Open Security Conference<p>The registration for the Open Security Conference is only open until September 11th, two weeks from now - or until all reserved packages are gone, whatever happens first.</p><p>🔔 We're already rather full, so in case you're still considering, go for it rather sooner than later!</p><p>➡️ Request your osco package here: <a href="https://register.opensecurityconference.org" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">register.opensecurityconferenc</span><span class="invisible">e.org</span></a></p><p><a href="https://infosec.exchange/tags/osco" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco</span></a> <a href="https://infosec.exchange/tags/osco25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco25</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/ProductSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProductSecurity</span></a> <a href="https://infosec.exchange/tags/OTsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTsecurity</span></a> <a href="https://infosec.exchange/tags/OpenSpace" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSpace</span></a> [lisi]</p>
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.
Administered by:
Server stats:
268active users
veganism.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.5
#appsec
17 posts · 15 participants · 2 posts today
anchore<p>Remember the panic of Log4Shell? Security teams spent days hunting for every instance of the vulnerability. But what if you could know where every instance was in just five minutes?</p><p>➡️ Go from reactive chaos to proactive precision with SBOMs. Watch the webinar to see how: <a href="https://go.anchore.com/rapid-incident-response-with-sboms/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">go.anchore.com/rapid-incident-</span><span class="invisible">response-with-sboms/</span></a> <a href="https://mstdn.business/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBOM</span></a> <a href="https://mstdn.business/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://mstdn.business/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://mstdn.business/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IncidentResponse</span></a></p>
Darren Meyer :donor:<p><a href="https://infosec.exchange/tags/LastWeekInAppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LastWeekInAppSec</span></a> time again—here's a few things that didn't get a ton of coverage, but <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> folks might want to know about anyway. </p><p>Details: <a href="https://checkmarx.com/zero-post/last-week-in-appsec-2025-08-26/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">checkmarx.com/zero-post/last-w</span><span class="invisible">eek-in-appsec-2025-08-26/</span></a></p><p>#️⃣ NPM module `cipher-base` (10M weekly downloads), part of the crypto-browserify JavaScript suite for performing cryptographic implementations in the browser, has a severe (CVSSv4 9.1) vulnerability that makes its hashing functions unsafe to use. Make sure you’re on 1.0.5 or newer if you use hashing for any kind of data verification or cryptographic operation.</p><p>💉 The popular `mcp-cli` tool, which allows easily running MCP Servers from various sources, has a command-injection flaw in version 1.13.0 (current as of this post). The flaw is rooted in the tool’s OAuth2 implementation, allowing an attacker to construct a malicious MCP service that performs OS-level command-injection on the user. This issue is fixed in the main branch, but the fix has not yet been tagged into a new release.</p><p>😶🌫️ The very popular `cloud-code-router` plugin for the Claude Code AI coding assistant could leak secrets such as private API keys for various AI services due to an improper CORS (Cross-Origin Resource Sharing) configuration in versions prior to 1.0.34. Leaking these credentials can lead to resource exahustion, increased cost, and potential leaks of sensitive data such as code, configuration information, and other prompt and response contents.</p>
OWASP Foundation<p>Don't miss out on this thrilling opportunity! 🚀 Be a mentor at our Meet the Mentor event during <a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP</span></a> Global <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> USA this November. Share your knowledge, empower future AppSec leaders, and connect with a vibrant community.</p><p>Reserve your spot now: <a href="https://owasp.wufoo.com/forms/zu82m8y060onbm/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">owasp.wufoo.com/forms/zu82m8y0</span><span class="invisible">60onbm/</span></a></p>
TechnoTenshi :verified_trans: :Fire_Lesbian:<p>Security alert: Malicious versions of the nx build tool compromised GitHub accounts, stealing wallets, API keys, and credentials. Impacted users may see a "s1ngularity-repository" created in their org. Update nx, check repos, and rotate secrets. </p><p><a href="https://semgrep.dev/blog/2025/security-alert-nx-compromised-to-steal-wallets-and-credentials/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">semgrep.dev/blog/2025/security</span><span class="invisible">-alert-nx-compromised-to-steal-wallets-and-credentials/</span></a></p><p><a href="https://infosec.exchange/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChainSecurity</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://infosec.exchange/tags/GitHub" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GitHub</span></a></p>
