CyberSecSac & DC916 (@cybersec916.com)

Learning about lockpicking this month thanks to our member Artefact doing a presentation on @deviantollam.bsky.social ‘s work! 🥰🙌🔒🔐

09.10.2025 03:00 👍 3 🔁 0 💬 0 📌 0

‘Widespread’ breach let hackers steal employee data from FEMA and CBP A Citrix vulnerability — suspected to have led to firings of multiple FEMA technology staff — enabled the breach, which let hackers pilfer data from FEMA servers connected to states at the southern bo...

Another day, another reported intrusion of the US government.

www.nextgov.com/cybersecurit...

02.10.2025 01:12 👍 2 🔁 0 💬 0 📌 0

2025 Conference Information PancakesCon 6 stream links are as follows, and ComfyCon will be cross-streamed for the 8 hours prior to the conference on Track 1: Recordings of talks are available on our YouTube, starting approxi…

Enjoy pancakescon!

pancakescon.com/2025-confere...

21.09.2025 14:37 👍 2 🔁 0 💬 0 📌 0

China Imposes One-Hour Reporting Rule for Major Cybersecurity Incidents China is ramping up its cybersecurity enforcement with new regulations requiring network operators to report severe cybersecurity incidents within one

Incident reporting in an hour or less or the next one’s free 🍕

thecyberexpress.com/china-cybers...

15.09.2025 15:15 👍 0 🔁 0 💬 0 📌 0

CISA pledges robust support for funding, further development of CVE program A key official from the agency said the vulnerability management program will continue with additional participation and enhancements.

www.cybersecuritydive.com/news/cisa-pl...

CVE's live? 🙌

13.09.2025 00:47 👍 0 🔁 0 💬 0 📌 0

The slides for this month’s presentation and @zoe-j.bsky.social ‘s book report are up on the Discord and will be up on GitHub shortly.

This months news covered NPM, AI slop, GayFemboy malware and more!

We also had a presentation on the Red Team Operations Handbook!

11.09.2025 06:14 👍 0 🔁 0 💬 0 📌 0

That’s a wrap on the DC916 September meeting! Thank you to everyone who contributed articles, to discussions, for pizza, and for amazing community!

11.09.2025 05:59 👍 0 🔁 0 💬 1 📌 0

Plex Confirms Data Breach, Asks Users to Reset Passwords Immediately An unauthorized third-party accessed one of its customer databases, which included emails, usernames, hashed passwords, and authentication data, Plex says.

While serving media from your Plex server is cool, please update your password and try not to serve malware from it. 👾

www.pcmag.com/news/plex-co...

10.09.2025 17:34 👍 0 🔁 0 💬 0 📌 0

three hamsters are sitting at a table with the words one of us ALT: three hamsters are sitting at a table with the words one of us

💜💜💜

10.09.2025 17:17 👍 1 🔁 0 💬 0 📌 0

a woman is laughing and saying it 's gonna be so fun ! ALT: a woman is laughing and saying it 's gonna be so fun !

Officially official now, @blackbadgeraffle.bsky.social and I have launched DEF CON Group Orlando!
Thank you @alethe.bsky.social and DCG!!
We're on Discord welcoming new members and will have meetings starting soon! ✨
discord.gg/KyKYPBCv

10.09.2025 17:05 👍 6 🔁 4 💬 3 📌 0

Oops, No Victims: The Largest Supply Chain Attack Stole 5 Cents The biggest financial impact expected to be the millions of dollars of SaaS contracts signed with security vendors

www.securityalliance.org/news/2025-09...

Thanks to @djcapy.com for this one. (also, lol at them only getting 5 cents) 😂🔥

10.09.2025 12:56 👍 1 🔁 0 💬 0 📌 0

npm debug and chalk packages compromised The popular packages debug and chalk on npm have been compromised with malicious code

Largest supply chain breach ever (so far?) 😭

www.aikido.dev/blog/npm-deb...

Thanks to DC916 member Slag1sh for the link! 💜

09.09.2025 00:09 👍 1 🔁 0 💬 0 📌 0

New NIST Concept Paper Outlines AI-Specific Cybersecurity Framework Follow us on Bluesky, Twitter (X), Mastodon and Facebook at @Hackread

NIST rolling out initial AI cybersecurity papers/standards.

hackread.com/nist-concept...

19.08.2025 01:24 👍 0 🔁 0 💬 0 📌 0

Looking forward to seeing your faces at the DC916 meeting tonight! Virtual and in person at MADE Studio!

7pm-8:30pm PST!

Dc916.com for the address/Discord!
Hack the planet!

13.08.2025 22:09 👍 0 🔁 0 💬 0 📌 0

Hope everyone is having a safe and happy DEF CON! 💜

09.08.2025 09:20 👍 0 🔁 0 💬 0 📌 0

Flyer for DEF CON first timers

Hello friends, with less than 2 weeks to go until DEF CON 33, please enjoy our “Attending DEF CON Guide” (great for newbies/first timers)

github.com/CyberSecSacr...

28.07.2025 11:49 👍 2 🔁 1 💬 0 📌 0

McDonald’s AI Hiring Bot Exposed Millions of Applicants’ Data to Hackers Who Tried the Password ‘123456’ Basic security flaws left the personal info of tens of millions of McDonald’s job-seekers vulnerable on the “McHire” site built by AI software firm Paradox.ai.

When AI and fast food goes wrong. 😑 🍟

www.wired.com/story/mcdona...

16.07.2025 05:09 👍 2 🔁 0 💬 0 📌 0

Regular reminder to go outside and touch grass sometimes

15.07.2025 23:40 👍 2 🔁 0 💬 0 📌 0

Major railroad-signaling vulnerability could lead to train disruptions The high-severity flaw could let a hacker abruptly halt — and potentially derail — a train.

Planes, trains, and cybersecurity, oh my! 🚊

www.cybersecuritydive.com/news/railroa...

15.07.2025 03:39 👍 3 🔁 0 💬 0 📌 0

The @summerc0n.bsky.social vibes right now:

#hackers #lucky13saloon

12.07.2025 21:14 👍 2 🔁 1 💬 0 📌 0

youtu.be Diana Initiative 2021-Tanya Janca-Building Security Champions

🎥 Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“Building Security Champions”
📽️ https://twp.ai/9PTkef

#CyberSecurity #SecurityAwareness #appsec #securitychampions

12.07.2025 19:24 👍 2 🔁 1 💬 0 📌 0

Earn up to $300k to help a cursed owl yell at people!

12.07.2025 19:28 👍 1 🔁 0 💬 0 📌 0

Cybersecurity Sacramento (DC916) A DEF CON group for hackers, makers, tinkerers and security enthusiasts in the Sacramento area.

[MEETING REMINDER]
❔What: Monthly Meeting - August

🕖 When: Wednesday, August 13th @ 7PM - 8:30PM+

📍Where: Hybrid - Join virtually on Discord or come to the Sacramento Hacker Lab / MADE Studio!
[details in Discord]

👾Join our Discord by checking our landing page for the link: dc916.com

12.07.2025 06:11 👍 0 🔁 0 💬 0 📌 0

NVD - CVE-2025-6514

nvd.nist.gov/vuln/detail/...

11.07.2025 19:15 👍 0 🔁 0 💬 0 📌 0

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads A critical vulnerability in mcp-remote (CVE-2025-6514) allows remote code execution, affecting 437,000+ users.

When a 9.6 MCP exploit drops impacting hundreds of thousands 😭

thehackernews.com/2025/07/crit...

11.07.2025 19:14 👍 1 🔁 0 💬 1 📌 0

HAPPY CULT OF THE DEAD COW DAY, SKEETR0NZ!

Be Sure to hit-up your local 7/11 to collect the free slurpeez they're handing out to celebrate the birthday of cDc!

Or, y'know, don't. We don't care. You do you, homeslice.

11.07.2025 19:08 👍 45 🔁 19 💬 6 📌 4

I’m tracking 128 active CitrixBleed 2 victims in telemetry, today, from attacker infrastructure (one threat actor group).

11.07.2025 08:45 👍 33 🔁 5 💬 2 📌 0

NVD - CVE-2025-6514

nvd.nist.gov/vuln/detail/...

11.07.2025 02:47 👍 0 🔁 0 💬 0 📌 0

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads A critical vulnerability in mcp-remote (CVE-2025-6514) allows remote code execution, affecting 437,000+ users.

When a 9.6 MCP exploit drops impacting hundreds of thousands 😭

thehackernews.com/2025/07/crit...

11.07.2025 02:46 👍 0 🔁 0 💬 1 📌 0

It's 8:10 PM Eastern and I'm glad you're alive.

Thanks for being here with me.

I love you.

You are worthy.

#MakeKindnessNormal

10.07.2025 00:10 👍 43 🔁 5 💬 6 📌 0

CyberSecSac & DC916

Latest posts by CyberSecSac & DC916 @cybersec916.com