CIRCLE WITH A DOT

FBI said it's "aware of malicious actors" targeting Patel’s email and that "the information in question is historical in nature and involves no government information." Many files are dated 2014 to ~2019. But as noted by William Turton on X, a single email is dated 2022, sugesting more may leak.https://techcrunch.com/2026/03/27/iranian-hackers-claim-breach-of-fbi-director-kash-patels-personal-email-account/

I'm happy to announce the long-awaited first release of misp-modules-cli version 1.0.0. This initial release makes it nifty and convenient to use MISP expansion modules directly from the command line, whether you are working against a local or remote misp-modules service. The goal is simple: bring the power of misp-modules into a lightweight CLI workflow that is easy to script, automate, and integrate into daily analysis work.#misp #mispmodules #threatintelligence #threatintel #opensource #cli #cybersecurity #osint @misp Release note https://github.com/MISP/misp-modules-cli/releases/tag/v1.0 misp-modules-cli https://github.com/MISP/misp-modules-cli misp-modules https://github.com/MISP/misp-modules

@ai6yr I SAW THAT!Hooved.OnlyFarms.govAvian.OnlyFarms.govthe subdomains are endless*

@k3ym0 no, but seriously, I agree witchoo 100%.love thy neighbor and live longer.

We don’t always need more tech in classrooms. Sometimes the smartest move is knowing when to unplug.Why less tech might mean better learning, find out:https://www.korte.co/2026/03/26/the-ed-tech-promise-that-overpromised/#EdTech #Education #Leadership #DigitalTransformation

@porkbun RDAP is a pretty silly address and I appreciate that.You never see ‘.horse‘ in IOCs because it’s a $25 domain!#dns

allowing html emails is still the largest risk that pretty much every org is intentionally accepting send toot

This is a big deal. Court finds Meta and Google liable for kids’ social media addiction under product liability theories. This strategy gets around Section 230 protections because the focus is on the platforms’ product designs, not the content posted by users. https://www.latimes.com/california/story/2026-03-25/social-media-lawsuit-trial-meta-google-verdict

Many of the other crypto phishing pages have been simpler lures: try-trezcard[.]com live-ledgerupdate[.]com valid-ledgerlive[.]com 822037[.]help support.devicerecovery[.]io Our team at Infoblox is hopeful that with more public awareness about these ongoing campaigns from Poisonseed, hopefully fewer enterprise organizations and individuals will be impacted and we'll see a reduction in these attacks over the next year. If you have any tips or leads on this campaign or others like it, please don't hesitate to ping our team!

@kagihq so are you offering a subscription without that slop superstore attached to it yet then?

@glyph I like Antix and MX Linux, because they're a Debian distro that supports non-systemd inits but doesn't see it as their sole mission in life.(that said, it'd be neat if they ported the MX Tools suite to other systems)

@siege American English always

@gknauss @mttaggart Try opting into the iOS 18 public beta from the software update settings. It should offer 18.7.3 as an update, and being on that beta branch will prevent iOS 26 from appearing as well. I did this when 18.7.3 came out since it wasn’t offered as “normal” update, just a final release on the beta branch. 18.7.4 on do seem to be exclusive to older devices though.

@campuscodi Not sure if helpful, but I've published an aggregate "view" of what has been currently published regarding TeamPCP, Triviy and KICS (and more).https://cstromblad.com/posts/threat-actor-profile-teampcp/

Alright I'm speeding up my review of the phishing kits that my project, Phossil, collected. My current estimate is that over the last 5 years I've collected about 1,200 kits. I'm going to review these in two passes - first, just to identify whether they're legit phishing kits (not other malware, webshells, etc.). Later I'll review them for contents - leaked info, trends, targeted companies, etc. I'll be shitposting in this thread with anything funny that I see.

@mttaggart they somehow put rubric creation among what they refer to as low value work.JFC did no one consider this at all? How can you possibly automate assessment like that??? Do they not know what the purpose of a rubric actually is???

@jviide Imagine using one of the names of the slopmachines like this...Even if the code is rubbish no one would notice (or check), and the majority would just merge it anyway as long as the tests succeeded.Also, thanks for making me laugh out loud. And loathe Github even more.

@401matthall I'm honestly not sure if the fuel is the primary limitation on working lifetime. But it certainly means they can't dodge forever, and dodging more often requires more fuel, which either requires bigger tanks (and more $$$) or shorter operating lifetimes.

Obviously I have a lot of feelings about OpenAI acquiring Astral but I am going to try not to do much Discourse today, on account of there's not much to do about it and everybody's feelings are probably pretty raw at the moment. I am also going to *try* and wait to have much in the way of commentary until there's a better picture of what concrete influence the acquisition will have.

@Vivaldi This updte totally broke my browser. No more windows-buttons in the top right, the adress bar is only visible when it's on the bottom. DIsabling or re-enabling auto hide doesn't help. Is there a way to downgrade?