Cybersecurity

9711 readers

12 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

1

3

DoJ has taken down botnets behind the largest-ever DDoS attack (www.wired.com)

submitted 18 hours ago by Innerworld@lemmy.world to c/cybersecurity@sh.itjust.works

0 comments fedilink

2

4

An Android physical security tool (lemmy.world)

submitted 1 day ago by nemesis3856@lemmy.world to c/cybersecurity@sh.itjust.works

0 comments fedilink

Source code and details: https://github.com/umutcamliyurt/Praesidium

Praesidium is an Android security tool designed to protect devices from physical and software-level intrusion. Running as a persistent foreground service, it continuously monitors for threat indicators — ADB connections, brute-force unlock attempts, and anomalous process behaviour — and responds with configurable emergency actions including screen lock, device reboot, or full factory wipe.

Features

Capability	Description
ADB Connection Detection	Detects active ADB sessions via `/proc/net/tcp` inspection
Brute-Force Protection	Tracks cumulative failed unlock attempts via the Device Admin API
FD Spike Detection	Monitors `adbd` file descriptor count for anomalous growth
Automated Response	Per-threat configurable actions: lock, reboot, or wipe
Confirmation Counting	Reboot requires 5 consecutive confirmations; wipe requires 10 — prevents single-poll false positives
Manual Emergency Controls	One-tap lock, reboot, and wipe from the main UI
Admin Toggle	Activate and deactivate Device Administrator and Device Owner status from within the app
Persistence	Service auto-restarts after device reboot via `BOOT_COMPLETED`
Granular Settings	Individual toggle and action assignment for each threat type

3

11

Critical Unpatched Telnetd Flaw (CVE-2026-32746) Enables Unauthenticated Root RCE (thehackernews.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

4

15

Researchers disclose vulnerabilities in IP KVMs from four manufacturers (arstechnica.com)

submitted 2 days ago by Rekall_Incorporated@piefed.social to c/cybersecurity@sh.itjust.works

7 comments fedilink

Internet-exposed devices that give BIOS-level access? What could possibly go wrong?

5

8

Aura confirms data breach exposing 900,000 marketing contacts (www.bleepingcomputer.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

6

7

ConnectWise patches new flaw allowing ScreenConnect hijacking (www.bleepingcomputer.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

7

7

Average Number of Daily API Attacks Up 113% Annually - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

8

5

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access (thehackernews.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

9

2

CISA orders feds to patch Zimbra XSS flaw exploited in attacks (www.bleepingcomputer.com)

submitted 2 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

10

12

Android OS-Level Attack Bypasses Mobile Payment Security - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

11

8

CursorJack’ Attack Path Exposes Code Execution Risk in AI Development - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

12

6

Less Lucrative Ransomware Market Makes Attackers Alter Methods (www.darkreading.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

13

5

Crypto e-commerce platform Bitrefill accuses North Korea of stealing 18,500 purchase records | The Record from Recorded Future News (therecord.media)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

14

5

Robotic Surgery Giant Intuitive Discloses Cyberattack - SecurityWeek (www.securityweek.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

15

4

Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish (www.darkreading.com)

submitted 3 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

16

16

Microsoft Issues Emergency Patch for Critical Windows 11 RRAS Vulnerabilities (www.techrepublic.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

5 comments fedilink

17

11

Switzerland built an alternative to BGP. Nobody noticed (www.theregister.com)

submitted 4 days ago by Amoxtli@thelemmy.club to c/cybersecurity@sh.itjust.works

1 comments fedilink

18

6

New font-rendering trick hides malicious commands from AI tools (www.bleepingcomputer.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

19

7

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos (thehackernews.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

20

4

Security Flaw in AWS Bedrock Code Interpreter Raises Alarms - Infosecurity Magazine (www.infosecurity-magazine.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

21

8

Nine CrackArmor Flaws in Linux AppArmor Enable Root Escalation, Bypass Container Isolation (thehackernews.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

22

2

From Windows to macOS: ClickFix attacks shift tactics with ChatGPT-based lures (securityaffairs.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

23

7

Poland's nuclear research centre targeted by cyberattack (www.bleepingcomputer.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

24

6

Fake enterprise VPN sites used to steal company credentials (www.bleepingcomputer.com)

submitted 5 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

25

2

CISA flags Wing FTP Server flaw as actively exploited in attacks (www.bleepingcomputer.com)

submitted 4 days ago by kid@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink