Nostr notes by BeyondMachines :verified:

Unless one is a billionaire (or their close family), we all do.

2026-05-04T04:05:38Z

In reply to nevent1q…jy0m
_________________________

Unless one is a billionaire (or their close family), we all do.

Welcome to the revolution ...

2026-05-04T03:59:52Z

Welcome to the revolution

#privacy #compliance ...

2026-05-01T08:04:12Z

#privacy #compliance

Not hallucinating, not hitting a token limit. Only uncontrolled ...

2026-04-23T09:24:27Z

Not hallucinating, not hitting a token limit. Only uncontrolled expense is coffee.
Are "#AI layoffs" coming?

Should we tell him or should we let him figure it out? ...

2026-04-21T18:26:14Z

Should we tell him or should we let him figure it out?

Shamelessly stolen from a @npub19kd…t56d commercial ...

2026-04-20T19:37:09Z

Shamelessly stolen from a Proton (npub19kd…t56d) commercial

Everyone needs a VLC player, maybe not like this tho ...

2026-04-15T11:49:52Z

Everyone needs a VLC player, maybe not like this tho

Lo and behold ...

2026-04-11T19:12:39Z

Lo and behold

LinkedIn Is Quietly Scanning Your Browser Every Time You Visit ...

2026-04-03T11:01:26Z

LinkedIn Is Quietly Scanning Your Browser Every Time You Visit

Research published on browsergate.eu reports that LinkedIn silently scans visitors' Chromium-based browsers for over 6,000 installed extensions, revealing indicators of sensitive personal data like religion, health, politics, and job-search activity. The platform can easily link findings to identified user profiles, which raises serious GDPR, ePrivacy, and general privacy and legal concerns.

**Switch to Firefox for LinkedIn, or use a separate Chrome profile with no extensions installed when visiting the site. And load up on all ad and script blocker extensions you can find, like Ublock Origin, Ublock Lite, Privacy Badger...**
#cybersecurity #infosec #knowledge #awareness
https://beyondmachines.net/event_details/linkedin-is-quietly-scanning-your-browser-every-time-you-visit-m-0-k-n-h/gD2P6Ple2L

Critical RCE Vulnerability Patched in Delta Electronics COMMGR 2 ...

2026-03-19T16:01:48Z

Critical RCE Vulnerability Patched in Delta Electronics COMMGR 2

Delta Electronics patched a critical stack-based buffer overflow (CVE-2026-3630) and an out-of-bounds read (CVE-2026-3631) in its COMMGR 2 software that could allow unauthenticated attackers to execute remote code or leak sensitive data.

**Make sure all industrial devices are isolated from the internet and accessible from trusted networks only. Update Delta Electronics COMMGR 2 software to version 2.11.1 as soon as possible. In the meantime make sure they are isolated from the internet.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-rce-vulnerability-patched-in-delta-electronics-commgr-2-l-p-i-8-y/gD2P6Ple2L

The protomolecule knew what it was doing ...

2026-03-10T11:12:10Z

The protomolecule knew what it was doing

coping with interstellar medium looks like the better alternative ...

2026-03-02T05:40:46Z

coping with interstellar medium looks like the better alternative these days

Nostr event nevent1qqs2qj4rklmahgv8x775tsddvwusqwd0e74g7a47ek8m8credangwsqzyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93qrv65jg

2026-02-21T16:25:05Z

Not a gift from the geeks. A gift from the grifters ...

2026-02-19T18:11:25Z

Not a gift from the geeks. A gift from the grifters

AI will improve humanity 🤡 ...

2026-02-15T14:38:54Z

AI will improve humanity 🤡

Telegram Allegedly Impacted by Massive Data Leak Exposing 200 ...

2026-02-14T13:01:33Z

Telegram Allegedly Impacted by Massive Data Leak Exposing 200 Million User Records

A threat actor leaked a dataset allegedly containing 200 million Telegram user records, including phone numbers and emails. The company claims the data consists only of public information gathered via contact imports.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/telegram-allegedly-impacted-by-massive-data-leak-exposing-200-million-user-records-f-q-5-e-2/gD2P6Ple2L

Codeway AI Chat App Leak Exposes 300 Million Messages Due to ...

2026-02-10T10:01:33Z

Codeway AI Chat App Leak Exposes 300 Million Messages Due to Firebase Misconfiguration

Codeway's Chat & Ask AI app exposed 300 million messages from 25 million users due to a Firebase misconfiguration that allowed unauthenticated access to the backend database.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/codeway-ai-chat-app-leak-exposes-300-million-messages-due-to-firebase-misconfiguration-p-p-b-o-1/gD2P6Ple2L

it's amazing what computers can do... in 1995 ...

2026-01-29T19:10:19Z

it's amazing what computers can do... in 1995

#Microslop of the day ...

2026-01-28T16:54:23Z

#Microslop of the day

Did anyone ask you if you want #AI? DuckDuckGo asked. And guess ...

2026-01-20T09:46:43Z

Did anyone ask you if you want #AI? DuckDuckGo asked.
And guess what?

Nostr event nevent1qqsyltjwem7ff3gc4dv07gr8yvul4gzpjuv5rnpp6e2kw89cqzl6wxczyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93qv63ye3

2026-01-08T13:08:26Z

#Sloperator

#AI didn't make us smarter. It just gave idiots a superpower. ...

2025-12-31T13:29:53Z

#AI didn't make us smarter. It just gave idiots a superpower.
Hoping for a less triggering 2026

Siemens reports critical flaw in IAM Client on multiple ...

2025-12-13T16:01:31Z

Siemens reports critical flaw in IAM Client on multiple industrial products

Siemens is reporting a critical vulnerability (CVE-2025-40800) in its IAM client component affecting multiple industrial software products, which allows unauthenticated attackers to conduct man-in-the-middle attacks due to improper certificate validation. Patches are available for most affected products.

**Make sure all your industrial systems are isolated from the internet and accessible from trusted networks only. If you are using COMOS, NX, Simcenter 3D, Simcenter Femap, Solid Edge plan a quick update for them. Not an urgent thing, but don't ignore this one. Someone will find a way to hack them.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/siemens-reports-critical-flaw-in-iam-client-on-multiple-industrial-products-1-d-o-3-h/gD2P6Ple2L

Everest ransomware gang claims breach of ASUS The Everest ...

2025-12-03T14:01:32Z

Everest ransomware gang claims breach of ASUS

The Everest ransomware group claims to have breached ASUS, allegedly stealing over one terabyte of sensitive data including camera source code, internal documentation, and databases. The group has issued a 21-hour deadline for ASUS to respond via encrypted messaging, threatening to publish the data. ASUS has not yet confirmed the breach.

****
#cybersecurity #infosec #incident #ransomware
https://beyondmachines.net/event_details/everest-ransomware-gang-claims-breach-of-asus-t-z-6-g-h/gD2P6Ple2L

Just wait till we start waiting for the man in the flying sled ...

2025-11-20T09:44:11Z

Just wait till we start waiting for the man in the flying sled

If you know, you know #Privacy ...

2025-11-06T09:03:26Z

If you know, you know

#Privacy

Ernst & Young cloud misconfiguration leaks 4TB SQL Server ...

2025-11-03T11:01:40Z

Ernst & Young cloud misconfiguration leaks 4TB SQL Server backup on Microsoft Azure

Ernst & Young exposed a 4-terabyte unencrypted SQL Server backup file on Microsoft Azure due to a cloud storage misconfiguration after post-merger integration security gaps with an entity acquired by EY Italy in 2020. The leak was discovered by Neo Security during routine attack surface mapping in October 2025. EY claims no client information or confidential data was impacted and the file was from an isolated acquired entity not connected to its global systems.

