SeanWrightSec's Avatar

SeanWrightSec

@seanwrightsec.com.bsky.social

Principal Application Security Engineer focused on all things #AppSec. Occasionally dabble in my own research. Also keen gamer and aspiring photographer.

1,862 Followers  |  122 Following  |  287 Posts  |  Joined: 27.04.2023  |  1.7371

Latest posts by seanwrightsec.com on Bluesky

Looks like you can import from other appsโ€ฆ

01.08.2025 18:12 โ€” ๐Ÿ‘ 1    ๐Ÿ” 1    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

I like the ability to sync using things like my iCloud account, not to mention the support for multiple platforms and OSโ€™s. It also looks slick as well.

01.08.2025 18:11 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Preview
Authenticator app download: Get Proton Authenticator | Proton Download Proton Authenticator app for Windows, macOS, Linux, Android, and iOS. Protect your accounts with secure two-factor codes. No ads, no tracking.

Proton have released a new Authenticator app. Looks pretty cool!

proton.me/authenticato...

01.08.2025 00:17 โ€” ๐Ÿ‘ 5    ๐Ÿ” 0    ๐Ÿ’ฌ 3    ๐Ÿ“Œ 2
Preview
Amazon AI coding agent hacked to inject data wiping commands A hacker planted data wiping code in a version of Amazon'sย generative AI-powered assistant, the Q Developer Extension for Visual Studio Code.

A good example of why understanding what the code of AI is doing.

www.bleepingcomputer.com/news/securit...

25.07.2025 22:00 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
VPN usage soars in Iran โ€“ but authorities may be trying to prevent it Proton VPN confirmed an hourly increase in sign-ups of over 1,400% starting from July 25, 2025

Iโ€™m completely shocked! Would have never expected this to happen!

www.techradar.com/vpn/vpn-priv...

25.07.2025 19:30 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
This major cybercrime forum might have just exposed all its users A leak forum did what leak forums do - but to its own users

Oh dear! What a shameโ€ฆ never mind ๐Ÿ˜

The sweet taste of karma!

www.techradar.com/pro/security...

25.07.2025 18:43 โ€” ๐Ÿ‘ 5    ๐Ÿ” 2    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Never, totally legit ๐Ÿคฃ

14.07.2025 20:40 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Exactly my thoughts ๐Ÿ˜‚

14.07.2025 20:40 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

Where to start ๐Ÿ˜

14.07.2025 12:00 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 2    ๐Ÿ“Œ 0
Post image

Source: caniphish.com/blog/cyber-s...

10.07.2025 00:07 โ€” ๐Ÿ‘ 3    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 1
Preview
Humble Tech Book Bundle: The Pentesting & Hacking Toolkit by Packt Learn how to test your cyber defenses with the Pentesting & Hacking Toolkit by Packt. Protect yourself from cyberattacks and support charity!

Humble Bundle has an interesting bundle at the moment.

09.07.2025 18:40 โ€” ๐Ÿ‘ 4    ๐Ÿ” 2    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Fingers crossed they see the errors of their way and improve. Sucks to be in these positions.

08.07.2025 16:37 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Yikes! That doesnโ€™t sound good. Hope it gets sorted out.

07.07.2025 23:42 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Sorry to hear that. I hope it gets better! I would also say that often those postings are for the ideal candidate. So not always a case that you need to have everything on the job spec.

07.07.2025 22:50 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Shout if thereโ€™s anything I can do help. Sorry you going through a rough patch. But you realise that you not alone ๐Ÿ˜€

07.07.2025 21:01 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Also you likely brings to the table that others who have been solely based in security wouldnโ€™t be able to. Thatโ€™s so important! So donโ€™t sell yourself short ๐Ÿ˜€

07.07.2025 20:04 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

You got this! Iโ€™d rather someone with rounded experience than some ninja who may be great from a technical perspective but isnโ€™t so hot when dealing with others and business needs. Soft skills is often such an underrated aspect of our jobs.

07.07.2025 20:00 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Preview
Seven months for IT worker who trashed his work network : Don't leave the door open to disgruntled workers

Another reminder to revoke access immediately for former employees, especially ones who have been dismissed.

www.theregister.com/2025/06/30/b...

30.06.2025 20:05 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

This is so important in our field as we have a constant barrage of new things (technology, attack types, etc).

Itโ€™s not an easy thing to do, and does take time. But once you are at peace with it, itโ€™ll help things for the better.

24.05.2025 14:18 โ€” ๐Ÿ‘ 3    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Iโ€™ve given this advice to several folk, and itโ€™s worth sharing with others.

Learning how to become comfortable with not knowing something is liberating. Itโ€™ll help give you the confidence to then do something about it.

24.05.2025 14:18 โ€” ๐Ÿ‘ 5    ๐Ÿ” 2    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Not sure. I donโ€™t store my passwords on iCloud. But maybe they did a default message to everyone ๐Ÿคทโ€โ™‚๏ธ

22.05.2025 19:05 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0
Preview
NIST's LEV Equation to Rate Chances a Bug Was Exploited The new equation, introduced by the National Institute of Standards and Technology (NIST), aims to offer a mathematical likelihood index that could be a game-changer for SecOps teams and vulnerability...

While having something showing the likelihood of a vuln being exploited is good, I do worry this will end up being just another metric. I hope that Iโ€™m wrong, and this will prove helpful.

www.darkreading.com/vulnerabilit...

22.05.2025 11:55 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Post image

Anyone else seen this on Instagram?

21.05.2025 20:25 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

A really important reason why itโ€™s important to have security tooling working and operating as you expect. Itโ€™s already difficult to get other teams to buy into these tools so when they are constantly โ€œwrongโ€, getting those teams onboard is almost impossible.

15.05.2025 13:35 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Vulnerability Disclosure | ENISA ENISA is the EU agency dedicated to enhancing cybersecurity in Europe. They offer guidance, tools, and resources to safeguard citizens and businesses from cyber threats.

Also important to note that ENISA is a CNA (since Jan 2024), so can it can issue CVEs itself.

www.enisa.europa.eu/topics/vulne...

15.05.2025 08:39 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Important to note that CVE is not a database per se. This is why we have the likes of NVD. So if anything, ENISA would be competing with NVD. But I still have concerns of how this may fragment the ecosystem.

15.05.2025 08:36 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 1    ๐Ÿ“Œ 0

Just patched my car ๐Ÿš™ ๐Ÿคฃ

#VulnManagement

13.05.2025 11:19 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

Having said that, I do like the critical and exploited vulnerabilities sections as well as the search functionality.

13.05.2025 10:28 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
EUVD European Vulnerability Database

See the EU Vulnerability Database is now live. While I get the desire to have this, the problem that I now worry about is that this is going to fragment vulnerabilities. So making an already difficult problem even harder.

euvd.enisa.europa.eu

13.05.2025 10:21 โ€” ๐Ÿ‘ 9    ๐Ÿ” 4    ๐Ÿ’ฌ 3    ๐Ÿ“Œ 2

Yep!

11.05.2025 16:45 โ€” ๐Ÿ‘ 2    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

@seanwrightsec.com is following 19 prominent accounts