Cheryl Babcock
@blackasphodel.bsky.social
Cybersecurity ninja, too many food allergies, nerd of many flavors
I was diagnosed with alpha-gal about 3 month ago, and my allergist tested a bunch of my existing allergies to see how it affected me. Apparently this has reversed my dairy allergy I have had since BIRTH. Bodies are weird, but I guess thank you Random Tick for giving me cheese back?!
September 8, 2025 at 11:58 AM
I was diagnosed with alpha-gal about 3 month ago, and my allergist tested a bunch of my existing allergies to see how it affected me. Apparently this has reversed my dairy allergy I have had since BIRTH. Bodies are weird, but I guess thank you Random Tick for giving me cheese back?!
Reposted by Cheryl Babcock
Zuckerberg Caught in Revealing Hot Mic Moment During White House Dinner | Discussion
www.pcmag.com
September 6, 2025 at 5:20 PM
Zuckerberg Caught in Revealing Hot Mic Moment During White House Dinner | Discussion
The Meta chatbot *invited him to a real location to meet*. What the ever living dystopian fuck. www.reuters.com/investigates...
A flirty Meta AI bot invited a retiree to meet. He never made it home.
Impaired by a stroke, a man fell for a Meta chatbot originally created with Kendall Jenner. His death spotlights Metaâs AI rules, which let bots tell falsehoods.
www.reuters.com
August 14, 2025 at 12:16 PM
The Meta chatbot *invited him to a real location to meet*. What the ever living dystopian fuck. www.reuters.com/investigates...
Just found out I have Alpha-gal now. @foodallergyscience.org do you have any research going on into that?
July 17, 2025 at 1:01 PM
Just found out I have Alpha-gal now. @foodallergyscience.org do you have any research going on into that?
Because most of us have used Notepad++ at one time or another. Note while the article calls out updating to 8.8.2 its still a release candidate so it's a manual update.
socprime.com/blog/cve-202...
socprime.com/blog/cve-202...
CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover | SOC Prime
Explore details for CVE-2025-49144, a privilege escalation vulnerability affecting Notepad++, with in-depth analysis in the SOC Prime blog.
socprime.com
June 27, 2025 at 12:53 AM
Because most of us have used Notepad++ at one time or another. Note while the article calls out updating to 8.8.2 its still a release candidate so it's a manual update.
socprime.com/blog/cve-202...
socprime.com/blog/cve-202...
Reposted by Cheryl Babcock
CVEs and ATT&CK TTPs currently being seen in use in the wild by known Iranian threat groups:
June 23, 2025 at 6:26 PM
CVEs and ATT&CK TTPs currently being seen in use in the wild by known Iranian threat groups:
Lots of stuff down today...
What is happening right now?
ChatGPT/OpenAI outage for 3 hours
Heroku down for 4 hours (even their status page is down!) NVIDIA dev docs as well (runs on Heroku)
Pipedrive (CRM) issues for 4 hours
What else is down… and are these connected? Something started 4 hours ago…
ChatGPT/OpenAI outage for 3 hours
Heroku down for 4 hours (even their status page is down!) NVIDIA dev docs as well (runs on Heroku)
Pipedrive (CRM) issues for 4 hours
What else is down… and are these connected? Something started 4 hours ago…
June 10, 2025 at 1:15 PM
Lots of stuff down today...
Reposted by Cheryl Babcock
Someone else said something very similar to this the other day, but.
It really burns me that our (millennials') generation was legally terrorized for like, downloading Radiohead discographies
But we're supposed to be ok with billionaires stealing human intellectual output in its entirety bc AI
It really burns me that our (millennials') generation was legally terrorized for like, downloading Radiohead discographies
But we're supposed to be ok with billionaires stealing human intellectual output in its entirety bc AI
May 31, 2025 at 2:52 AM
Someone else said something very similar to this the other day, but.
It really burns me that our (millennials') generation was legally terrorized for like, downloading Radiohead discographies
But we're supposed to be ok with billionaires stealing human intellectual output in its entirety bc AI
It really burns me that our (millennials') generation was legally terrorized for like, downloading Radiohead discographies
But we're supposed to be ok with billionaires stealing human intellectual output in its entirety bc AI
Reposted by Cheryl Babcock
Google Is Using AI to Censor Independent Websites Like Mine | Discussion
Google is Using AI to Censor Independent Websites
My letter to the FTC explaining how Google is using AI to censor thousands of independent websites - and to control the flow of information online.
travellemming.com
May 29, 2025 at 12:00 PM
Google Is Using AI to Censor Independent Websites Like Mine | Discussion
Reposted by Cheryl Babcock
The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.
APT41 malware abuses Google Calendar for stealthy C2 communication
The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.
www.bleepingcomputer.com
May 28, 2025 at 10:04 PM
The Chinese APT41 hacking group uses a new malware named 'ToughProgress' that abuses Google Calendar for command-and-control (C2) operations, hiding malicious activity behind a trusted cloud service.
Reposted by Cheryl Babcock
Pro tip: Are you using Ublock Origin? Add "google.com##.hdzaWe" without quotes to your Ublock Origin My Filters to block the google AI overview and apply changes.
May 28, 2025 at 11:26 AM
Pro tip: Are you using Ublock Origin? Add "google.com##.hdzaWe" without quotes to your Ublock Origin My Filters to block the google AI overview and apply changes.
Reposted by Cheryl Babcock
The Windows Subsystem for Linux is now open source | Discussion
The Windows Subsystem for Linux is now open source
Today we’re very excited to announce the open-source release of the Windows Subsystem for Linux. This is the result of a multiyear effort to prepare for this, and a great closure to the first ever issue raised on the Microsoft/WSL repo:
blogs.windows.com
May 19, 2025 at 5:20 PM
The Windows Subsystem for Linux is now open source | Discussion
Saw this on @cyberciti.biz 's FB page...life of a web app tester lol
May 17, 2025 at 2:36 PM
Saw this on @cyberciti.biz 's FB page...life of a web app tester lol
Reposted by Cheryl Babcock
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections.
New Tor Oniux tool anonymizes any Linux app's network traffic
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections.
www.bleepingcomputer.com
May 15, 2025 at 3:20 PM
Tor has announced Oniux, a new command-line tool for routing any Linux application securely through the Tor network for anonymized network connections.
Supply. Chain. Security. Can’t. Be. An. Afterthought
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years.
Malicious PyPi package hides RAT malware, targets Discord devs since 2022
A malicious Python package targeting Discord developers with remote access trojan (RAT) malware was spotted on the Python Package Index (PyPI) after more than three years.
www.bleepingcomputer.com
May 8, 2025 at 8:08 PM
Supply. Chain. Security. Can’t. Be. An. Afterthought
Reposted by Cheryl Babcock
Curl: We still have not seen a single valid security report done with AI help | Discussion
#hackerone #curl | Daniel Stenberg | 184 comments
That's it. I've had it. I'm putting my foot down on this craziness.
1. Every reporter submitting security reports on #Hackerone for #curl now needs to answer this question:
"Did you use an AI to find the problem or generate this submission?"
(and if they do select it, they can expect a stream of proof of actual intelligence follow-up questions)
2. We now ban every reporter INSTANTLY who submits reports we deem AI slop. A threshold has been reached. We are effectively being DDoSed. If we could, we would charge them for this waste of our time.
We still have not seen a single valid security report done with AI help. | 184 comments on LinkedIn
www.linkedin.com
May 6, 2025 at 7:00 PM
Curl: We still have not seen a single valid security report done with AI help | Discussion
Yeah let’s cut things when cyber attacks are becoming more sophisticated 😑
White House proposes $500 million cut to CISA, which would slash cyber defense agency spending by 16%
www.databreachtoday.com/white-house-...
www.databreachtoday.com/white-house-...
White House Proposes $500 Million Cut to CISA
President Donald Trump proposed a series of budget cuts Friday that would in part reduce the Cybersecurity and Infrastructure Security Agency's spending for fiscal
www.databreachtoday.com
May 5, 2025 at 2:12 PM
Yeah let’s cut things when cyber attacks are becoming more sophisticated 😑
That feeling when you go and look up the URL for documentation for YARA-L and the Google AI helpfully(?) gives you an example rule for detecting ‘minicats’
May 2, 2025 at 5:57 PM
That feeling when you go and look up the URL for documentation for YARA-L and the Google AI helpfully(?) gives you an example rule for detecting ‘minicats’
Reposted by Cheryl Babcock
Sign your names or you're a toaster, American cyber pros. https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs
April 29, 2025 at 3:34 AM
Sign your names or you're a toaster, American cyber pros. https://www.eff.org/press/releases/eff-leads-prominent-security-experts-urging-trump-administration-leave-chris-krebs
One of my SOC team sent me this:
cybersecuritynews.com/microsoft-de...
TLDR: the false positive means tons of private Adobe documents were sent to Any.Runs public sandbox for analysis. They are marking all those docs private to reduce spillage but people keep uploading....
cybersecuritynews.com/microsoft-de...
TLDR: the false positive means tons of private Adobe documents were sent to Any.Runs public sandbox for analysis. They are marking all those docs private to reduce spillage but people keep uploading....
Microsoft Defender XDR False Positive Leads to Massive Data Leak of 1,700+ Sensitive Documents
ANY.RUN research identified a large-scale data leak event triggered by a false positive in Microsoft Defender XDR. The security platform incorrectly flagged benign files as malicious, leading to their...
cybersecuritynews.com
April 27, 2025 at 2:27 PM
One of my SOC team sent me this:
cybersecuritynews.com/microsoft-de...
TLDR: the false positive means tons of private Adobe documents were sent to Any.Runs public sandbox for analysis. They are marking all those docs private to reduce spillage but people keep uploading....
cybersecuritynews.com/microsoft-de...
TLDR: the false positive means tons of private Adobe documents were sent to Any.Runs public sandbox for analysis. They are marking all those docs private to reduce spillage but people keep uploading....
SANS has put out a checklist for developers to write more secure web apps. The biggest strength is a link to CWEs for each item to provide more detail.
www.sans.org/cloud-securi...
www.sans.org/cloud-securi...
Security Checklist for Web Application | SANS Institute
SWAT Checklist from SANS Securing the App. The first step toward building a base of secure knowledge around web application security.
www.sans.org
April 22, 2025 at 1:31 PM
SANS has put out a checklist for developers to write more secure web apps. The biggest strength is a link to CWEs for each item to provide more detail.
www.sans.org/cloud-securi...
www.sans.org/cloud-securi...
Reposted by Cheryl Babcock
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.
Cisco Webex bug lets hackers gain code execution via meeting links
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.
www.bleepingcomputer.com
April 18, 2025 at 12:10 PM
Cisco has released security updates for a high-severity Webex vulnerability that allows unauthenticated attackers to gain client-side remote code execution using malicious meeting invite links.