OWASP Foundation<p>We’re excited to feature two powerhouse voices in security as our keynote speakers for OWASP Global AppSec USA 2025!</p><p>📍 Daniel Miessler — AI & Security Researcher, entrepreneur, and Founder/CEO of Unsupervised Learning. </p><p>📍 Adam Shostack — World-renowned threat modeling expert and consultant at Shostack & Associates. </p><p>REGISTER: <a href="https://owasp.glueup.com/event/131624/register/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">owasp.glueup.com/event/131624/</span><span class="invisible">register/</span></a></p><p><a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/ThreatModeling" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatModeling</span></a> <a href="https://infosec.exchange/tags/AISecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AISecurity</span></a> <a href="https://infosec.exchange/tags/DevSecOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevSecOps</span></a> <a href="https://infosec.exchange/tags/GlobalAppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GlobalAppSec</span></a> <a href="https://infosec.exchange/tags/WashingtonDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WashingtonDC</span></a></p>
Gary McGraw<p>Repeat after me...we are not going to "prompt injection 42" our way out of this <a href="https://sigmoid.social/tags/LLM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>LLM</span></a> security problem. <a href="https://sigmoid.social/tags/MLsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MLsec</span></a> teaches us how to build security in to <a href="https://sigmoid.social/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a>. All of those lessons we know from <a href="https://sigmoid.social/tags/swsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>swsec</span></a> and <a href="https://sigmoid.social/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> apply.</p><p><a href="https://www.theregister.com/2025/08/26/breaking_llms_for_fun/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theregister.com/2025/08/26/bre</span><span class="invisible">aking_llms_for_fun/</span></a></p>
Tanya Janca | SheHacksPurple :verified: :verified:<p>Want learn the absolute basics of application security? Check out this helpful YouTube playlist! <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a></p><p><a href="https://twp.ai/4inoXy" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">twp.ai/4inoXy</span><span class="invisible"></span></a></p>
Ohmbudsman<p>8. Docker patches CVE-2025-9074 (CVSS 9.3) container escape; update Desktop to 4.44.3.<br>Source: The Hacker News — <a href="https://thehackernews.com/2025/08/docker-fixes-cve-2025-9074-critical.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thehackernews.com/2025/08/dock</span><span class="invisible">er-fixes-cve-2025-9074-critical.html</span></a><br><a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DevOps</span></a> <a href="https://mastodon.social/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a></p>
Open Security Conference<p>Today is Women's Equality Day, a day celebrated in the US and a day important everywhere. Or shall we say it's a reminder of the inequality and inequity that's still prevalent across the world for folks who are not white cis men? Yes, we shall. We all need to do better. Today we learn again.</p><p>When white women were granted the right to vote in the US: <a href="https://en.m.wikipedia.org/wiki/Women%27s_Equality_Day" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.m.wikipedia.org/wiki/Women%</span><span class="invisible">27s_Equality_Day</span></a></p><p>When white women were granted the right to vote in various countries: <a href="https://en.m.wikipedia.org/wiki/Timeline_of_women%27s_suffrage" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.m.wikipedia.org/wiki/Timeli</span><span class="invisible">ne_of_women%27s_suffrage</span></a></p><p>When nearly everyone was granted the right to vote across the world: <a href="https://en.m.wikipedia.org/wiki/Universal_suffrage" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">en.m.wikipedia.org/wiki/Univer</span><span class="invisible">sal_suffrage</span></a> </p><p>Let's continue leveling the playing-field, for everyone.</p><p><a href="https://infosec.exchange/tags/WomensEqualityDay" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WomensEqualityDay</span></a> <a href="https://infosec.exchange/tags/GenderEquality" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GenderEquality</span></a> <a href="https://infosec.exchange/tags/VotingRights" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VotingRights</span></a> <a href="https://infosec.exchange/tags/osco" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco</span></a> <a href="https://infosec.exchange/tags/osco25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco25</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/ProductSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProductSecurity</span></a> <a href="https://infosec.exchange/tags/OTsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTsecurity</span></a> <a href="https://infosec.exchange/tags/OpenSpace" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSpace</span></a> [lisi]</p>
