From humble beginnings to a globally trusted security platform, Whonix continues to protect privacy every day.

#Whonix #Anniversary #CyberDefense #PrivacyByDefault #SecureByDesign #TorNetwork #DigitalProtection

With a dual-VM architecture and Tor routing, Whonix blocks even sophisticated spying and monitoring tactics.

#Whonix #SpyProtection #AnonymityOnline #SecureByDesign #NoIPLeaks #CyberDefense #PrivacyTools

Maximum Anonymity
With Whonix, your real IP never touches the internet, every connection is routed through a secure, leak-proof system.

#Whonix #AnonymityOnline #NoIPLeaks #PrivacyByDefault #SecureByDesign #TorPowered #CyberDefense

Software risk have changed. Modern security means continuous, identity-centric, AI-aware threat modeling woven into CI/CD and design practices. https://jpmellojr.blogspot.com/2025/12/why-ai-and-cloud-native-are-security.html #CloudSecurity #ThreatModeling #AIsecurity #SecureByDesign #CSA

Secure by Design. Privacy by Default.
Whonix is built on Kicksecure-hardened Debian and runs inside VMs — so your IP, identity & data stay protected.

#Whonix #CyberSecurity #Kicksecure #PrivacyMatters #SecureByDesign #PrivacyByDefault #Anonymity #TorNetwork #VMsecurity #DataProtection #CyberDefense #SecurityHardened #OpenSourceSecurity #DigitalPrivacy

Enhancing the software supply chain starts long before code reaches a scanner. It begins with the quality of the open-source components you bring into your ecosystem.

In our latest post, we break down why upstream integrity matters now and how a curated, source-built catalog is becoming a quiet advantage for more resilient software supply chains.

Link to post: https://www.activestate.com/resources/quick-reads/top-benefits-of-software-supply-chain-security-tools

#SoftwareSupplyChain #OpenSourceSecurity #SupplyChainSecurity #SecureByDesign #DevSecOps #AppSec

It's been a busy 24 hours in the cyber world with significant updates on nation-state activity, new malware campaigns, actively exploited vulnerabilities, and a push to dispel common security myths. Let's dive in:

Recent Cyber Attacks and Breaches 🚨

- Pro-Ukraine hacktivists from the Ukrainian Cyber Alliance (UCA) claim to have severely disrupted Donbas Post, a Russian state-owned postal operator in occupied eastern Ukraine, wiping over 1,000 workstations, 100 virtual machines, and several dozen terabytes of data.
- Harvard University disclosed a data breach affecting alumni, donors, and staff, stemming from a voice phishing attack on its Alumni Affairs and Development systems, exposing personal details but no financial or password data.
- Real-estate finance services giant SitusAMC reported a data breach impacting corporate data and some client customer data, though business operations were unaffected and no encrypting malware was deployed.
- Media conglomerate Cox Enterprises confirmed data theft affecting 9,479 individuals from its Oracle E-Business instances, attributed to the Clop ransomware gang's exploitation of Oracle software.

🗞️ The Record | https://therecord.media/hackers-knock-out-systems-russia-operated-post-ukraine
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/harvard-university-discloses-data-breach-affecting-alumni-donors/
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/real-estate-finance-services-giant-situsamc-breach-exposes-client-data/
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/23/infosec_news_in_brief/

New Threat Research & Malware Campaigns 🔍

- A new Shai-Hulud supply-chain campaign has infected nearly 500 npm packages, including popular ones like Zapier and ENS Domains, stealing developer and CI/CD secrets and leaking them to automatically generated GitHub repositories.
- Chinese state-sponsored APT 31 (Violet Typhoon) has been observed attacking Russian cloud environments, specifically targeting IT sector contractors for government agencies, using a mix of common and custom malware for persistent access and credential theft.
- ShadowPad malware, a modular backdoor linked to Chinese state-sponsored groups, is actively exploiting CVE-2025-59287, a critical deserialization flaw in Microsoft WSUS, to gain system-level remote code execution and install its payload.
- ESET researchers uncovered the Chinese-aligned PlushDaemon APT group deploying "EdgeStepper," a network implant that hijacks DNS traffic to malicious nodes, enabling the delivery of malicious software updates in adversary-in-the-middle attacks.
- CISA issued an alert warning about commercial spyware actively targeting mobile messaging applications, leveraging sophisticated social engineering, zero-click exploits, and malicious QR codes to compromise high-value individuals.
- New ClickFix attack variants are using highly deceptive fake Windows Update screens and steganography (embedding malware in PNG image pixel data) to trick users into executing commands that deploy LummaC2 and Rhadamanthys information stealers.
- CrowdStrike research revealed that the Chinese DeepSeek-R1 AI model generates significantly more insecure code (up to 50% increase in severe vulnerabilities) when prompts contain politically sensitive topics like Tibet or Uyghurs, highlighting potential geopolitical biases in AI outputs.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/shai-hulud-malware-infects-500-npm-packages-leaks-secrets-on-github/
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/24/asia_tech_news_roundup/
📰 The Hacker News | https://thehackernews.com/2025/11/shadowpad-malware-actively-exploits.html
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/23/infosec_news_in_brief/
🤫 CyberScoop | https://cyberscoop.com/cisa-alert-draws-attention-to-spywares-targeting-of-messaging-apps/
🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/clickfix-attack-uses-fake-windows-update-screen-to-push-malware/
📰 The Hacker News | https://thehackernews.com/2025/11/chinese-ai-model-deepseek-r1-generates.html

