 2025 Update Adds Support for NanoPi R3S, R76S, and Reworked Dashboard
The October 18th release of DietPi v9.18 introduces support for new FriendlyELEC single-board computers, a redesigned DietPi-Dashboard with improved security, and the addition of the LazyLibrarian eBook and audiobook manager. The update also includes bug fixes, filesystem improvements, and expanded compatibility for virtual devices DietPi: DietPi is a lightweight, Debian-base … ⌘ Read more