Vin @ Vintuitive ⚡🌐

‼️🚨 BREAKING: Kash Patel's apparel website is reportedly hosting ClickFix malware, according to multiple visitors. A fake Cloudflare verification page is tricking users into pasting OS-specific "verification" commands that execute malware. The macOS path fetches an infostealer targeting Keychain, browser data, session tokens, and crypto wallets. Source: @dm4uz3

“It is a real worry that this might just have a longer term consequence of young people no longer being in the habit or the practice of getting news.” "The Albanese government has claimed that 4.7m under-16s social media accounts have been deactivated, removed or restricted..."

Possible @McDonalds breach?

VS Code WARNING: 3800 repos hacked GitHub just confirmed a massive breach affecting 3,800 repos after an employee installed a malicious VS Code extension. Here is why you must be careful with your browser and IDE plugins. #github #vscode #extensions

That's a lot of MacBook Neos!

New breach: The Dragonica Lunaris private server suffered a breach in December which exposed 126k email addresses, usernames, dates of birth and bcrypt password hashes. 69% were already in @haveibeenpwned. Read more: haveibeenpwned.com/Breach/Dragoni…

@Ravenismeee Yesterday afternoon.

Be honest… when was the last time you wrote something with a pen on paper ??

@TheMekon_Venus Tommy Cooper.

When you see a Fez… what’s the first thing you think of?

@brockpierson Yes. But Internet Explorer was better. ...and that's saying something!

Did you personally ever use Netscape Navigator?

@CorboDT @github This just confirms my life choices. 👍

@github Just to be clear: Microsoft’s GitHub was compromised when a Microsoft developer using Microsoft VSCode installed a rogue extension from Microsoft’s VSCode extension library, which is moderated and hosted by Microsoft. I guess I’ll be reevaluating my life choices.

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

✅ Massive rewrite of the code on all pages on a large website successfully achieved. ✅ .htaccess overhauled. ✅ Robots file corrected and rewritten. Good work Claude! 👍

@WorkElizab I know a few people who choose not to have a smart phone. I also know a couple of people who have moved back to dumb phones. I'm close to doing the same. Others prefer cash for a variety or reasons. I'm one of them.

Do you agree?

@adahstwt Claude

you get one free subscription for life: 1. ChatGPT 2. Claude 3. Cursor 4. Amazon 5. Spotify 6. Netflix what are you taking?

@CodeWithAmann Yes, there is.

Is there any browser more powerful than Brave?

@eevblog You confirm it is a genuine email address, and then they send you more spam with a dodgy link, masked as a YT link, hoping you'll click on it. 🤷🏻‍♂️

🇸🇪 A threat actor is advertising the alleged leak of a user database associated with IKEA, claiming approximately 600,000 records have been exposed and distributed for free on underground forums. According to the forum post, the allegedly exposed dataset contains: • Usernames • Phone numbers • Email addresses • Hashed passwords If authentic, this type of exposure presents elevated risks because credential datasets are frequently weaponized for: • Credential stuffing attacks • Account takeover attempts • Phishing campaigns • Identity correlation across platforms • SIM swap targeting • Social engineering operations Even when passwords are hashed, attackers often attempt: • Offline password cracking • Password reuse exploitation • Cross-platform credential matching • Dictionary and GPU-based brute force attacks The combination of email addresses and phone numbers is particularly valuable for cybercriminal ecosystems because it enables: • Multi-factor authentication bypass attempts • Smishing campaigns • WhatsApp/Telegram impersonation • Targeted spam operations • Consumer fraud schemes At this stage, the authenticity of the alleged dataset remains unverified. However, any confirmed exposure affecting a large global retail platform could impact both customers and brand reputation significantly. Users should: • Reset passwords immediately if reused elsewhere • Enable MFA wherever possible • Monitor for suspicious login activity • Be cautious of phishing emails and SMS messages • Avoid password reuse across services Organizations should continuously monitor underground communities for: • Credential resale activity • Combo-list circulation • Account takeover chatter • Brand impersonation campaigns • Customer-targeted fraud operations #DDW #Intelligence #CyberSecurity #DarkWeb #DataBreach #IKEA #CredentialLeak #ThreatIntelligence #OSINT #RetailSecurity

I'm never buying a calculator from the UK again 😭

@renew_economy Never heard the expression "Cooking with Gas"? It's a euphemism with good reason.

The bizarre planning rules that make fossil #gas connections a default for new #homes, and add costs in a state that leads the world in rooftop #PV and home batteries.. reneweconomy.com.au/bizarre-planni…

"Despite reasonable expectations of privacy, and Defendant’s legal duties to prevent the disclosure of such private information, Defendant disclosed information provided by consumers to Meta Platforms, Inc. (“Meta”) and Google, LLC (“Google”) (together, the “Third Parties”) ..."

@RobertFreundLaw It was only a matter of time.

ChatGPT allegedly shares your chat query topics, user IDs, and email addresses with Google and Meta, according to a new class action lawsuit filed today.