****
#cybersecurity #infosec #incident #dataleak
https://beyondmachines.net/event_details/ernst-young-cloud-misconfiguration-leaks-4tb-sql-server-backup-on-microsoft-azure-m-9-e-r-o/gD2P6Ple2L

Nostr event nevent1qqs2nztnunxt59mq2r3avauf4y4xchjlfzvmsdsgfkfjc67kc9ctl4czyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93q2jmr4k

2025-11-02T19:12:48Z

#Agenticai

When the server is down ...

2025-10-22T07:11:08Z

When the server is down

Catstronaut #catsofmastodon ...

2025-10-15T16:41:52Z

Catstronaut #catsofmastodon

Zero f*@ks given #catsofmastodon ...

2025-10-09T07:48:40Z

Zero f*@ks given

#catsofmastodon

ChatGPT has automated checkout and purchases. Never EVER give an ...

2025-09-30T18:26:01Z

ChatGPT has automated checkout and purchases.
Never EVER give an AI the power to buy for you.
Or enjoy your new overpriced candles.

When the hacker spends weeks decrypting ...

2025-09-30T11:49:57Z

When the hacker spends weeks decrypting $2a$12$59Wo1yt9opdch5JK5EukLOvrHqI53bj0JBqBgg7cKfwnQkkrqWgHq

but that's the actual password 😈

HelloWorld salad: ...

2025-09-22T10:15:45Z

HelloWorld salad:

Corporate lawyers accidentally protecting human jobs ...

2025-09-17T10:55:04Z

Corporate lawyers accidentally protecting human jobs

The bubble that creates it's own bubble 🤦‍♂️ ...

2025-09-13T15:06:04Z

The bubble that creates it's own bubble 🤦‍♂️

Critical Bluetooth vulnerability reported in SunPower Solar ...

2025-09-03T18:01:42Z

Critical Bluetooth vulnerability reported in SunPower Solar Inverters

A critical unpatched vulnerability (CVE-2025-9696) in SunPower PVS6 photovoltaic inverters allows attackers within Bluetooth range to exploit hard-coded credentials and bypass authentication to gain unauthorized control over critical functions including firmware replacement, power production disabling, and grid settings modification. CISA recommends isolating inverter networks and disabling Bluetooth interfaces when not needed. SunPower has not responded to coordinated disclosure attempts.

**If you have SunPower PVS6 inverters, review the advisory and if not actively needed disable their Bluetooth interface when not actively servicing. Implement strong physical security around the devices since attackers can take control from up to 170 feet away. Make sure that the wired connections are isolated from the internet. Use VPN-based wired connections instead of Bluetooth for remote management.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-bluetooth-vulnerability-reported-in-sunpower-solar-inverters-v-2-d-n-f/gD2P6Ple2L

Updating XKCD comics for 2025 ...

2025-08-31T10:37:04Z

Updating XKCD comics for 2025

Nostr event nevent1qqsttyj6zt0ayujzdffdpz0c0fgfud3m9ywlmj73e8s6qmur0elgl2qzyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93q0m33vy

2025-08-25T17:58:07Z

#catsofmastodon

How hacker gangs abuse Microsoft Teams for social engineering ...

2025-08-18T12:01:07Z

How hacker gangs abuse Microsoft Teams for social engineering attacks to target companies

Ransomware gangs are exploiting Microsoft Teams' default permissive external access settings to conduct sophisticated social engineering attacks. They flood victims with spam emails, then impersonate IT support via fake Microsoft tenants to trick users into executing malicious PowerShell commands that steal data and compromise systems.

**Share this technique with your employees. The targeted people will not be IT. Consider blocking external Teams access in your admin settings to avoid fake "help desk" accounts. Advise that teams should check back with their IT via a well known channel and never run commands or programs sent via Teams messages from an unknown person, even if they claim to be from IT support.**
#cybersecurity #infosec #scam #phishing #activephishing
https://beyondmachines.net/event_details/how-hacker-gangs-abuse-microsoft-teams-for-social-engineering-attacks-to-target-companies-0-2-h-k-4/gD2P6Ple2L

I know it's repetitive, but I don't care ...

2025-08-15T15:42:57Z

I know it's repetitive, but I don't care

Nostr event nevent1qqsqgfzlc5prcmgvcg7rxsl9cappl5ruzkcj2rwmaxlvlddeg5krtwszyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93q2esz8e

2025-08-14T12:39:58Z

#2600

The perfect WiFi password, V2.0 ...

2025-08-14T07:37:03Z

The perfect WiFi password, V2.0

Snake Plissken says kudos!

2025-08-05T08:29:17Z

In reply to nevent1q…dvwj
_________________________

Snake Plissken says kudos!

Off-topic. Some 80s CGI i loved. Guess the shows/movies ...

2025-08-05T07:55:53Z

Off-topic. Some 80s CGI i loved.
Guess the shows/movies

There's a new conference in town. And it seems it's ...

2025-08-02T19:10:14Z

There's a new conference in town. And it seems it's already sold out!
#VibeCoding

Today I learned that Moebius designed a cover for a computer ...

2025-07-25T13:01:37Z

Today I learned that Moebius designed a cover for a computer manual.

I want one.

To all the "optimizing" managers firing people and using ...

2025-07-20T11:11:18Z

To all the "optimizing" managers firing people and using LLMs:
Do you know what is the most common request your chatbot gets?

Nostr event nevent1qqsfpelc68p480nrv92ywnwvs4t5mcy65ud3nlfe26kh9d2e0lszjkqzyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93qlu8p4r

2025-07-11T06:30:23Z

The Great Llama :fuck_verify: (npub1hlm…t928)

The program you DON'T WANT TO INSTALL! Share and educate ...

2025-07-10T12:28:30Z

The program you DON'T WANT TO INSTALL!

Share and educate people!

From the company that took all digitized content without permission to build their product, now we have a browser.

So the company can use your data and behavior and to lock you in to their statistical parrot (AI)

#AI #privacy

Injection vulnerability, level ultimate Reminds me of Snow Crash ...

2025-07-06T16:17:32Z

Injection vulnerability, level ultimate
Reminds me of Snow Crash

Strong Password Policy 101 ...

2025-07-02T10:55:07Z

Strong Password Policy 101

And i can't stop watching... ...

2025-06-22T13:02:52Z

And i can't stop watching...

Some people will remember the pain ...

2025-06-19T12:11:31Z

Some people will remember the pain

"Works on my machine", oil on canvas. Unknown artist, ...

2025-06-18T10:50:47Z

"Works on my machine", oil on canvas.
Unknown artist, 2025

#VibeCoding your MFA ...

2025-06-16T11:52:44Z

#VibeCoding your MFA

AI singularity will not be achieved by AI getting smarter. ...

2025-06-01T04:47:52Z

AI singularity will not be achieved by AI getting smarter.

Them: How did you get radicalized? Me: ...

2025-05-30T11:08:46Z

Them: How did you get radicalized?
Me:

one has to chase that uptime! ...

2025-05-30T03:39:13Z

In reply to nevent1q…74y2
_________________________

one has to chase that uptime!

True definition of critical infrastructure ...

2025-05-29T16:56:52Z

True definition of critical infrastructure

Network management, level ultimate ...

2025-05-29T07:56:24Z

Network management, level ultimate

Nostr event nevent1qqszzek86tq4l5gu4rv74dtayek2axvkxfecxcjya99k8h2a6hurgcszyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93qhv8u6e

2025-05-26T06:31:07Z

#goodmorning

How to terrify a #Linux user 👇 maybe ...

2025-05-22T10:28:56Z

How to terrify a #Linux user 👇

maybe FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8 works?

Data Greed is a disease ...

2025-05-17T18:35:23Z

Data Greed is a disease

Donald Draper level of marketing genius ...

2025-05-12T13:55:21Z

Donald Draper level of marketing genius

This meeting could have been a podcast 🎧 . ...

2025-05-08T13:16:00Z

This meeting could have been a podcast 🎧 .

