the state of AI

@Kimota94 i'll loan you the money to give to oracle to buy it and keep it in my warehouse since they have nowhere to put it?

Can se say entitled jackass?

the state of AI

West Pharmaceutical Services Hit by Disruptive Ransomware Attack

West Pharmaceutical Services suffered a global ransomware attack on May 4, 2026, involving data stolen and system encryption that disrupted manufacturing and shipping operations.

****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/west-pharmaceutical-services-hit-by-disruptive-ransomware-attack-h-h-w-z-w/gD2P6Ple2L

@jschwart no reports on gem.coop.
RubyGems were quite loud about this, and we can't find whether gem.coop uses the same files published to RubyGems...

Safest approach is to still do the same level of review as if gem.coop was attacked.

RubyGems Suspends New Signups Following Mass Malicious Package Injection

RubyGems suspended new account registrations after attackers uploaded hundreds of malicious packages containing exploits to the repository.

**If you're a Ruby developer, audit your Gemfile.lock for any unfamiliar or recently added dependencies and run bundle-audit to scan for known vulnerabilities. Avoid installing or updating gems until RubyGems confirms the cleanup is complete, and treat any new dependency added in the last few days with extra suspicion.**
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/rubygems-suspends-new-signups-following-mass-malicious-package-injection-x-e-f-z-2/gD2P6Ple2L

@ozone89 @VeroniqueB99 possibly, i found it on a FB group posted anonymously ‍️

Pass it on!

For years billionaires and techbros said that educaton is dead because of AI
Now a billionaire says we should study more because of AI

What do you call a hypocrite in Greek? Oh, wait...

Hanover County Public Schools Confirms Data Breach After Attempted Ransomware Attack

Hanover County Public Schools confirmed a data breach after an unauthorized actor gained network access and attempted a ransomware attack in March 2026. The incident potentially exposed sensitive personal information of students and staff.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/hanover-county-public-schools-confirms-data-breach-following-attempted-ransomware-attack-b-1-8-u-y/gD2P6Ple2L

@qole @drahardja In the Culture by Banks the Minds (AIs) can only operate fast enough in Hyperspace. In Fiasco by Stanislaw Lem the AI is miniaturized to the size of an egg so it can be fast enough.
Even the Earth supercomputer of Douglas Adams embraced the biology as part of it's computational matrix.
Our techbros are not very good at being visionaries or advancing technology. Just hype.

@jordan whatever DC destroys places like the ones in my photos. Fuck it.

@neutronstar that's an AI problem, not a human problem

A simple message for the weekend

#privacy #compliance

Celebrity Private Communications Exposed in Stalkerware Database Breach

A misconfigured database belonging to an individual using stalkerware exposed nearly 87,000 screenshots from a prominent celebrity's device, including private chats and sensitive documents. The breach highlights how spyware bypasses end-to-end encryption by capturing data directly from the device's screen.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/celebrity-private-communications-exposed-in-stalkerware-database-breach-u-y-n-m-r/gD2P6Ple2L

Copy Fail: Linux Kernel Flaw Grants Root Access On All Major Distributions

A Linux kernel vulnerability called "Copy Fail" (CVE-2026-31431) allows unprivileged local users to gain root privileges with 100% reliability by corrupting the shared page cache. The flaw affects nearly all Linux distributions since 2017 and enables container escapes because the memory corruption does not modify files on disk.

**If you run Linux servers, especially shared environments like Kubernetes clusters, CI/CD runners, or multi-tenant hosts, patch your kernel immediately to a version that includes the fix (mainline commit a664bf3d603d) for CVE-2026-31431. If you can't patch right away, disable the vulnerable module by running echo "install algif_aead /bin/false" > /etc/modprobe.d/disable-algif.conf followed by rmmod algif_aead, and for untrusted code environments block AF_ALG socket creation via seccomp as a long-term safeguard.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/copy-fail-linux-kernel-flaw-grants-root-access-on-all-major-distributions-w-l-v-0-c/gD2P6Ple2L

Vimeo Discloses Data Breach Following Supply-Chain Compromise of Anodot

Vimeo reports a data breach after the ShinyHunters threat group compromised its third-party analytics provider, Anodot, using stolen authentication tokens. The incident exposed customer email addresses and video metadata but did not impact core video content or payment information.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/vimeo-discloses-data-breach-following-supply-chain-compromise-of-anodot-7-e-e-v-g/gD2P6Ple2L

GitHub Patches Critical RCE Vulnerability in GitHub.com and GitHub Enterprise Server

GitHub patched a critical RCE vulnerability (CVE-2026-3854) in its internal git infrastructure that allowed authenticated users to compromise backend servers and access millions of repositories.

**If you run GitHub Enterprise Server (version 3.19.1 or earlier), upgrade immediately to a patched version (3.14.25, 3.15.20, 3.16.16, 3.17.13, 3.18.8, 3.19.4, 3.20.0, or later) since nearly 90% of instances are still unpatched. Also check your audit logs at `/var/log/github-audit.log` for push operations with unusual special characters in option values to spot any exploitation attempts; if you use GitHub.com or GitHub Enterprise Cloud, no action is needed since GitHub already fixed it.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/github-patches-critical-rce-vulnerability-in-github-com-and-github-enterprise-server-r-x-e-8-5/gD2P6Ple2L

Critical Unpatched RCE Vulnerability in Hugging Face LeRobot Robotics Platform

Hugging Face's LeRobot robotics platform contains a critical unpatched vulnerability (CVE-2026-25874) that allows unauthenticated remote code execution via unsafe pickle deserialization. Attackers can exploit exposed gRPC endpoints to take full control of robotics servers and connected hardware.

**If you're using Hugging Face LeRobot, make sure all robot devices and servers are isolated from the internet and accessible only from trusted networks. Until version 0.6.0 is released with a fix for CVE-2026-25874, run LeRobot as a non-root user inside restricted containers, and monitor for unusual processes or outbound traffic.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-unpatched-rce-vulnerability-in-hugging-face-lerobot-robotics-platform-z-j-o-7-g/gD2P6Ple2L