We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update.

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:53:01 GMT

kerrybenton@ioc.exchange — Tue, 12 May 2026 20:53:01 GMT

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:48:49 GMT

sharkfie@infosec.exchange — Tue, 12 May 2026 20:48:49 GMT

@briankrebs I've been feeling this lately with regards to most software updates (for personal usage), continuous enshittification is a factor too

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:47:29 GMT

snyperwolf@kind.social — Tue, 12 May 2026 20:47:29 GMT

@briankrebs Well said!

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:46:53 GMT

quatermasstools@infosec.exchange — Tue, 12 May 2026 20:46:53 GMT

@briankrebs redundant “backdoored” in there

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:46:37 GMT

stekopf@mstdn.social — Tue, 12 May 2026 20:46:37 GMT

@briankrebs

I anyway have #UpdateAngst all the time because of new bugs, loss personal data like bookmarks/favourites, worse interfaces, more ads, the usual enshitification, and now backdoors. 🥳

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:46:18 GMT

hopelessdemigod@mstdn.social — Tue, 12 May 2026 20:46:18 GMT

@briankrebs

Is it the point in history where we go back to the Commodore 64?

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:42:27 GMT

mostlytato@mstdn.social — Tue, 12 May 2026 20:42:27 GMT

@briankrebs
You have reminded me that I need a new phone. Damn.

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:41:45 GMT

krypt3ia@infosec.exchange — Tue, 12 May 2026 20:41:45 GMT

@briankrebs As it was foretold...

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:40:35 GMT

clickhere@mastodon.ie — Tue, 12 May 2026 20:40:35 GMT

@briankrebs Thus has been my icky time for some years now..

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:29:56 GMT

cyanautik@infosec.exchange — Tue, 12 May 2026 20:29:56 GMT

@notasnek @briankrebs *cough* 20240718 *cough* as a PoC for that?

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:27:25 GMT

briankrebs@infosec.exchange — Tue, 12 May 2026 20:27:25 GMT

@kirakira all valid. I feel like we have learned 1000 lessons since xz on how not to do software security, most especially with countless devs having their NPM and/or GitHub repos completely pwned or silently backdoored. This is happening on a somewhat industrial scale from a variety of threat actors in real time, and some of them are finding great success in subverting the pipelines of companies that sell security software!

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:25:38 GMT

kbal@fedia.io — Tue, 12 May 2026 20:25:38 GMT

For a while now I've been waiting a couple of days to let everyone else try the updates first, unless it's to patch something specific. What happens if everyone starts waiting for everyone else?

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:24:26 GMT

kirakira@furry.engineer — Tue, 12 May 2026 20:24:26 GMT

@briankrebs i feel like a lesson from xz was that it's actually good if there exist professional nerds whose needs are met and who aren't overworked or micromanaged so they have the space to needle and poke things. i'm sure someone with a linkedin acct is going "ai could fix this" but we're this deep into ai and this fix is apparently arriving on the same schedule as that exponential rise in software quality

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:19:18 GMT

futuristicrobert@infosec.exchange — Tue, 12 May 2026 20:19:18 GMT

@docpop @briankrebs Benn Jordan is a national treasure.

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:14:36 GMT

jt_rebelo@ciberlandia.pt — Tue, 12 May 2026 20:14:36 GMT

@sraars "someone stole the beads!" @briankrebs

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:13:14 GMT

notasnek@infosec.exchange — Tue, 12 May 2026 20:13:14 GMT

@briankrebs doesn't this mean that a motivated bad actor could compromise Microsoft/Apple/Google/Amazon and break the world? Stongarm the nerds, then push out some diabolical patch.

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:12:40 GMT

docpop@mastodon.social — Tue, 12 May 2026 20:12:40 GMT

@briankrebs this vibe is perfectly captured in Benn Jordan's video about finding malware in UniTree robot dogs https://www.youtube.com/watch?v=lA8WuXDXfcI

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:12:04 GMT

sraars@hippodon.com — Tue, 12 May 2026 20:12:04 GMT

@briankrebs Return to abacus.

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:10:06 GMT

20002ist@thepit.social — Tue, 12 May 2026 20:10:06 GMT

@briankrebs

Reply to We've come to an icky time in security when the concern about using outdated, unpatched software starts to become overshadowed by the fear of downloading some backdoored update. on Tue, 12 May 2026 20:09:29 GMT

noplasticshower@infosec.exchange — Tue, 12 May 2026 20:09:29 GMT

@briankrebs I guess the only real answer is building secure software in the first place