4chan Breach Exposes Moderator Emails, Passwords via Outdated Software
#4chan #hack #databreach #cybersecurity #Ghostscript #PHP #FreeBSD #emaileak #SoyjakParty #infosec #vulnerabilities #Hackers
Recent searches
Search options
#vulnerabilities
14 posts13 participants0 posts today
Fresh Windows NTLM Vulnerability Exploited in Attacks – Source: www.securityweek.com https://ciso2ciso.com/fresh-windows-ntlm-vulnerability-exploited-in-attacks-source-www-securityweek-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #vulnerabilities #securityweekcom #securityweek #Exploited #FEATURED #Windows #NTLM
CISO2CISO.COM & CYBER SECURITY GROUP · Fresh Windows NTLM Vulnerability Exploited in Attacks – Source: www.securityweek.comSource: www.securityweek.com - Author: Ionut Arghire The exploitation of a Windows NTLM vulnerability started roughly a week after patches were released
'Stupid and Dangerous': #CISA Funding Chaos Threatens Essential #Cybersecurity Program
The #CVE Program is the primary way software #vulnerabilities are tracked. Its long-term future remains in limbo even after a last-minute renewal of the US government contract that funds it.
WIRED · ‘Stupid and Dangerous’: CISA Funding Chaos Threatens Essential Cybersecurity Program
@owasp calls for a new #federated system for tracking and reporting on #vulnerabilities.
https://owasp.org/blog/2025/04/17/owasp-global-vulnerability-intelligence.html
owasp.orgOWASP Calls to Build a Unified Framework for Global Vulnerability Intelligence | OWASP FoundationOWASP Calls to Build a Unified Framework for Global Vulnerability Intelligence on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
Please make sure to update your devices!
Update Now: iOS 18.4.1 and macOS Sequoia 15.4.1 Address Actively Exploited Vulnerabilities
https://www.macrumors.com/2025/04/16/ios-18-4-1-security-fixes/
MITRE’s CVE program faced abrupt shutdown after DHS contract expired, but CISA stepped in with an 11-month extension to maintain continuity in vulnerability tracking.
CSO OnlineCVE program faces swift end after DHS fails to renew contract, leaving security flaw tracking in limboMITRE’s 25-year-old Common Vulnerabilities and Exposures (CVE) program will end April 16 after DHS did not renew its funding contract for reasons unspecified. Experts say ending the program, which served as the crux for most cybersecurity defense programs, is a tragedy.
CVE Program Almost Unfunded
Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to <a href="https://www.csoonline.com/article/3963190/cve-program-faces-swift-end-after-dhs-... https://www.schneier.com/blog/archives/2025/04/cve-program-almost-unfunded.html
MITRE CVE Contract Extended Just Before Expiration https://thecyberexpress.com/mitre-cve-contract-extended-before-expiration/ #TheCyberExpressNews #TheCyberExpress #Vulnerabilities #FirewallDaily #cybersecurity #CyberNews #MITRE #CISA #CVE #NVD
The Cyber Express · MITRE CVE Contract Extended Just Before Expiration
Pulling the plug on the database would cause "an immediate cascading effect that will impact vulnerability management on a global scale"
#Cybersecurity #Funding #Software #Vulnerabilities #TechNews
Nonprofit That Tracks Software...
Bluesky SocialBluesky
NEW - 
DCG real-ucode 
Actually provides the latest CPU microcode for AMD and Intel
Version: 2025-04-14
Release: 1
updated ucode for amd and intel with that one !
https://github.com/divestedcg/real-ucode/
#divested
#DivestedComputingGroup
#fsf #FUTO #Fedora #alpinelinux #hardening #linuxtech #cybersec #cybersecurity #infosec #foss
#hackernews #opensource #android #skynet #linuxsecurity #ucode #vulnerabilities #vulnerability #freeyourmind
GitHubGitHub - divestedcg/real-ucode: All the microcodes, but packaged!All the microcodes, but packaged! Contribute to divestedcg/real-ucode development by creating an account on GitHub.
The backbone of vulnerability tracking may be about to snap. 
MITRE’s federal contract for managing the CVE program expires April 16 — with no confirmed renewal.
Without it, we risk:
A breakdown in standardized vulnerability tracking
Global coordination gaps
Increased exposure to unpatched threats
Cybersecurity doesn’t work without CVE. Leadership must step up before this vital resource goes dark.
#CyberSecurity #CVE #RiskManagement #Vulnerabilities #Leadership
https://www.theverge.com/news/649314/cve-mitre-funding-vulnerabilities-exposures-funding
The Verge · The CVE program for tracking security flaws is about to lose federal funding
Continued thread
I posted the above because I find it insane that many major companies are requesting their employees to use such dangerous products as Microsoft offerings, especially 365 and even more so with Copilot.
