Thomas Millochau

Bitwarden identified and contained a malicious package briefly distributed through the npm delivery path for the Bitwarden CLI in connection with the broader Checkmarx supply chain incident. No user vault data or production systems were compromised or at-risk. Additional details and updates are available here: community.bitwarden.com/t/bitwarden-st…

🚨 Bitwarden CLI 2026.4.0 was compromised as part of the ongoing Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline. We’ll continue updating our coverage as more details are confirmed. socket.dev/blog/bitwarden…

An analysis of a recent 0-click exploit targeting Samsung devices: googleprojectzero.blogspot.com/2025/12/a-look…

Why LLMs Are Less Intelligent Than Crows hackaday.com/2025/12/10/why…

@ipurple Arf i’m late

⏳2H Left before the invite expires. You can join now or wait for the next one and miss all the purple teaming info. 🔥

CVE-2025-11621 Vault and Vault Enterprise’s (“Vault”) AWS Auth method may be susceptible to authentication bypass if the role of the configured bound_principal_iam is the same acros… cve.org/CVERecord?id=C…

@JulianGoldieSEO Yes

HOLY SH*T… These AI Agents do EVERYTHING! 🤯 FREE N8N Course Shows You How To: 🔧 1-Click AI Agents to Replace Your Whole Team 🧠 Scrape 1,000s leads in 1 click 💸 Auto-Send Cold Emails While You Sleep 📦 Auto-Post to TikTok, YouTube, Facebook, Threads 📲 Book Sales Calls WITHOUT Talking to Anyone ⚙️ Build a Viral Video Engine That NEVER Stops! 🔁 Like+RT ✅ Reply “YES” 🤝 Follow me & I’ll send you the guide FREE.

@Sn0wAlice Un ou plusieurs mini pc pour cluster ProxMox Jetson Nano super pour setup LLM + agent

Je suis en train de me monter un #lab + setup du #selfhost pour de la #cybersécurité, t'a des idées de ce que je devrais acheter ? (balance direct la ref en commentaire que j'aille check)

Proofpoint also observed the activity reported by Trellix in email threat data targeting financial organizations and people in positions of leadership. Our researchers offer clarifying context below to supplement @TrellixARC’s technical analysis. 🧵

o3 d'OpenAI découvre une vulnérabilité zero-day dans Linux (et c'est une première mondiale) korben.info/ia-o3-vulnerab…

Flaws in Apple's AirPlay protocol for streaming media to speakers, TVs, and set-top boxes have left millions of these devices vulnerable to being hijacked by any hacker on the same Wifi network. Many of these devices never receive patches. wired.com/story/airborne…

checkWhetherYourPrivateKeyIsUsed redd.it/1k1nl1o

@CaMaKStream github.com/Zibbp/ganymede j’ai sauvegardé tes vod RP là dedans

On est un peu chargé ...

J’espère que vous aimez YouTube ! Vu la dernière décision de Twitch de limiter les temps fort à 100h max nous avons 5 ans 1/2 de replay à sauver avant le 19/04 … merci Twitch encore de nous mettre au pied du mur ❤️‍🩹

📟 Premier message : Proposition de limiter la data des forfaits mobiles sans argument scientifique ? Approche idéologique d'un faux problème : les politiques actuels savent le faire, on attendait mieux de l'@ademe .

🚩 A critical security flaw in #GitLab (CVE-2024-9164) could allow attackers to run CI/CD pipelines on unauthorized branches. Find details here: thehackernews.com/2024/10/new-cr… Update your instance ASAP to avoid becoming the next victim. #cybersecurity #devops

🚨 New threat research! 🕵️‍♂️ Cato CTRL has discovered a threat actor, ProKYC, selling a deepfake tool in the cybercriminal underground to enable new account fraud against cryptocurrency exchanges. 🔗 Blog: bit.ly/3NmmWry #NetworkSecurity #deepfake #SASE

Palo Alto warns that attackers can access usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. securityweek.com/palo-alto-patc…

New breach: Internet Archive had 31M records breached last month including email address, screen name and bcrypt password hash. 54% were already in @haveibeenpwned. Read more: bleepingcomputer.com/news/security/…

De l’ #IA générative pour #lutter contre les théories du #complot ? #complotisme next.ink/brief_article/…