sydseter<p>I am also looking forward to having a beer with like-minded security enthusiasts and so to all old and new friends. Come and say hi! </p><p><a href="https://mastodon.social/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> <a href="https://mastodon.social/tags/sikkerhetsfestivalen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sikkerhetsfestivalen</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
sydseter<p>I am on my way to Sikkerhetsfestivalen at Lillehammer.<br>Anyone joining me today at 1:15 pm CEST will be learning to play OWASP Cornucopia in a different way from what we usually do.<br>Confronted with the grumpy old senior developer who refuses to shift left due to too many hours working overtime on his incredibly sophisticated pet projects, what will you do?<br><a href="https://www.sikkerhetsfestivalen.no/talerliste#sz-speaker-cfb897f0-3706-43cd-aaa7-d955bf902943" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">sikkerhetsfestivalen.no/talerl</span><span class="invisible">iste#sz-speaker-cfb897f0-3706-43cd-aaa7-d955bf902943</span></a>. </p><p><a href="https://mastodon.social/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/Sikkerhetsfestivalen" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Sikkerhetsfestivalen</span></a></p>
Lisi Hocke<p>Had a <a href="https://mastodon.social/tags/ThreatModel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatModel</span></a> session with two engineering teams today. A real extensive one, where preparation included a full review of what's already there. A tech stack we haven't touched on at this company yet. A model where I could really build on my past experience, and still felt I worked for way too long. And yet, it paid off. Had an insightful conversation with folks, we all learned from each other, and we paved the way for future small, lean modeling sessions. Huge win! 🎉 <a href="https://mastodon.social/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://mastodon.social/tags/ProdSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProdSec</span></a></p>
Jarrod<p>If you're interested in learning Android Application Hacking, my recommendations are to check out Android App Hacking - Black Belt Edition on Udemy and the HTB Academy Android courses. They're really good resources, in my opinion! <a href="https://infosec.exchange/tags/EthicalHacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EthicalHacking</span></a> <a href="https://infosec.exchange/tags/Android" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Android</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a></p>
OWASP Foundation<p>🔐 Take a look at the OWASP 2025 Global AppSec USA Day 4 Agenda for November 6th!</p><p>Get ready for hands-on learning, top-tier speakers, and cutting-edge insights in application security. And you won't want to miss Daniel Miessler's keynote address!</p><p>📍 Register now: <a href="https://owasp.glueup.com/event/131624/register/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">owasp.glueup.com/event/131624/</span><span class="invisible">register/</span></a></p><p><a href="https://infosec.exchange/tags/OWASP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/Cybersec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersec</span></a> <a href="https://infosec.exchange/tags/ThreatModeling" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ThreatModeling</span></a> <a href="https://infosec.exchange/tags/WashingtonDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WashingtonDC</span></a></p>
Lisi Hocke<p>Monday's the day to grab your <a href="https://mastodon.social/tags/BSidesMunich2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>BSidesMunich2025</span></a> workshop tickets! 🚨 This year, I have the honor to give my <a href="https://mastodon.social/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> session "Secure Development Lifecycle Applied - How to Make Things a Bit More Secure than Yesterday Every Day". Really looking forward to this! 🤩</p><p><a href="https://2025.bsidesmunich.org/workshops/007_secure-development-lifecycle-applied-how-to-make-things-a-bit-more-secure-than-yesterday-every-day/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">2025.bsidesmunich.org/workshop</span><span class="invisible">s/007_secure-development-lifecycle-applied-how-to-make-things-a-bit-more-secure-than-yesterday-every-day/</span></a></p><p><a href="https://infosec.exchange/@BSidesMunich/115072076378437237" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">infosec.exchange/@BSidesMunich</span><span class="invisible">/115072076378437237</span></a></p>
