DevTestSecOps – Telegram

DevTestSecOps

136 subscribers

487 photos

30 videos

37 files

703 links

Forwards and notes on development, testing, security, and operations from @q587p.

About me: studied as System Architect, worked as a SysAdmin, working now as an Test Automation Engineer. Also, I'm interested in hacking (and everything related to it).

జ్

Download Telegram

About

Blog

Apps

Platform

136 subscribers

#vibe #security

💯4👌3🥴1🤝1

142 views14:20

#security #GoogleDrive #USA

https://www.washingtonpost.com/politics/2025/04/20/trump-biden-sensitive-documents-shared/

The Washington Post

Sensitive documents, including White House floor plans, improperly shared with thousands

The inadvertent sharing of a Google Drive folder with the entire staff of the General Services Administration was the latest instance of sloppy handling of sensitive documents under both Biden and Trump.

🤯2🤩2

125 views06:42

образотворчо просвітницька спілка квант войд буддизм енджоерів

WHAT THE FUCK IS ZERODAY🇺🇸🔥👊

#security #USA #way

https://www.theregister.com/2025/04/23/trump_us_security/

America's cyber defenses are being dismantled from the inside

Opinion: The CVE system nearly dying shows that someone has lost the plot

😁3🫡3👏2

158 views17:12

#vibe #security

#vibe #security #way

🤣4🙈2👏1🌚1

1.39K views13:42

#rickroll #security

🤝5💯3⚡2😁1

471 viewsedited 04:23

#vibe #security #way

#vibe #security

Funny every single time 😆

😁6👌2🤪1

158 views19:38

#security #AI #health

Looks interesting:

Zero trust. Zero security. Total exposure. A deliberately vulnerable health tech platform with AI Chatbot for learning about application security and ethical hacking. It contains vulnerabilities from OWASP top 10 Web, API and AI/LLM Security Vulnerabilities. Highly vulnerable, never use in production.

https://github.com/aligorithm/Zero-Health

GitHub - aligorithm/Zero-Health: Zero trust. Zero security. Total exposure. A deliberately vulnerable health tech platform with…

Zero trust. Zero security. Total exposure. A deliberately vulnerable health tech platform with AI Chatbot for learning about application security and ethical hacking. It contains vulnerabilities fr...

✍2🔥1👌1

112 views08:08

#security #Signal #push

Interesting:

https://functional.cafe/@arianvp/114626599930283336

Functional Café

Arian (@[email protected])

Signal (and many other messengers) stores push tokens in their database in plain text. Which allows law enforcement to subpoena them (though signal has never publicly admitted this happening) and then law enforcement uses these push tokens to subpoena apple…

✍2👀2

123 viewsedited 09:18

#China #security #leak

https://cybernews.com/security/chinese-data-leak-billiones-records-exposed/

Largest ever data leak exposes over 4 billion user records

China suffers its largest data breach ever with 4 billion user records exposed, including WeChat, Alipay, and financial data.

🔥2🤯2👏1

102 views06:12

#security #Twitter

https://blog.cryptographyengineering.com/2025/06/09/a-bit-more-on-twitter-xs-new-encrypted-messaging/

A Few Thoughts on Cryptographic Engineering

A bit more on Twitter/X’s new encrypted messaging

Update 6/10: Based on a short conversation with an engineering lead at X, some of the devices used at X are claimed to be using HSMs. See more further below. Matthew Garrett has a nice post about T…

👏2🤨1

116 views10:23

#mantra #security

😁3✍2🙏2

267 views07:45

#Security Analysis: MCP Protocol Vulnerabilities in #AI Toolchains

https://www.cyberark.com/resources/threat-research-blog/is-your-ai-safe-threat-analysis-of-mcp-model-context-protocol

https://www.reddit.com/r/netsec/comments/1ldiilv/security_analysis_mcp_protocol_vulnerabilities_in/

👀2👌1🙈1

96 views17:31

😁5🔥2👏2

180 viewsedited 13:06

😁4🫡3👌2

135 views08:59

#security #Notion

https://twitter.com/simonw/status/1969111931152634010

X (formerly Twitter)

Simon Willison (@simonw) on X

Classic prompt injection attack here against Notion: hidden text (white on white) in a PDF which, when processed by Notion, causes their agent to gather confidential data from other pages and append it into a query string that gets passed to their functions_search()…

👌2🔥1👏1

145 views07:47

#security #React

Again?

✍3👨‍💻2💯1

146 views08:42

#security #cURL #AI

https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html

cURL removes bug bounties

Nyheter för dig som är verksam i den svenska elektronikbranschen som exempelvis tillverkare, konsult, distributör, finansiär, investerare, konstruktör eller tekniker.

👏2👨‍💻2💩1👌1

116 views13:05

#security #AI

https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys

Hacking Moltbook: AI Social Network Reveals 1.5M API Keys | Wiz Blog

Learn how a misconfigured Supabase database at Moltbook exposed 1.5M API keys, private messages, and user emails, enabling full AI agent takeover.

👏3😁2😨2

125 views17:23

#AI #security

https://www.anthropic.com/glasswing

Project Glasswing: Securing critical software for the AI era

A new initiative to secure the world’s most critical software and give defenders a durable advantage in the coming AI-driven era of cybersecurity.

71 views08:54

#security #password #Edge

https://fixupx.com/L1v1ng0ffTh3L4N/status/2051308329880719730

🧵 Thread • FixupX

Tom Jøran Sønstebyseter Rønning (@L1v1ng0ffTh3L4N)

Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them.

😁2🤯2🙈1

70 views21:24