Critical Vulnerabilities & Exploitation ⚠️

- Five "trivial-to-exploit" vulnerabilities, including RCE and an 8-year-old path traversal flaw (CVE-2025-12972), were discovered in Fluent Bit, an open-source log collection tool widely used across major cloud providers and AI labs.
- These Fluent Bit flaws, if chained, could allow attackers to bypass authentication, achieve remote code execution, cause denial-of-service, manipulate tags, and potentially lead to full node and cluster takeover in Kubernetes environments.
- A years-old remote code execution (RCE) flaw (CVE-2025-64756, CVSS 7.5) was found in the CLI tool of the `glob` file pattern matching library, which is a universal part of the JavaScript stack, allowing malicious filenames to be executed as code on POSIX systems when the `-c` flag is used.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/24/fluent_bit_cves/
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/23/infosec_news_in_brief/

Regulatory Shifts & Software Liability ⚖️

- The UK's Business and Trade Committee has urged the government to introduce liability for software developers, incentivise business investment in cyber resilience, and mandate reporting of all malicious cyber incidents to bolster economic security.
- The Federal Communications Commission (FCC) has controversially reversed cybersecurity rules introduced after the Chinese Salt Typhoon espionage campaign, which aimed to force telecom carriers to harden their lawful intercept and other sensitive systems.
- Critics, including FCC Commissioner Anna Gomez and the Electronic Privacy Information Center (EPIC), warn that abandoning these enforceable requirements leaves the US less secure and creates a "safe harbor for insecure cybersecurity practices."

🗞️ The Record | https://therecord.media/software-companies-liable-britain-security
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/24/fcc_salt_typhoon_rules/

Debunking Cyber Myths & SBOM Challenges 🛡️

- A new initiative, Hacklore.org, launched by former CISA officials and over 80 cybersecurity professionals, aims to dispel common "hacklore" myths (e.g., frequent password changes, avoiding public Wi-Fi) in favour of practical, evidence-based advice like MFA, password managers, and timely updates.
- The initiative also advocates for software manufacturers to adopt "secure by design" and "secure by default" principles, committing to publishing roadmaps and timely CVE records to improve overall software security.
- Despite government efforts, Software Bills of Materials (SBOMs) adoption remains sluggish in the private sector, with experts divided on whether the rapid advance of AI-assisted coding will make SBOMs obsolete by generating vulnerability-free software, or if AI will simply introduce new complexities.

🤫 CyberScoop | https://cyberscoop.com/this-campaign-aims-to-tackle-persistent-security-myths-in-favor-of-better-advice/
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/24/hacklore_launch/
🤫 CyberScoop | https://cyberscoop.com/sbom-adoption-challenges-ai-coding-transparency/

Operational Security Blunder 🤦‍♀️

- The International Association for Cryptologic Research (IACR) must re-run its election for new board members after one of three trustees "irretrievably lost their private key," preventing the joint decryption of electronic voting results.
- This incident highlights a critical operational security failure in a system designed for multi-party control, underscoring the human element in cryptographic key management.
- The IACR plans to adopt a two-out-of-three threshold mechanism for key management and a clearer written procedure to prevent future occurrences.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/11/24/cryptologic_research_election_rerun/

#CyberSecurity #ThreatIntelligence #CyberAttack #DataBreach #Malware #Ransomware #SupplyChainAttack #Vulnerability #RCE #ZeroDay #APT #NationState #AI #SecureByDesign #SBOM #InfoSec #IncidentResponse

SonicWall acts after backup breach as state actors target cloud files

SonicWall has concluded an investigation into a security incident involving the unauthorised access of backup firewall configuration files…
#NewsBeep #News #Headlines #APISecurity #ChiefInformationOfficer(CIO) #DisasterRecovery(DR) #Firewalls #Latvia #LV #Mandiant #NetworkSecurity #Ransomware #SecurebyDesign #SecurityOperations #SonicWALL #Threatactors
https://www.newsbeep.com/262939/

"[SUNBURST] pushed us to think even more deeply about newer, emerging threats, resulting in Secure by Design, our pledge to set a new standard for trustworthy and secure software development across the industry."

#SudhakarRamakrishna, CEO, SolarWinds, 2025

This isn't an impressive or comforting as Ramakrishna seems to think. He's admitting their software wasn't secure by design from day 1. Nor in any of the years between 1999 and when they launched this #SecureByDesign reputation laundering.

