"Most people don’t want to think about cookies, metadata, or threat models—they just want to feel safe."

On Terms of Service, we explored how design can make security smoother, more supportive, and empowering—without requiring everyone to become an expert.

Listen here: https://termsofservice.xyz/episodes/designing-privacy-you-can-feel-smooth-supportive-wG1hz4E7I42/

Stalwart joins GitHub's Open Source Secure Fund! Learn how the program is helping us strengthen our defenses and improve performance at https://stalw.art/blog/github-ossf #GitHub #OSSF #security

The EU (still) wants to scan
your private messages and photos

#privacy #security #eu #europe

https://fightchatcontrol.eu/

Happy

'Logging in as users
"<"
and
">
day'

to all who celebrate!

Aug 11 12:48:53 freebeast sshd-session[32113]: Invalid user "<" from 46.246.3.247 port 36834
Aug 11 11:57:32 freebeast sshd-session[88]: Invalid user "> from 46.246.3.247 port 8731

NEW BETA RELEASES

iOS 26 beta 6 (23A5318c)
iPadOS 26 beta 6 (23A5318c)
macOS 26 beta 6 (25A5338b)
tvOS 26 beta 6 (23J5339a)
visionOS 26 beta 6 (23M5322b)
watchOS 26 beta 6 (23R5340a)

Attackers weaponize OneNote & OneDrive for internal phishing. SMBs should enforce MFA, train staff, and use M365 security defaults. #Security #Phishing

https://www.bleepingcomputer.com/news/security/the-rise-of-native-phishing-microsoft-365-apps-abused-in-attacks/

OONI Security Audit: Penetration Test Report
https://ooni.org/post/ooni-security-audit/

Overall, the audit found that OONI services and architecture are securely designed.

We thank Radically Open Security for the audit, and we thank the Open Technology Fund (OTF) for supporting this important work!

Excited and honored to be interviewed by John Moore of TechTarget for their deep dive on the $400B annual cost of downtime. We covered why human error still tops the list, how cyber threats are shifting the landscape, and why outdated infrastructure quietly undermines resilience. My key point: resilience is never just one thing. It’s education, it’s tracking dependencies, it’s vetting SaaS and cloud providers, and it’s questioning the “common sense” strategies that may no longer work. The right mix of BCDR planning, cyber resilience, and monitoring can turn avoidable outages into rare events.

TL;DR
Human error is #1
Cyberattacks keep evolving
Legacy systems fail silently
Resilience starts with strategy

https://www.techtarget.com/searchdatabackup/feature/The-cost-of-downtime-and-how-businesses-can-avoid-it
#cybersecurity #BCDR #ITresilience #downtime #security #privacy #cloud #infosec #BIA #backup
@searchsecurity
@esg_global
@ttinthecloud
@techtargetnews

Question for all the privacy/security smarties.

I was reading about those physical passkeys (like Yubico). My primary hangup is that a tiny USB stick can be easily lost/damaged. That seems like a huge risk.

What I’ve read about these passkeys seems ambiguous at best. Is there a strong argument for their use? If so, how does one backup a hardware passkey to mitigate the risk of loss/damage?

Anthropic releases Security Review for Claude Code

A new AI-powered tool to help developers detect and fix vulnerabilities is now in Claude Code and on GitHub.

Run /security-review locally or integrate the GitHub Action to scan pull requests for SQLi, XSS, SSRF, RCE, and more.

AI explains the issue, points to the risky code, and suggests fixes before merge - keeping your main branch clean and secure.

https://github.com/anthropics/claude-code-security-review

Are you worried your #dotnet #security could be more secure? Join us for a #livestream on August 21st, 2025, to discuss FAPI 2.0, its relation to #OAuth and #OpenID, and how to harden your security posture, with our guest, Joe “Mr. Identity” DeCock.

If nothing else, join us with what is a confluence of the most unfortunately named things in a single livestream.

Boosts are always appreciated.

https://duendesoftware.com/webinars/duende-identityserver-7-3-fapi-2-0

Today is the day! Read all about our development progress, view our roadmap for the future, and check out the new projects we're releasing as open source in our new blog post!

https://blog.accrescent.app/posts/progress-update-and-roadmap/

Check out our new repositories:

https://github.com/accrescent/android-bundle
https://github.com/accrescent/directory
https://github.com/accrescent/directory-api
https://github.com/accrescent/ina

Ze doen hun best hoor, maar kun je niet gewoon vertellen over welke vrouwen het gaat, ik bedoel: hoe ver terug in de tijd gaan die uitslagen?
En hoezo is BSN en testuitslag in combi met naw gelekt, was dat niet gescheiden bewaard c.q. extra beveiligd? Iets met segmentatie.
#Hack #InfoSec #Privacy #Security #Datalek

Https://clinicaldiagnostics.nl/nl/onderzoek-via-bevolkingsonderzoek-nederland/

How to Set Up Cloudflare to Stop Spam on Your WordPress Site | https://techygeekshome.info/how-to-set-up-cloudflare-to-stop-spam-on-your-wordpress-site/?fsp_sid=7307 | #cloudflare #Guide #security #Spam #Wordpress 
https://techygeekshome.info/how-to-set-up-cloudflare-to-stop-spam-on-your-wordpress-site/?fsp_sid=7307

How to Set Up Cloudflare to Stop Spam on Your WordPress Site | https://techygeekshome.info/how-to-set-up-cloudflare-to-stop-spam-on-your-wordpress-site/?fsp_sid=7306 | #cloudflare #Guide #security #Spam #Wordpress 
https://techygeekshome.info/how-to-set-up-cloudflare-to-stop-spam-on-your-wordpress-site/?fsp_sid=7306

With all the stupid little #security nightmare devices around the house connecting to the Internet on your network, here's something else to worry about.
https://www.malwarebytes.com/blog/news/2025/08/online-portal-exposed-car-and-personal-data-allowed-anyone-to-remotely-unlock-cars

GPT-5 mixt Cocktails: Sicherheitsforscher knacken OpenAIs Selbstbeschränkungen

Die neueste Version des OpenAI-LLM ist leistungsfähiger und günstiger, fällt aber noch immer auf alte Tricks zur Umgehung der Sperren herein.

https://www.heise.de/news/GPT-5-mixt-Cocktails-Sicherheitsforscher-knacken-OpenAIs-Selbstbeschraenkungen-10517146.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

Pwnie-Awards 2025: Dokumentierte Keys, Exploitketten und ein SignalGate-T-Shirt

Bei der Hackerkonferenz gewannen mehrere Teams gleich zwei Pwnie-Awards für ihre Entdeckungen. Und der "SignalGate"-Urheber Mike Waltz erhielt auch ein T-Shirt.

https://www.heise.de/news/Pwnie-Awards-2025-Dokumentierte-Keys-Exploitketten-und-ein-SignalGate-T-Shirt-10516759.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

So Vance is over in the UK on holiday and the security is screwing with everyone’s life in the village.

I was astonished by this quote:
"Another local told the paper police had been going door-to-door asking for personal details of residents and social media accounts."

Apparently when asked they said that they would hand the information over to the "American security people".

Can't he just stay in the land of the free?

https://www.independent.co.uk/news/uk/home-news/jd-vance-cotswolds-holiday-dean-manor-b2805421.html

Python targets phantom dependencies threat with SBOM proposal https://www.developer-tech.com/news/python-targets-phantom-dependencies-threat-sbom-proposal/ #python #developers #opensource #coding #programming #security #infosec #tech #news #technology