Lorenzo Ordóñez
@lordman1982
Followers
2K
Following
3K
Media
4K
Statuses
29K
https://t.co/SRn6CEeaCO
Joined October 2011
Cloudflare DDoSed itself with React useEffect hook blunder https://t.co/UjRXf3PQy7
theregister.com
: Dashboard loop caused API outage that was hard to troubleshoot
0
0
0
Mind the Gap: Time-of-Check to Time-of-Use Vulnerabilities in LLM-Enabled Agents https://t.co/D9nPG3JenD
arxiv.org
Large Language Model (LLM)-enabled agents are rapidly emerging across a wide range of applications, but their deployment introduces vulnerabilities with security implications. While prior work has...
1
0
1
UEFI Secure Boot for Linux Arm64 – where do we stand? https://t.co/CMOCJA9LgZ
theregister.com
: Still exotic for now, but moves are afoot
0
0
0
Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack https://t.co/TR3xucExqh
thehackernews.com
Over 40 npm packages trojanized to steal GitHub and cloud credentials via bundle.js malware
0
1
2
Ransomware crims broke in, found recovery codes in plaintext https://t.co/iHe43RIPq4
theregister.com
: Cautionary tale from the recent SonicWall attacks
0
0
0
MIL MILLONES DE EUROS en contratos menores por 'servicios y suministros' en la Consejería de Sanidad de Madrid Estos son los principales beneficiarios de la falta de concurrencia en la contratación de la sanidad pública madrileña Y sí, Fresenius Kabi es la del grupo de Quirón.
68
1K
2K
Destroy data on old laptops or face major liability https://t.co/hWiJi7naMj
theregister.com
: Doing a simple system reset may not be enough to save you from fines and lawsuits
1
1
2
Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass https://t.co/ErfedvArBg
welivesecurity.com
ESET Research has discovered HybridPetya, a copycat of the infamous Petya/NotPetya malware that adds the capability of compromising UEFI-based systems and weaponizing CVE‑2024‑7344 to bypass UEFI...
0
0
0
Microsoft to force install the Microsoft 365 Copilot app in October https://t.co/kHloxHbPsm
bleepingcomputer.com
Next month, Microsoft will begin automatically installing the Microsoft 365 Copilot app on Windows devices outside of the EEA region that have the Microsoft 365 desktop client apps.
1
0
1
California legislature passes bill forcing web browsers to let consumers automatically opt out of data sharing https://t.co/ywKk8BS8C5
therecord.media
Gov. Gavin Newsom vetoed an earlier version of the bill that also would have applied to mobile operating systems.
0
1
1
CISA weighs ‘alternative funding sources’ to preserve cyber vulnerability-tracking project https://t.co/VW3LOvjAkE
0
0
0
Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories https://t.co/5NaRk6Dd1S
thehackernews.com
Cursor ships with Workspace Trust disabled by default, exposing users to silent code execution risks
0
0
0
Samsung patches actively exploited zero-day reported by WhatsApp https://t.co/y604w2cqP0
bleepingcomputer.com
Samsung has patched a remote code execution vulnerability that was exploited in zero-day attacks targeting its Android devices.
0
0
0
Critical CVE-2025-5086 in DELMIA Apriso Actively Exploited, CISA Issues Warning https://t.co/XDceQspxg6
thehackernews.com
CISA added CVE-2025-5086 to KEV after active Apriso exploitation; agencies must patch by Oct 2, 2025.
0
1
1
Pentagon to officially implement CMMC requirements in contracts by Nov. 10 https://t.co/drpMecliI9
defensescoop.com
The Pentagon has posted the rule that will require all contracts to implement Cybersecurity Maturity Model Certification 2.0 standards moving forward.
0
0
0
Insider threat of students leading to increasing number of cyber attacks in schools https://t.co/qLTuURkUve
ico.org.uk
Over half of school insider cyber attacks caused by students
0
1
1
New RSL spec wants AI crawlers to show a license or pay https://t.co/3bN5D6B4Vt
theregister.com
: For whom the bill tolls
0
1
1
New York Blood Center Enterprises Notifies Individuals Affected by January Ransomware Attack https://t.co/vjZ1h03Xr3
hipaajournal.com
New York Blood Center Enterprises, the operator of 19 blood donor centers in New York and New Jersey, has notified the Maine Attorney General about its New York Blood Center Enterprises has started...
0
1
1
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research https://t.co/SC17vcoOJU
security.apple.com
Memory Integrity Enforcement (MIE) is the culmination of an unprecedented design and engineering effort spanning half a decade that combines the unique strengths of Apple silicon hardware with our...
0
0
0
ChillyHell modular macOS malware OKed by Apple in 2021 https://t.co/GUHf2LGQpv
theregister.com
: 'We do believe that this was likely the creation of a cybercrime group,' threat hunter tells The Reg
0
0
0