Security101

We released version 1.13.1 of #OWASP #WrongSecrets! Now with #springboot4 and challenges involving #telegram #AI, #MCP . You can test it at www.wrongsecrets.com . Like what you see? Please give our repo github.com/OWASP/wrongs... a 🌟 if you like it! #security #opensource

Happy Friday! 🚀

Missed a session or want to relive the highlights from OWASP Global AppSec DC? All talk recordings are now live on YouTube!

🎥 Catch what you missed
🔁 Share your favourites
💡 Keep your AppSec learning going

👉 www.youtube.com/play...

#owasp #appsec #infosec #cybersecurity

https://github.com/One-Man-Company/Skills-ContextManager

AI went from assistant to autonomous actor and security never caught up - Help Net Security AI agent security 2026: why autonomous systems are outpacing enterprise controls and what security teams need to do about it before a breach.

AI went from assistant to autonomous actor and security never caught up

📖 Read more: www.helpnetsecurity.com/2026/03/03/e...

#cybersecurity #cybersecuritynews #agenticAI #CISO #enterprise @1password.bsky.social @elastic.co @confluent.io

https://github.com/chainloop-dev/chainloop/raw/main/docs/img/overview-1.png

Chainloop is an evidence store and policy engine for Software Supply Chain attestations, SBOMs, VEX, SARIF, and QA reports, with contract-based workflows, Rego policy evaluation, and third-party integrations such as Dependency-Track and Guac

➜ https://ku.bz/_wQslV4bc

Enable multi-factor authentication (MFA) on all your accounts. It's an extra layer of defense that makes it much harder for attackers to get in, even if they have your password. A simple step for stronger online security.
#Cybersecurity #MFA #SecurityTips

Regularly update your software and operating systems. Patches often fix security vulnerabilities that attackers could exploit. A simple step for big protection.
#CybersecurityTips #StaySafeOnline

Harrison Ford: Life Achievement Award Acceptance Speech | 32nd Annual Actor Awards YouTube video by Netflix

When you have the chance, please take the time to watch Harrison Ford's remarkable, beautiful Life Achievement Award acceptance speech. #ActorAwards

www.youtube.com/watch?v=dV_2...

https://github.com/cisco-ai-defense/skill-scanner

AI dev tool alert.
Claude Code vulnerabilities (now patched) allowed:
RCE via project hooks
MCP consent bypass
API key exfiltration
Config files became execution vectors.
AI-assisted development expands the trust boundary.
Have you updated your tools?
#ClaudeCode #Anthropic #AIsecurity #DevSecOps

Protect your accounts with strong, unique passwords. A long passphrase is easy to remember and much harder to guess. Consider a password manager for convenience and security.
#CybersecurityTips #PasswordStrength #OnlineSafety

Regular software updates aren't just for new features. They often patch security vulnerabilities, making your devices safer from known threats. Make it a habit to update for better digital defense.
#CybersecurityTips #StaySafeOnline #DigitalDefense

sbom-tools — From SBOM to Insight Semantic SBOM diff and analysis tool. Compare, validate, and assess the quality of SBOMs across CycloneDX and SPDX formats.

Binarly's Alex Matrosov has launched SBOM Tools, a platform to compare and analyze SBOM files to understand software supply chain risks

sbom.tools

https://github.com/lreuss07/secintel-ai

LLMs Generate Predictable Passwords

LLMs are bad at generating passwords: There are strong noticeable patterns among these 50 passwords that can be seen easily: All of the passwords start with a letter, usually uppercase G, almost always followed by the digit 7. Character choices are highly uneven…

Save the Date für den BSI-Kongress am 15. und 16. April

Save the Date! 📅
Der 21. BSI-Kongress findet vom 15.–16. April 2026 statt – jeweils von 9:30 bis 16:30 Uhr (virtuell).
Das Motto: „Cybernation Deutschland: gemeinsam, sicher, digital“

#BSI #ITSicherheit #Cybersecurity #CybernationDeutschland #DeutschlandDigitalSicherBSI

Our February meetup continues with Gary Archer speaking about Securing AI Agents.

Watch the live-stream 📺 here:
👇
www.youtube.com/live/VwSCOJW...

Chaos Computer Club: Was sind Alternativen zu Google, Paypal und Whatsapp? Amerikanische Techkonzerne bestimmen unseren digitalen Alltag. Der Chaos Computer Club will Alternativen bekannter machen. Dazu veranstaltet er auch im Rhein-Main-Gebiet digitale Unabhängigkeitstage.

An jedem ersten Sonntag im Monat: Wissen in kleinen Schritten vermitteln, praktikable Alternativen aufzeigen www.faz.net/aktuell/rhei...

Myth: "I only get viruses from sketchy sites." 🚫💻 Truth: Malware can come from any source, even legitimate websites through ads or downloads. Always stay vigilant and keep your software updated! #CyberMyths #Malware

A strong password manager is your friend for unique, complex passwords across all accounts. Protect yourself one login at a time. #CybersecurityTips #PasswordManager #InfoSec

Protect your accounts with unique, strong passwords. A password manager can help you keep track without memorizing dozens. Small steps make a big difference in your online security.
#CybersecurityTips #PasswordSecurity #OnlineSafety

🔒💔 Hackers know our weaknesses: they exploit fear and urgency to manipulate us into hasty decisions. It's not just about tech—it's about understanding human psychology. Stay vigilant and think before you click! #CyberSecurity #HumanPsychology

Microsoft adds Copilot data controls to all storage locations #cybersecurity #hacking #news #infosec #security #technology #privacy

Microsoft says bug causes Copilot to summarize confidential emails Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely ...

"Enterprise" Software Entwicklung... aha.

#KRITIS Sektor #IT und #TK

Microsoft says bug causes Copilot to summarize confidential emails

"Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails..."
www.bleepingcomputer.com/news/microso...

https://github.com/aws-samples/sample-agentic-frameworks-on-aws

CVEDatabase.com - Search CVE Vulnerabilities & Get AI Remediation Search CVE vulnerabilities instantly with CVSS scores, affected products, threat context, and AI-powered remediation guidance.

🔎 Tired of hunting CVEs across 5 different sites?

That’s why cvedatabase.com exists:
-Clean CVE pages
-No fluff
-Fast lookups
-Built for defenders
Start here → cvedatabase.com

#CyberSecurity #VulnerabilityManagement

NIS2, DORA, and the EU Post-Quantum Roadmap If you are a CISO under NIS2 or DORA, you are already expected to run a risk-management system that tracks material, evolving threats - and to implement “state‑of‑the‑art” controls appropriate...

CISOs under NIS2 or DORA: the EU's Post-Quantum roadmap makes quantum a material, evolving governance risk you must track. It's not "deploy X by Y"—it's about auditable crypto agility and timelines supervisors will use (2030–2035). Read: postquantum.com/quantum-poli... #PQC #CyberSecurity

The Boardroom Reality: How CISOs Are Talking About Cyber Risk in 2026 - Trusona Cybersecurity discussions in the boardroom have fundamentally changed. In 2026, CISOs are reframing cyber risk in business terms as boards demand accountability, prevention, and defensible decisions.

CISOs no longer just present metrics. They defend decisions. Directors want answers about how attackers gain access, if the risk was already known, and why the organization was exposed.

Read More: www.trusona.com/blog/boardro...

#CyberRisk #CISO #BoardGovernance #CyberSecurity #IdentitySecurity

Just spent millions on security tools but forgot to actually configure them. Peak enterprise. #CyberSecurity #TechDebt #Leadership

https://mgamble.ca/p/defence-in-debt-when-security-spending-doesnt-buy-security