#security has a lot of different definitions ...

2025-05-04T06:19:16Z

#security has a lot of different definitions

Sincere LLMs ...

2025-05-01T20:38:22Z

Sincere LLMs

Barnstable County Sheriff's office reports internal data ...

2025-04-28T08:01:45Z

Barnstable County Sheriff's office reports internal data breach

The Barnstable County Sheriff's Office in Massachusetts reports a data breach when an employee intentionally exfiltrated a spreadsheet containing sensitive personal information of over 100 former employees and one current employee by sending it to their private email account. The employee is on administrative leave pending investigation.

****
#cybersecurity #infosec #incident #databreach
https://beyondmachines.net/event_details/barnstable-county-sheriff-s-office-reports-internal-data-breach-t-q-n-j-t/gD2P6Ple2L

some people deserve Extra-Hell ...

2025-04-28T07:36:38Z

some people deserve Extra-Hell

If Microsoft can suggest that 240 million computers are thrown in ...

2025-04-23T13:16:04Z

In reply to nevent1q…ewz5
_________________________

If Microsoft can suggest that 240 million computers are thrown in the garbage because of Windows 11, Schneider Electric can do the same. 🤷‍♂️

Schneider Electric reports critical flaw in Wiser Home Controller ...

2025-04-23T13:01:07Z

Schneider Electric reports critical flaw in Wiser Home Controller WHC-5918A

The Schneider Electric Wiser Home Controller WHC-5918A contains a critical security vulnerability (CVE-2024-6407, CVSS 9.8) allowing attackers to extract sensitive credentials by sending specially crafted messages. Schneider is recommending complete replacement of the discontinued device with their newer C-Bus Home Controller model as no security patches will be released.

**If you are using Schneider Electric Wiser Home Controller WHC-5918A devices, be aware that they are critically vulnerable and won't be patched. As usual, make sure they are isolated from the internet and accessible only from trusted networks. Then make a full risk assessment and consider replacing them with supported and secured devices.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/schneider-electric-reports-critical-flaw-in-wiser-home-controller-whc-5918a-0-k-c-4-0/gD2P6Ple2L

#catsofmastodon Steve, open up. I forgot my sniper rifle ...

2025-04-19T18:57:35Z

#catsofmastodon
Steve, open up. I forgot my sniper rifle

#catsofmastodon #opensource ...

2025-04-16T07:29:13Z

#catsofmastodon #opensource

Nostr event nevent1qqsz0xl83jk8ep9ujp74ldfncpflq6rtpkjav2z3mqj9uqmwar69zpczyzelx5rxkxmfueesph3jw7d0dcux8h57pydzhg96ktkktqaqpw93qtq5qz4

2025-04-14T07:34:03Z

#terribleMaps

The essence of "Legitimate interest": ...

2025-03-19T10:27:09Z

The essence of "Legitimate interest":

Shelob would like a word with you...

2025-03-09T17:22:35Z

In reply to nevent1q…t6ju
_________________________

Shelob would like a word with you...

Gary from IT is here to get rid of the bugs in your computer ...

2025-03-09T12:49:41Z

Gary from IT is here to get rid of the bugs in your computer

It's basic physics 🤷‍♂️ ...

2025-02-18T09:59:21Z

It's basic physics 🤷‍♂️

Apple releases emergency update iOS 18.3.1 and iPadOS 18.3.1 to ...

2025-02-11T11:01:37Z

Apple releases emergency update iOS 18.3.1 and iPadOS 18.3.1 to fix actively exploited flaw
#cybersecurity #infosec #advisory #databreach
https://beyondmachines.net/event_details/apple-releases-emergency-update-ios-18-3-1-and-ipados-18-3-1-to-fix-actively-exploited-flaw-p-w-5-x-7/gD2P6Ple2L

Good morning #MondayMotivation Art by @instachaz on Instagram ...

