Liki🧑🏼‍💻

Bookclub - twitter.com/i/lists/172252… Writly - twitter.com/i/lists/171049… Investing - twitter.com/i/lists/148016… Security - twitter.com/i/lists/121160… Web3 - twitter.com/i/lists/160861… Devs - twitter.com/i/lists/163914… startups - twitter.com/i/lists/168236… Game Dev - twitter.com/i/lists/161662…

Palantir gave new hires these books on Day 1 — Impro - Johnstone — The Looming Tower - Wright — Interviewing Users - Portigal — Getting Things Done - Allen — Principles - Ray Dalio Books are a cheap, easy way to build culture. Above all else, it says "we read books here".

Waht a time to be alive. SDLC advice from TeamPCP

Linux 重置密码大全 - Dirty Cow (CVE-2016-5195) - Dirty Pipe (CVE-2022-0847) - io_uring UAF (CVE-2022-2602) - Copy Fail (CVE-2026-31431) - io_uring ZCRX freelist (CVE-2026-43121) - Dirty Frag (CVE-2026-43284 CVE-2026-43500) - Fragnesia (CVE-2026-46300) -PinTheft (CVE-2026-43494)

Wrote a BOF that is able to execute .NET assemblies in-memory via module stomping so ETW / AMSI are seeing a legitimate GAC assembly instead - github.com/nettitude/CLR-…

Report a bug during the 6.5 Beta cycle for a chance to win one of these prizes 🛠️ Submissions close on Monday, June 1st @ 11:59 PM PST. Happy bug hunting! 🔗 More details: on.unity.com/6_5BetaSweeps

We released Ruby 4.0.5 and published security advisory for CVE-2026-46727. If you use Ruby 4.0.0~4.0.4, we recommend updating your Ruby version to 4.0.5. ruby-lang.org/en/news/2026/0…

🚨 CYBER INTELLIGENCE ALERT: SOURCE CODE SALE ANNOUNCEMENT — GITHUB INC. 🌐 ⚠️ ACTOR "TEAMPCP" CLAIMS TO POSSESS ~4,000 PRIVATE AND INTERNAL REPOSITORIES The threat actor identified under the alias TeamPCP (on remnant clandestine platforms) has posted a commercial advertisement for the sale of alleged core source code and internal organizational structure of GitHub (github. com). The attacker claims that the offering is not a ransom, but an exclusive direct sale. 🎯 Affected Entity: GitHub Inc. 👤 Threat Actor: TeamPCP 📂 Volume Claimed: Approximately ~4,000 packaged private code repositories. ⚠️ Verification Status: NOT CONFIRMED BY THE COMPANY / NO SAMPLES COMPILED. While the actor included a link on Limewire with the alleged directory listing and a screenshot showing logical names of official corporate compressed files (e.g., github-copilot.tar.gz, github-enterprise-server, red-team.tar.gz), the full authenticity of the file contents and the code's validity have not been independently assessed or confirmed. 📊 ANALYSIS OF THE MANIFESTO AND VISIBLE COMPONENTS (REPOSITORIES) Despite maintaining the "Unconfirmed" status, the technical listing of the compressed packages exhibits an internal naming convention that closely matches GitHub's actual architecture: 🤖 Artificial Intelligence and Core Tools: raycast-github-copilot.tar.gz and chiedo-copilot-cli-skills.tar.gz: Integration modules and capabilities of the AI ​​development assistant. github-enterprise-server-release-notifier.tar.gz: Code associated with the on-premises versions of the service. 🛡️ Security and Networking Infrastructure: github-security-risk-reporting.tar.gz, red-team.tar.gz, and github-ui-xss-hardening-research.tar.gz: Repositories for vulnerability management, risk reporting, and mitigation patches against Cross-Site Scripting (XSS) attacks in the graphical user interface. 📈 Telemetry and Global Operations: Compressions that segment regional operations, such as github-india.tar.gz, and logical channels for internal communication, such as repo-custom-claims-chatops.tar.gz. 🛡️ MITIGATION AND PREVENTIVE TECHNICAL RECOMMENDATIONS 🛑 Blocking and Monitoring Contact Channels: Register the Session and Tox IDs shared in the announcement within intelligence systems to track interactions or attempts at secondary file distribution. 🔒 Token and Key Leakage Audits: Organizations integrating their development workflows with GitHub are urged to perform rotations of their API keys, Personal Access Tokens (PATs), and OAuth credentials to mitigate risks in case of cross-platform access. ⚡ MONITORING AND EVALUATION 🌐 Intelligence System: analyzer.vecert.io 🛡️ Quickly assess your website's security with: monitor.vecert.io #CyberSecurity #GitHub #SourceCodeLeak #TeamPCP #BreachForums #PrivateRepos #Copilot #Infosec #ThreatIntelligence #CyberAlert #VECERT #IntelThreat

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

The internet runs on Nginx. And right now, millions of servers are one request away from getting owned. A 17-year-old bug just turned into a full-blown RCE exploit: → CVE-2026-42945 (CVSS 9.2) → No auth → No credentials → Just a single malicious HTTP request Attack chain: Heap Overflow → Nginx Worker Hijack → Remote Code Execution Researchers estimate ~19 MILLION exposed instances. PoC is already public. If you're running Nginx, patch NOW to 1.31.0 or 1.30.1 before bots start mass-scanning the internet.

🚨 Hackers turned supply chain attacks into a $1,000 competition. TeamPCP just open-sourced their Shai-Hulud worm and partnered with Breached forum. Biggest haul (by downloads) wins Monero prize. Even small packages count. GitHub version already removed. #supply-chain-contest" target="_blank" rel="nofollow noopener">thehackernews.com/2026/05/threat…

🖥️ 👓

🚨 We recently discovered that an unauthorized party obtained a token with access to the Grafana Labs GitHub environment, enabling the threat actor to download our codebase. (1/6)

We’re excited to introduce a new feature for Nighthawk Professional users - Labs. A new home for supporting tools, source code and samples for Nighthawk nighthawkc2.io/introducing-ni…

PoC for CVE-2026-2005 - PostgreSQL pgcrypto Heap Overflow Exploit github.com/var77/CVE-2026… #CVE20262005 #PostgreSQL #pgcrypto #Exploit #PoC #pwn

This bug is a variant path that became active after one of the "Dirty Frag" patches, "f4c50a4034e6". The actual window of vuln is only about "9 days", and creation of an unpriv userns is a prerequisite. To distros and Linux users: the patch proposed in the referenced write-up still does not cover at least one variant, __pskb_copy_fclone, so applying that patch alone does not prevent LPE. I have submitted a follow-up patch addressing this additional variant: @v4bel/" target="_blank" rel="nofollow noopener">lore.kernel.org/all/agRfuVOeMI… I'm also accelerating further analysis and testing on my end. I'll post updates as more results come in.

Rapid7 announced Cyber GRC today, a new solution that brings security ops, governance & compliance together in one view. Now, manage GRC requirements in a way that stands up to both regulatory scrutiny and board-level oversight. Secure early access: r-7.co/49GrpR6