I've been screaming about the asinine CISA cuts. A quick recap of how the Epstein Administration has... well, there's no other phrase than, "Fucked it all up."

And this is just ONE small department. A thread 🧵 1/10...

ht @technewsday.bsky.social
#CyberSecurity #CyberSecurityToday

The web still reals from a CVE 10.0 exploit of #React2Shell, though now there's a one-liner to test.

And such a great graphic of AI vs AI in monitoring... AI.

$20,000 bug bounty though!

h/t #CyberSecurityToday via @technewsday.bsky.social

React and Next.js devs: What side are you on?

> React2Shell is meaningless. It's over-hyped.

> React2Shell has exploited the entire Internet!

With the highest possible CVE Score of 10.0, and how proliferate on the web React is used, patch now!

ht #CyberSecurityToday in
#CyberSecurity

A new StealC malware campaign targets #Blender creators.

Tainted ".blend" files can auto-run Python embedded within them, which is enabled by default in older versions of
@blender.org.

Next time Blender asks you to "Migrate Settings", say no.

h/t @technewsday.bsky.social #CyberSecurityToday

ALERT: #NODEJS WEBSITES ARE MOST LIKELY COMPROMISED BY #Shai-Hulud malware - and most devs have no idea.

"Blindly pushing updates from NPM is no longer safe."

Horrible infosec leads to infections of 500+ of popular packages.

h/t @technewsday.bsky.social
#CyberSecurity #CyberSecurityToday

In #CyberSecurityToday...

The latest corruption is the SEC ending its long-standing case against #SolarWinds and their CISO Tim Brown.

FCC reverses ALL cybersecurity mandates originally set after the #SaltTyphoon hacks. WTAF?!

h/t @technewsday.bsky.social

#CyberSecurity

Cybersecurity Today: Fortinet Zero Day In Active Exploitation, North Korean Infiltration Grows And More: .Cybersecurity Today for November 16 2025 Critical Cybersecurity Updates: Fortinet Zero Day, North Korean Infiltration & JLR Cyber Attack In this episode of Cybersecurity Today, host David Chipley discusses the latest critical updates in ...

One of my first live demos of "Your network can be Pwned" was to exploit their so-called "patched" FortiNet firewalls. Presentation showed that even fully patched devices cannot be trusted.

Here's Fortinet again NOT DISCLOSING a 9.8 CVE 2025644460

h/t #cybersecuritytoday @technewsday.bsky.social

Cybersecurity Today: Cybersecurity Today: New Threats from AI and Code Extensions In today's episode, host Jim Love discusses the discovery of the 'Glass Worm,' a self-spreading malware hidden in Visual Studio Code extensions downloaded over 35,000 times. The worm, hiding its malic...

Want another reason to diss on AI browsers like Comet and OpenAI's Atlas? Or perhaps you use Cursor or Windsurf IDEs?

They are being released with OLD versions of Chrome(ium).

As of yesterday, researches have found and exploited some of the 94 already-patched CVEs.

h/t #CyberSecurityToday

Cybersecurity Today: Critical Security Alerts: TikTok Malware & Europol's SIM Farm Takedown In this episode of Cybersecurity Today, host David Shipley covers the latest developments in cyber threats and law enforcement victories. Topics include: cybercriminals using TikTok videos to dissemin...

A near perfect 9.9 CVE score in ASP.NET Core is out.

How much do you wager old #aspnetcore websites, like 100% all old sites ever built!!, will have it's authentication code "refactored"?

Yeah, didn't think so.

CVE-2025-55315

h/t #CyberSecurityToday
cybersecuritytoday.libsyn.com/critical-sec...

Web Player - Pocket Casts Listen to your favorite podcasts online, in your browser. Discover the world's most powerful podcast player.

An important segment from the #CyberSecurityToday podcast