Public

#security
Stop macOS 15 Sequoia monthly screen recording prompts
Stop macOS 15 Sequoia monthly screen recording prompts

I've not run into the new monthly screen recording prompt yet but I can imagine that when I do it might get annoying. I appreciate Apple being super cautious with security and stuff like this, most of the time, but this feels a bit too much.

It's good to know there is a way to work around it, if you're happy to go "under the hood".

·lapcatsoftware.com·
Stop macOS 15 Sequoia monthly screen recording prompts
Story of one person's recovery of their Apple account
Story of one person's recovery of their Apple account
The circumstances of this person's ban are... up for debate and they don't seem very forthcoming with the details, so it does seem like it might have been deserved, to a degree. But, that aside, some handy information here for people if they do find themselves locked out of their Apple account.
·reddit.com·
Story of one person's recovery of their Apple account
How We Executed A Critical Supply Chain Attack On Pytorch
How We Executed A Critical Supply Chain Attack On Pytorch

"Four months ago, Adnan Khan and I exploited a critical CI/CD vulnerability in PyTorch, one of the world’s leading ML platforms. Used by titans like Google, Meta, Boeing, and Lockheed Martin, PyTorch is a major target for hackers and nation-states alike.

Thankfully, we exploited this vulnerability before the bad guys.

Here is how we did it."

·johnstawinski.com·
How We Executed A Critical Supply Chain Attack On Pytorch
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
"Last week, our automated risk detection platform alerted us to some suspicious activity in dozens of newly published PyPI packages. It appears that these packages are a more sophisticated attempt to deliver the W4SP Stealer on to Python developer’s machines by hiding a malicious import . Join us here on the Phylum research team as we investigate these new and shifting tactics the attacker is using to deploy W4SP stealer in this supply-chain attack."
·blog.phylum.io·
Phylum Discovers Dozens More PyPI Packages Attempting to Deliver W4SP Stealer in Ongoing Supply-Chain Attack
The Apperta Data Breach Fiasco
The Apperta Data Breach Fiasco

If you found a leak of data from the NHS and let them know, you'd think they'd be properly happy about being told, right?

About that...

·secjuice.com·
The Apperta Data Breach Fiasco
EICAR test QR
EICAR test QR
Hilarious hack that can mess with all sorts of systems.
·revk.uk·
EICAR test QR