More governors need to stand up like this.
I'm no fan of Newsom generally, but he's at least not rolling over for the administration. California is better off for it.
02.10.2025 22:37 β π 25 π 1 π¬ 2 π 0
I haven't found exploitation of Fortra's GoAnywhere MFT CVE-2025-10035 in EDR telemetry yet. Which means it is probably still rare and folks have some time to patch. Wonder how long it will stay that way. The previously exploited vulns appeared fairly quickly.
27.09.2025 18:26 β π 2 π 1 π¬ 1 π 0
It seems like thereβs still a piece of the story missing re: the private key.
27.09.2025 18:32 β π 2 π 0 π¬ 0 π 0
I donβt think Iβve ever loved anything as much as ICE loves violently attacking women.
25.09.2025 18:41 β π 15035 π 4208 π¬ 1265 π 337
The Secret Service isn't claiming it foiled any plot targeting the UN General Assembly. Just that a big collection of SIMs (probably used for fraud) could have *potentially* disrupted NYC cell service. The SIMs were in a *35 MILE* radius of the UN.
These headlines are all pretty egregiously wrong:
23.09.2025 21:20 β π 359 π 100 π¬ 11 π 8
This is incredible stuff
21.09.2025 11:57 β π 37 π 6 π¬ 1 π 0
CVE-2025-10035: Critical Vulnerability in Fortra GoAnywhere MFT | Blog | VulnCheck
A new critical vulnerability was disclosed in Fortra's GoAnywhere managed file transfer product, which has been targeted in the past by ransomware and extortion groups
Last night, Fortra disclosed a critical vulnerability in their GoAnywhere MFT file transfer product. CVE-2025-10035 has a virtually identical description to CVE-2023-0669, which was exploited by ransomware crews. Unclear if this one has been exploited. Patch now. www.vulncheck.com/blog/cve-202...
19.09.2025 16:36 β π 4 π 4 π¬ 0 π 0
Diagram titled 'Possible causes of your problems'. On the left hand side, subtitled 'Yes': Funding removed from local councils, growing gap between rich and poor, multinational companies not paying their taxes, lack of new affordable housing, government not investing sufficiently in schools and healthcare. On the right hand side, subtitled 'No': Picture of small boat, with arrow; 'People fleeing horrific situations that you and I can't imagine'.
Possible causes of your problems. Itβs a diagram that (sadly) still seems relevant in 2025, so reposting a year and a bit on.
25.08.2025 17:18 β π 2630 π 1625 π¬ 14 π 28
VulnCheck - Outpace Adversaries
Vulnerability intelligence that predicts avenues of attack with speed and accuracy.
Hey, security research friends! You know how vulnerability disclosure coordination is the most painful part of vuln research? Good news: VulnCheck will do it for you! You get credit, we handle the CVEs + vendor discussions.
Report vulnerabilities for disclosure here: vulncheck.com/advisories/r...
17.09.2025 22:40 β π 7 π 0 π¬ 0 π 1
When to call the witches
1-800 dark magic
A beautiful, tender piece about grief and aging and friendship and the sacred call to haunt: joysullivan.substack.com/p/when-to-ca...
13.09.2025 03:17 β π 0 π 0 π¬ 0 π 0
We need community notes here to clarify that in fact Michelle Wu ended his campaign
11.09.2025 23:18 β π 1542 π 189 π¬ 24 π 4
A meme with the black spinning top from the movie "Inception". It's on a beige-ish background and the text of the meme says "It's like...a third-order command injection."
Quote from the VulnCheck team exploit mines 2025-09-11T19:24:00Z
11.09.2025 23:45 β π 2 π 1 π¬ 0 π 0
Overachievers
09.09.2025 14:19 β π 4 π 0 π¬ 0 π 0
Gen Z in Nepal burned down the parliament, burned down the homes of government officials, forced the prime minister to resign, and paraded the finance minister through the streets nearly naked.
09.09.2025 14:14 β π 8046 π 2420 π¬ 231 π 835
VulnCheck Insights: CVE Context at the Hover of Your Cursor | Blog | VulnCheck
Instead of bouncing between tabs, you now get instant, current context the moment a CVE appears on your screen.
I know NPM and SAP and probably other acronyms are on fire today, but @vulncheck.bsky.social put out a Chrome extension for #CVE and #exploit intel and it's saving me kind of a lot of tab-switching effort, so you get π π€ posts from me instead of ποΈπ₯ posts www.vulncheck.com/blog/vuln-ch...
08.09.2025 21:13 β π 1 π 1 π¬ 0 π 0
Friends, for your Friday, here's a new image of planets being born.
29.08.2025 17:43 β π 418 π 63 π¬ 3 π 4
The inverse of this skeet is "Some enterprising young sys admins used example machine keys for production deployments, which is also significantly less surprising than anyone reading docs."
05.09.2025 21:43 β π 0 π 0 π¬ 0 π 0
There is something soothing about watching a baseball diamond get steamrolled.
04.09.2025 20:31 β π 5 π 1 π¬ 1 π 0
THREATCON1 Agenda
Holy speaker agenda, Batman! This is a shameless plug that is also wholly sincere: @vulncheck.bsky.social is hosting our inaugural THREATCON1 in VA Sept. 21 and 22. The conference is free, Jen Easterly and Andrew Boyd are keynoting (!), and the talk tracks slap. COME!! www.threatcon1.org/agenda
29.08.2025 17:49 β π 2 π 1 π¬ 1 π 0
oh, brother
27.08.2025 19:50 β π 0 π 0 π¬ 0 π 0
Great metaphor
27.08.2025 16:38 β π 2 π 0 π¬ 0 π 0
"I hate this piece of crap."
Quote from the team #exploit mines 2025-08-26T21:48:00Z
(am I doing ISO 8601 right, since this is apparently what we are doing now?)
27.08.2025 02:36 β π 2 π 0 π¬ 0 π 0
New exploits and detections for FortiSIEM, SharePoint, SUSE Manager, Web-Check, and CHCNAV P5E GNSS. New support for legacy Censys queries. - Initial Access
API Update, CVE-2025-25256: Fortinet FortiSIEM Command Injection, CVE-2022-30622: CHCNAV P5E GNSS, CVE-2020-1147: SharePoint .NET Core Deserialization RCE, CVE-2025-46811: SUSE Manager RemoteMinionCom...
New additions to @VulnCheckAI's initial access intelligence: Exploits, PCAPs, signatures, and queries for FortiSIEM CVE-2025-25256, SharePoint CVE-2020-1147, SUSE Manager CVE-2025-46811, an underappreciated GNSS reference station cred leak, and plenty more π docs.vulncheck.com/initial-acce...
25.08.2025 12:48 β π 3 π 0 π¬ 0 π 0
VulnCheck | Webinar August 2025
Yo I don't always post @runZeroInc spam here.
Sometimes I post @vulncheck spam.
I'm super stoked for this:
https://wwv.vulncheck.com/1h-state-of-exploitation-webinar
22.08.2025 20:18 β π 0 π 1 π¬ 1 π 0
VulnCheck | Webinar August 2025
In 1H 2025 alone, 400+ CVEs were reported as exploited in the wild for the first time, and 180+ CVEs were freshly attributed to known threat actors.
Into #CVE and #exploit data? Join @vulncheck.bsky.social on Tuesday, August 26 for more 1H 2025 attack trends π
wwv.vulncheck.com/1h-state-of-...
21.08.2025 22:22 β π 3 π 0 π¬ 0 π 0
holy crap.
"In Ireland, there are more than 80 data centres, gobbling up 50 per cent of the electricity in the Dublin region, and hoovering up more than 20 per cent nationally, as they work to process and distribute huge quantities of digital information."
10.08.2025 15:07 β π 1596 π 701 π¬ 36 π 31
β this user is questioning the fabric of reality. Three ferrets in a trench coat, writing shitposts. Berlin. A hoe (Head of Engineering) <insert social status labels>
https://hopto.ad/@ochronus
I'm not interested in just being busy. I want to be fully invested in an endeavor of my choosing, sharing the journey with equally passionate people!
Diagrams, etc. Author, cycling cartoonist.
Best work: https://diagramclub.substack.com/
Cities, justice, bad jokes. Dad. Immigrant π¨π¦β¬
οΈπΊπΈβ¬
οΈRu. Staff eng on break, advocate at @tritag.ca, bsky tinkerer at @feeds.mdruker.app. he/him. Support πΊπ¦
π Kitchener-Waterloo, Ontario
New here? My tips: https://bsky.app/profile/mdruker.app/post/3ljofscojis2j
A latent space odyssey
gracekind.net
Weather and climate scientist focused on extreme events like floods, droughts, & wildfires on a warming planet. www.weatherwest.com
Postdoc @univie.ac.at
Researches the Milky Way & star clusters with machine learning
Founded the Astronomy feeds (@astronomy.blue)
π³οΈβπ π³οΈββ§οΈ (she/her), β
Website: https://emily.space
GitHub: https://github.com/emilyhunt
Associate Professor of Earth, Environmental, and Planetary Science at Washington University in St. Louis β’ Planetary Data System Geosciences Node Director β’ Planetary Bastard β’ he/him/Sir
Mainly focused on covering extreme weather events worldwide. Also interested in climate dynamics, geohazards and satellite remote sensing. Follow me also on X: x.com/wxnb_
WSJ tech columnist. Dog person. Author of Arriving Today, an unfortunately timely book about the global system of trade we're currently flushing down the toilet: https://www.harpercollins.com/products/arriving-today-christopher-mims
Technologies, Defense, Electro, Boardgames & e-Sport ! Add some humour and a touch of cynism
We are Microsoft's global network of security experts. Follow for security research and threat intelligence. https://aka.ms/threatintelblog
Security without fear since 2018.
https://decipher.sc
https://www.youtube.com/@DecipherSec
it's a website (and a podcast, and a newsletter) about humans and technology, made by four journalists you might already know. like and subscribe: 404media.co
Democratic Nominee for Mayor of NYC. Assemblymember. Running to make this city affordable. Democratic Socialist. Early Voting: 10/25 - 11/2. Election Day: 11/4. zohranfornyc.com
Columnist at GuardianUS. Thinking/teaching at Columbia J School. Author of NEWSROOM CONFIDENTIAL and GHOSTING THE NEWS. (Join me at βAmerican Crisisβ on Substack)
NorthSec β A community-run cybersecurity event offering world-class talks, trainings & a 48-hour, on-site capture-the-flag competition. Every May in MontrΓ©al since 2013 π¨π¦ Publications en franΓ§ais et en anglais.
https://nsec.io/
