Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Yet another real-world example of the dangers of poor secret hygiene: Over 10,000 Docker Hub images found leaking credentials, auth keys β www.bleepingcomputer.com/β¦ π¬π§ UK fines LastPass Β£1.2M over 2022 data breach impacting 1.6 […]
Continue readingAuthor: Bart Busschots
Security Bits β 6 December 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. A good example of why Bart has been going on and on about secret management in recent conversations with Allison: Massive GitLab scan finds 17,000+ valid secrets in public repositories β cyberinsider.com/β¦ A nice […]
Continue reading
Embracing AI While Retaining My Privacy β by Bart Busschots
Rather like with the smart home, when it comes to AI, I’ve taken the second wave approach β I let the early adopters get well and truly burned, and give the developers a chance to make a meaningful start at fixing the biggest problems, before slowly dipping my toe in. Compared to non-geeks, I’m still […]
Continue readingSecurity Bits β 23 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Google backpedals on new Android developer registration rules β www.bleepingcomputer.com/β¦ (Android is not becoming quite as Apple-like after all β better for Linux geeks, worse for regular folks) Deep Dive β that Cloudflare Outage […]
Continue readingSecurity Bits β 9 November 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. More evidence of the dangers of Agentic Browsers: ChatGPT Atlas Browser Can Be Tricked by Fake URLs into Executing Hidden Commands β thehackernews.com/β¦ Related Article: Be Cautious with Agentic Web Browsers β tidbits.com/β¦ (by […]
Continue readingSecurity Bits β 12 October 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Another interesting twist in the NSO Group Saga: Spyware maker NSO Group confirms acquisition by US investors β techcrunch.com/β¦ (via Allison) β Action Alerts Calls to action, if any stories in this section are […]
Continue readingSecurity Bits β 28 September 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. The industry is fighting back against the recent spike in supply-chain attacks targeting shared library platforms like NPM, PyPi, etc.: GitHub tightens npm security with mandatory 2FA, access tokens β www.bleepingcomputer.com/β¦ πΊπΈ Details are […]
Continue readingSecurity Bits β 31 August 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. πΊπΈ The leaked data from the Allianz Life breach discussed last time has been added to Have-I-Been-Pwned, so you can now check if you are affected β www.bleepingcomputer.com/β¦ There have been confusing developments in […]
Continue readingSecurity Bits β 1 August 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. π¬π§ It looks like the UK is trying to find a face-saving way to back down from it’s secretive attempt to back-door Apple’s iCloud Advanced Data Protection feature β appleinsider.com/β¦ (Nothing official because everything […]
Continue readingSecurity Bits β 6 July 2025
Feedback & Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we’re tracking over time. Just like we predicted last time: Scattered Spider hackers shift focus to aviation, transportation firms β www.bleepingcomputer.com/β¦ (They’d just pivoted to Insurance and were finding it fallow ground, so we predicted they’d jump again […]
Continue reading