OWASP Foundation<p>👀 Sneak Peek: Day 3 at OWASP Global AppSec USA 2025, November 5th</p><p>Get ready for a power-packed day of advanced training sessions and hands-on learning designed to level up your Application Security skills.</p><p>Take a look at the attached graphic to see everything lined up for Day 3!</p><p>Register to attend now! <a href="https://owasp.glueup.com/event/131624/register/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">owasp.glueup.com/event/131624/</span><span class="invisible">register/</span></a></p><p><a href="https://infosec.exchange/tags/OWASP2025" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OWASP2025</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://infosec.exchange/tags/GlobalAppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>GlobalAppSec</span></a> <a href="https://infosec.exchange/tags/WashingtonDC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WashingtonDC</span></a> <a href="https://infosec.exchange/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://infosec.exchange/tags/ApplicationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ApplicationSecurity</span></a></p>
ReynardSec<p>Publication by BSI (Germany) and ANSSI (France) on designing LLM-based systems using a Zero Trust approach. Focus: the application layer and "agentic systems".</p><p><a href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/ANSSI-BSI-joint-releases/LLM-based_Systems_Zero_Trust.pdf?__blob=publicationFile&v=3" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bsi.bund.de/SharedDocs/Downloa</span><span class="invisible">ds/EN/BSI/Publications/ANSSI-BSI-joint-releases/LLM-based_Systems_Zero_Trust.pdf?__blob=publicationFile&v=3</span></a></p><p><a href="https://infosec.exchange/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://infosec.exchange/tags/programming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>programming</span></a> <a href="https://infosec.exchange/tags/llm" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>llm</span></a> <a href="https://infosec.exchange/tags/llms" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>llms</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a></p>
Open Security Conference<p>Did you know the Open Security Conference is present on three social networks so you can follow us on the platform(s) of our choice? 🌐🤩</p><p>🦣 Mastodon: <a href="https://infosec.exchange/@OSCo" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">infosec.exchange/@OSCo</span><span class="invisible"></span></a><br>🖇️ LinkedIn: <a href="https://www.linkedin.com/company/open-security-conference" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">linkedin.com/company/open-secu</span><span class="invisible">rity-conference</span></a><br>🦋 Bluesky: <a href="https://bsky.app/profile/opensecurityconf.bsky.social" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">bsky.app/profile/opensecurityc</span><span class="invisible">onf.bsky.social</span></a> </p><p>We appreciate all of you helping us spread the word about this one of a kind open space conference for everyone interested in cybersecurity! 💬🗨️</p><p><a href="https://opensecurityconference.org/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">opensecurityconference.org/</span><span class="invisible"></span></a> </p><p><a href="https://infosec.exchange/tags/osco" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco</span></a> <a href="https://infosec.exchange/tags/osco25" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>osco25</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoSec</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a> <a href="https://infosec.exchange/tags/ProductSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ProductSecurity</span></a> <a href="https://infosec.exchange/tags/OTsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OTsecurity</span></a> <a href="https://infosec.exchange/tags/OpenSpace" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSpace</span></a> [lisi]</p>
Offensive Sequence<p>🚨 CRITICAL: CVE-2025-9288 affects sha.js ≤2.4.11—improper input validation allows remote hash manipulation. No patch yet. Inventory usage, sanitize inputs, monitor for attacks, and consider alternatives. Details: <a href="https://radar.offseq.com/threat/cve-2025-9288-cwe-20-improper-input-validation-664ed48c" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">radar.offseq.com/threat/cve-20</span><span class="invisible">25-9288-cwe-20-improper-input-validation-664ed48c</span></a> <a href="https://infosec.exchange/tags/OffSeq" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OffSeq</span></a> <a href="https://infosec.exchange/tags/shaJS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>shaJS</span></a> <a href="https://infosec.exchange/tags/Vuln" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vuln</span></a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AppSec</span></a></p>
VegansExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload