Strong letter from @RonWyden about Microsoft security failures that enabled SolarWinds hack and recent Storm-0558 campaign. He calls on @CISAgov, @FTC and @TheJusticeDept to investigate company and hold it "responsible for its negligence." https://t.co/AY4ImksoBV pic.twitter.com/mpv2pFiEOQ

— Kim Zetter (@KimZetter) July 27, 2023

STACK OVERFLOW JUST ANNOUNCED THEIR OWN AI!!!

OverflowAI is a tool, that will also have a VS Code plugin. The way this works, if you are on the site and ask a question, it will produce the answer for you while also citing the sources it used to produce the answer.

You can then… pic.twitter.com/QrOKDvqWFG

— Danny Thompson (@DThompsonDev) July 27, 2023

(ﾉo‿o)ﾉ✧.*･｡ﾟ Publication day!! First four articles from the US 2020 Facebook and Instagram Election study (FIES) are out! 3 in Science and 1 in Nature pic.twitter.com/fIDNfNgvut

— Taylor W Brown (@taywbrown) July 27, 2023

i must study war so my sons can study business so their sons can study art so their sons can write gay vampire fiction https://t.co/lu0qU3v7Py

— sophie (@netcapgirl) July 27, 2023

https://t.co/MllU2A3XMI

— Dr. Dan Lomas (@Sandbagger_01) July 28, 2023

Very misleading bulletin:
1. ZenBleed is not a side channel.
2. End users rely on the OS for sandboxing.
3. It is not even clear what "side channels" are. https://t.co/AFCNbYpWsf

— Daniel Moghimi (@flowyroll) July 27, 2023

I’m glad our silly Federal laws provide a strong incentive for people to keep large amounts of privacy-preserving cash in circulation. https://t.co/47Kvil1ogd

— Matthew Green (@matthew_d_green) July 27, 2023

CVE-2023-38646 Metabase RCE. Metabase as a data visualization tools assembles a host of mainstream JDBC drivers. I demonstrated one exploitation of them. If you feel like more, I propose reading the slides of the presentation which @pmnh_ and I have spoken of in BH Asia 2023. pic.twitter.com/rugMIRIbuU

— pyn3rd (@pyn3rd) July 28, 2023

Call of Duty multiplayer servers temporarily suspended due to a malware that's automatically propagating to players' systems. The worm was initially identified on VirusTotal on 24th July, 2023. More samples from the same source: https://t.co/9tDNEHE8n1 https://t.co/YFXa9dhC1H pic.twitter.com/rJN8LuHr0w

— Bernardo Quintero (@bquintero) July 27, 2023

Fascinating world of ancient #glass: #Roman bird-shaped vessels were used as perfume bottles. The liquid was sealed inside the vessels and the tip of the tail had to be broken to remove the perfume. This one is still intact and filled with the scented content! I would like...1/2 pic.twitter.com/gzzhLxoYs3

— Nina Willburger (@DrNWillburger) July 27, 2023

CVE-2023-38633 in librsvg: Arbitrary file read when xinclude href has special characters: Posted by Alan Coopersmith on Jul 27I haven't seen this go by yet, so for those who haven't seen it:

https://t.co/DRWLWJDWQe reports:

CVE-2023-38633:… https://t.co/3zAt2CkITY

— Open Source Security (@oss_security) July 27, 2023

https://t.co/jfQLJkyGW3

— Dr. Dan Lomas (@Sandbagger_01) July 28, 2023

My husband and I called my sweet, 85-year-old grandma to tell her I got a new job.

She congratulated us, talked for a bit, and then hung up.

Later she called me to say I should open a secret bank account and never tell my husband about it.

My grandma is fierce.

— Mommy Owl (@Lhlodder) November 12, 2018

I published a 40 minute interview with Australia's Home Affairs and Cyber Security Minister @ClareONeilMP yesterday. The founding director of the UK's NCSC @ciaranmartinoxf also makes an appearance.https://t.co/9k1kKCHCbd

— Patrick Gray (@riskybusiness) July 27, 2023

🚨We found adversarial suffixes that completely circumvent the alignment of open source LLMs. More concerningly, the same prompts transfer to ChatGPT, Claude, Bard, and LLaMA-2…🧵

Website: https://t.co/ja2FPw9aad
Paper: https://t.co/1q4fzjJSyZ pic.twitter.com/SQZxpemCDk

— Andy Zou (@andyzou_jiaming) July 28, 2023

I’ve just released some research into 38 SaaS-native attack techniques across the kill chain and produced a SaaS attack matrix to go along with it.https://t.co/1bbkpI5IlC

This is just the beginning but my hope is this will become an ongoing community project.

— Luke Jennings (@jukelennings) July 27, 2023

P4wnP1 by @mame82 for the @raspberrypi Zero W is awesome, but needing a USB stem or cable makes for a clunky package. @RoganDawes found out that you can install Linux ON an LTE modem. It's the perfect platform for long or short distance P4wnP1 shenanigans! https://t.co/54oqx3ZYdH pic.twitter.com/EnGVnYzGty

— Orange Cyberdefense's SensePost Team (@sensepost) July 27, 2023

Fact: Metabase doesn't release the fixed code in their "oPen-SouRce" repository https://t.co/HMgjfSMh6q
So basically, If you're naively using their open-source version, you're still vulnerable! pic.twitter.com/mRLBvHUfQW

— Janggggg (@testanull) July 27, 2023

I read this blog post by @benhawkes and it's really a fantastic breakdown of some of the history of Android Security as well as current attack surfaces and vulnerability research areas. You should read if you're into mobile sec.https://t.co/7TVjm240u0

— Matt Linton (@0xMatt) July 26, 2023

Best poster award pic.twitter.com/eIlxXKDFtE

— Daniel Severo 🤙🍍 #ICML2023 🍍🤙 (@_dsevero) July 27, 2023

My daughter just put herself in timeout in her room because she was “done hearing other people’s voice noise.”

— Mommy Owl (@Lhlodder) July 25, 2023

i love u guys so much 😭 pic.twitter.com/cV2KSQSOgZ

— Jenn Takahashi (@jenntakahashi) July 27, 2023

OMG. Seymour Hersh’s handler really messed up.

The “anonymous US official” supposed to be briefing Hersh used a russian expression (мальчик в трусиках) that English speakers don’t use. 😂 pic.twitter.com/iwq4c2ZVzN

— Bad Baltic Takes (@BadBalticTakes) July 27, 2023

Go to therapy, Folks. pic.twitter.com/Iec1WYxQVL

— working out new material on here daily (@glazerboohoohoo) July 18, 2023