Pwning the Ladybird browser

https://jessie.cafe/posts/pwning-ladybirds-libjs/

Discussions: https://discu.eu/q/https://jessie.cafe/posts/pwning-ladybirds-libjs/

Secure PDF Viewer app version 30 released:

https://github.com/GrapheneOS/PdfViewer/releases/tag/30

See the linked release notes for a summary of the improvements over the previous release and a link to the full changelog.

Forum discussion thread:

https://discuss.grapheneos.org/d/22146-secure-pdf-viewer-app-version-30-released

France accuses Russian intelligence of repeated cyber attacks since 2021

France's foreign ministry explicitly accused Russia's GRU military intelligence agency on Tuesday of mounting cyber attacks on a dozen entities including ministries, defense firms and think tanks since 2021 in an attempt to destabilize France.

#France #russia #cyberattack #gru #apt28 #security #cybersecurity #hackers #Hacking #hacked

https://www.reuters.com/world/europe/first-france-accuses-russian-intelligence-repeated-cyber-attacks-2025-04-29/

Welt-Passwort-Tag: Menschen wollen Zwei-Faktor-Authentifizierung

Am Welt-Passwort-Tag haben GMX und web.de eine Umfrage herausgebracht. Die zeigt, es gibt Fortschritte im Hinblick auf Sicherheit.

https://www.heise.de/news/Welt-Passwort-Tag-Menschen-wollen-Zwei-Faktor-Authentifizierung-10368650.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Apple notifies victims of #government #spyware #cyberattacks across the world

https://techcrunch.com/2025/04/30/apple-notifies-new-victims-of-spyware-attacks-across-the-world/

Windows RDP lets you log-in using revoked passwords. Microsoft is ok with that via @af https://lobste.rs/s/rnoykc #security #windows
https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/

Linux Kernel Exploitation: CVE-2025-21756 https://lobste.rs/s/h0efua #linux #security
https://hoefler.dev/articles/vsock.html

Pwning the Ladybird browser https://lobste.rs/s/6o4x71 #c++ #security
https://jessie.cafe/posts/pwning-ladybirds-libjs/

Reviewing the Cryptography Used by Signal

https://soatok.blog/2025/02/18/reviewing-the-cryptography-used-by-signal

Many people have heard of Tor in the media, but despite its long history of protecting the free internet, most consider it a niche tool and have never ventured to try it themselves.

In reality, Tor is easy to use for anyone. It helps not only journalists and activists, but anybody who seeks greater privacy online or access to information regardless of location.

What is Tor exactly? How can Tor help you? And why is it such an important tool? Staff writer @Em0nM4stodon explains in the latest Privacy Guides article: https://www.privacyguides.org/articles/2025/04/30/in-praise-of-tor/

Upgrades to Ubuntu Noble are going strong, with approximately 40% of all Application Servers updated. Over the next week, we will push a series of point releases to begin automated upgrades of all remaining Application Servers, with Monitor Servers to follow.

https://securedrop.org/news/securedrop-noble-upgrade-progress/

Class is 1 May 2025

Travel Safety: Navigating Borders, Background Checks, Passports & Privacy

This is for you if:
- You travel regularly for work/leisure
- You're a journalist, activist, advocate
- You have someone to protect
- You have something to protect

What's included:
- Crossing Borders
- Device Hygiene & Safety
- Account Security
- Secure Communications while traveling
- Physical Safety
- Tools you can use

Class will be recorded & sent after event.

https://lockdownyourlife.as.me/travel

#DefendDemocracy is thrilled to launch cross-party lunches on #democracy, #security and #tech, a new initiative under our 'Coalition for Democratic Resilience' program.

Thank you @EP_Democracy Chair @nathalieloiseau for opening the first exchange!

https://defenddemocracy.eu/projects/coalition-for-democratic-resilience-c4dr/

I'll say it once, I'll say it again!

UPDATE YO SHIT!

Millions of AirPlay devices can be hacked over Wi-Fi; CarPlay too - 9to5Mac

https://9to5mac.com/2025/04/29/millions-of-airplay-devices-can-be-hacked-over-wi-fi-carplay-too/

Posit Package Manager v2025.04.0 is here!

Secure with authenticated repos (API tokens!), simplify compliance by omitting archived packages, and meet enterprise security with encryption key rotation.

Learn more: https://posit.co/blog/posit-package-manager-2025-04-0/

DATE: April 30, 2025 at 09:23AM
SOURCE: HIPAA JOURNAL

Direct article link at end of text block below.

Healthcare Orgs Fined for Employing Nurses on the HHS-OIG Exclusion List https://t.co/5tZpLwDBH5

Here are any URLs found in the article text:

https://t.co/5tZpLwDBH5

Articles can be found by scrolling down the page at https://www.hipaajournal.com/ .

-------------------------------------------------

Private, vetted email list for mental health professionals: https://www.clinicians-exchange.org

Most healthcare security and privacy posts related to IT or infosec are at @rsstosecurity

-------------------------------------------------

Malware Steals 1.7 Billion Passwords — Publishes Them To Dark Web

a snapshot of cybercrime activity across the planet during 2024, has revealed the malware threat has grown by an incredible 500% in just 12 months. Hackers are using the malware to compromise systems, and the report said, have made 1.7 billion stolen passwords available in dark web criminal marketplaces.

#malware #password #passwords #darkweb #security #cybersecurity #infosec #hackers #hacking #hacked

https://www.forbes.com/sites/daveywinder/2025/04/29/malware-steals-17-billion-passwords---publishes-them-to-dark-web/