Outside of jobs but for some productions and personal projects I only past used AmigaOS, IRIX, SunOS, Oracle Solaris, various versions of macOS (Classic & Darwin), and a few Linux distributions such as Red Hat with KDE or GNOME. Microsoft has always been a no-go for me, and this company does everything to remain away from me forever.
Microsoft vulnerabilities hit a record high in 2024 #CyberSecurity #Microsoft #Vulnerabilities
https://betanews.com/2025/04/15/microsoft-vulnerabilities-hit-a-record-high-in-2024/
BetaNews · Microsoft vulnerabilities hit a record high in 2024The latest annual Microsoft Vulnerabilities Report from BeyondTrust, reveals a record-breaking number of reported vulnerabilities last year.
NEW - 
DCG Domain Blocklist available - last updated 2025/04/14
1692406 - Domains blocked with that build !
Supercharging your content blocker to increase privacy and security.
All available lists:
- uBlockOrigin
- Hosts format & Hosts format with wildcards
- dnsmasq with wildcards
Ready to use lists combined from many permissively licensed sources.
https://divested.dev/pages/dnsbl
#divested #DivestedComputingGroup
#fsf #FUTO #Fedora #codeberg #hardening #linuxtech #cybersec #cybersecurity #infosec #antivirus #hackernews
#opensource #linuxsecurity #vulnerabilities #vulnerability #alpinelinux #router #skynet #foss #freeyourmind
divested.devDnsbl - Divested Computing
Organizations fix under half of exploitable vulnerabilities #CuberSecurity #Vulnerabilities
https://betanews.com/2025/04/14/organizations-fix-under-half-of-exploitable-vulnerabilities/
BetaNews · Organizations fix under half of exploitable vulnerabilitiesThe latest State of Pentesting report from Cobalt reveals that organizations are fixing less than half of all exploitable vulnerabilities, with just 21 percent of GenAI app flaws being resolved.
PHP Core Security Audit Results
For the 4 notable CVEs, one is not published.
CVE-2024-8928: Memory-related vulnerability in PHP’s filter handling, leading to segmentation faults.
#php #vulnerability #vulnerabilities
https://vulnerability.circl.lu/bundle/9bbd91e2-309f-4b35-9b31-fc613b3101d9
vulnerability.circl.luBundle - PHP Core Security Audit ResultsVulnerability-Lookup - Fast vulnerability lookup correlation from different sources.
AI Vulnerability Finding
Microsoft is reporting that its AI systems are able to find <a href="https://www.bleepingcomputer.com/... https://www.schneier.com/blog/archives/2025/04/ai-vulnerability-finding.html
BleepingComputerBleepingComputerBleepingComputer.com is a premier destination for computer users of all skill levels to learn how to use and receive support
for their computer.
NEW -
DCG Domain Blocklist available - last updated 2025/04/08
1689244 - Domains blocked with that build !
Supercharging your content blocker to increase privacy and security.
All available lists:
- uBlockOrigin
- Hosts format & Hosts format with wildcards
- dnsmasq with wildcards
Ready to use lists combined from many permissively licensed sources.
https://divested.dev/pages/dnsbl
#divested #DivestedComputingGroup
#fsf #FUTO #Fedora #codeberg #hardening #linuxtech #cybersec #cybersecurity #infosec #antivirus #hackernews
#opensource #linuxsecurity #vulnerabilities #vulnerability #alpinelinux #router #skynet #foss #freeyourmind
divested.devDnsbl - Divested Computing
"Granting Europol the ability to access encrypted data can only mean one thing: Brussels is proposing some form of government-mandated backdoor for communication platforms protected by end-to-end encryption. These systems are notoriously difficult to breach, making them a challenge for law enforcement. However, security researchers have repeatedly demonstrated that implementing so-called "lawful" backdoors is inherently flawed as such vulnerabilities would inevitably be discovered, accessed, and exploited by cybercriminals and black-hat hackers."—Alfonso Maruccia
Europe proposes backdoors in encrypted platforms under new security strategy >
TechSpot · Europe proposes backdoors in encrypted platforms under new security strategy
NEW -
DCG real-ucode
Actually provides the latest CPU microcode for AMD and Intel 
Version: 2025-04-25
Release: 1
updated ucode for amd and intel with that one !
https://github.com/divestedcg/real-ucode/
#divested
#DivestedComputingGroup
#fsf #FUTO #Fedora #alpinelinux #hardening #linuxtech #cybersec #cybersecurity #infosec #foss
#hackernews #opensource #android #skynet #linuxsecurity #ucode #vulnerabilities #vulnerability #freeyourmind