2025-02-10T05:54:25Z

Good morning #MondayMotivation
Art by @instachaz on Instagram

🔐 ByteBreach 2025.1 Challenge is Live! A new cybersecurity ...

2025-02-05T11:01:37Z

🔐 ByteBreach 2025.1 Challenge is Live!

A new cybersecurity scavenger hunt with 6 tokens to discover. Running from today until Feb 24, noon CET.

Prizes:
✨ The Day After Production Workshop spot
💎 Amazon Gift Cards (€40, €20)

Proudly sponsored by Sorsix - Solutions for human health

Think you can crack it? Join the hunt at:
https://challenge.beyondmachines.net

#CyberSecurity #InfoSec #CTF #TryHackMe

Can't seem to find them ...

2025-01-29T19:36:11Z

Can't seem to find them

Greetings from Europe ...

2025-01-22T09:11:34Z

Greetings from Europe

We don't need to read the text. The headline alone wins a ...

2025-01-18T13:31:14Z

We don't need to read the text. The headline alone wins a Pulitzer.

How it started, how it's going ...

2025-01-17T09:14:59Z

How it started, how it's going

Developers, meet The patch ...

2025-01-16T08:25:24Z

Developers, meet The patch

This is why we must always validate all user input #cybersecurity ...

2025-01-14T10:01:51Z

This is why we must always validate all user input
#cybersecurity #awareness

Bats of Mastodon ...

2025-01-11T21:27:01Z

Bats of Mastodon

Code inheritance, the traditional way ...

2024-12-16T09:01:07Z

Code inheritance, the traditional way

We need to normalize JOMO ...

2024-12-13T11:47:45Z

We need to normalize JOMO

This escalated quickly... ...

2024-12-03T13:01:40Z

This escalated quickly...

Critical flaws reported in WordPress Anti-Spam plugin by ...

2024-11-26T17:01:24Z

Critical flaws reported in WordPress Anti-Spam plugin by Cleantalk
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-flaws-reported-in-wordpress-anti-spam-plugin-by-cleantalk-9-n-b-w-u/gD2P6Ple2L

🚨 Delete Your 🧬 Data from @23andMe NOW! 🚨 Share, warn, ...

2024-11-25T08:39:16Z

🚨 Delete Your 🧬 Data from @23andMe NOW! 🚨

Share, warn, educate!

The company is about to go under, all assets will be sold off. Whoever buys it will have your DNA and PII, and no responsibility towards you.

They can publish it, sell it, abuse it. Because it's their ownership

Follow me for more tips 😈 ...

2024-11-24T12:24:42Z

Follow me for more tips 😈

Copilot will index everything if you give it access to ...

2024-11-23T10:58:14Z

Copilot will index everything if you give it access to everything. It's chmod 444.

The problem is a combo of half-baked product AND a CluelessBossFOMO®️ that forces AI down the throat of the company and permit access to everything. While security people are screaming and warning that chmod 444 is stupid.

A week later, the AI indexes everything and Joe Blow starts asking why is his salary so low compared to others. Suddenly CluelessBossFOMO®️ blames security people. And newspapers blame (only) the half-baked product.

#AI #cybersecurity #FOMO

Critical flaw reported in Chartify WordPress Chart Plugin ...

2024-11-14T16:01:24Z

Critical flaw reported in Chartify WordPress Chart Plugin
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-flaw-reported-in-chartify-wordpress-chart-plugin-2-2-d-z-e/gD2P6Ple2L

This AI feature is highly requested! ...

2024-11-14T08:49:47Z

This AI feature is highly requested!

We all have this colleague #cybersecurity ...

2024-11-08T09:48:54Z

We all have this colleague
#cybersecurity

We are doing a small cybersecurity challenge - ByteBreach 2024. ...

2024-10-23T13:32:57Z

We are doing a small cybersecurity challenge - ByteBreach 2024.

Prizes are
1. mentorship and participation in a workshop as a penterster
2. attending the workshop
3. just do it for the fun.

The challenge starts at: https://challenge.beyondmachines.net