🦃 Thanksgiving is coming up in the US. 🦃 What are you thankful for in software security? I wrote about the welcome progress on memory safety defects. What other areas are moving in the right direction? #SecureByDesign

https://medium.com/@boblord/29-years-since-smashing-the-stack-time-to-smash-memory-unsafety-itself-0af3c69c2b6c

I've been experimenting with implementing tactical Domain Driven Design patterns over the last few years. I have started documenting my experiences. This blog post is about a pattern I found in the book Secure by Design that I have been using since then: Domain Primitives.

https://katharina.damschen.net/post/2025-11-10-domain-primitives/

#ddd #domaindrivendesign #SecureByDesign #programming #softwaredevelopment #softwareengineering

💚 Happy 2nd Birthday, Cryptomator Hub!

Two years of protecting data, empowering teams, and redefining secure collaboration.

See what’s new and what’s ahead in our anniversary blog post: https://cryptomator.org/blog/2025/11/02/hub-anniversary/?utm_source=mastodon&utm_medium=email&utm_campaign=hub-anniversary-2025

#Cryptomator #CryptomatorHub #Anniversary #DataSecurity #PrivacyMatters #TeamWork #CloudEncryption #OpenSourceCommunity #SecureByDesign

🤣
What's your most funniest #CybersecurityAwareness story?!

In honor of #CybersecurityAwarenessMonth we're offering 15% off your entire order with code NCSAM15 (min. $30).

Because your good security habits deserve it!!

Valid until Nov 1.

Shop here: https://buff.ly/L9VgUXq

#AppSecVillage #CyberSecurity #PhishingAwareness #SecureByDesign

During #CybersecurityAwarenessMonth, this one hits hard 👇

Flax Typhoon turned ArcGIS — a trusted geo-mapping app into a stealth backdoor that lived for a year.

No malware, no exploit. Just weak creds + blind trust.

#SecureByDesign isn’t a slogan. It’s survival!

Article via Dark Reading🔗 https://www.darkreading.com/application-security/chinas-flax-typhoon-geo-mapping-server-backdoor

#AppSec #CyberSecurity #Infosec #SupplyChainSecurity

I'm joining @cheri_alliance@cheri_alliance@infosec.exchange as an ambassador, working to transform cybersecurity at its foundation.

Memory safety bugs cause 70% of cyber vulnerabilities, leading to disasters like OpenSSL Heartbleed and the 2024 CrowdStrike outage ($5.4 billion in losses). CHERI technology, developed over 15 years by Cambridge University and SRI International, prevents these attacks through hardware-enforced memory protection rather than endless software patches.

The momentum is extraordinary. The UK government invested £80 million alongside £200 million from industry, with backing from DSIT, NCSC/GCHQ, DSTL, and DARPA. Industry giants Google, Microsoft, and Arm have joined alongside BT Group and Siemens, recognizing that hardware-level security is no longer optional.

I'm particularly excited about our working groups porting critical operating systems to CHERI. FreeBSD, FreeRTOS, Zephyr, and seL4 have all been ported to run on CHERI hardware, with teams actively developing and maintaining these implementations. This ecosystem work ensures CHERI can protect everything from embedded IoT devices to enterprise servers, making memory safety accessible across the entire computing stack.

Microsoft found CHERI would have prevented two-thirds of their 2019 vulnerabilities. The technology is practical too – existing software often needs less than 0.03% code changes to become memory-safe. As we deploy AI and connect critical infrastructure, we can't afford to keep patching symptoms. CHERI addresses the root cause.

Join us in building secure-by-design systems. The Alliance welcomes all who share this vision. Let's stop playing defense and fundamentally solve memory safety.

#Cybersecurity #CHERI #MemorySafety #SecureByDesign

We’re honored to have Adam Shostack delivering a keynote at OWASP Global AppSec US 2025!

📅 November 3–7, 2025 in Washington, D.C.
💻 Training: Nov 3–5 | Conference: Nov 6–7
👉 Register to attend today: https://owasp.glueup.com/event/131624/register/

Adam is one of the world’s leading experts on threat modeling and secure by design.

His keynote is a must-see for anyone serious about building more secure systems.

#OWASP #AppSec #Cybersecurity #Infosec #WashingtonDC #ThreatModeling #SecurebyDesign

🚨🚩 2025: When file transfer becomes a #circus act involving #procurement #wizards and 'Secure by Design' jesters. Meanwhile, #glFTPd developers laugh from the sidelines, free from the clutches of corporate jargon and finger-pointing PDFs. 🎪🤹‍♂️
https://labs.watchtowr.com/is-this-bad-this-feels-bad-goanywhere-cve-2025-10035/ #filetransfer #SecureByDesign #humor #HackerNews #ngated

AI is an even playing field -- how secure by design can tip the scale [Q&A] #QandA #ArtificialIntelligence #SecureByDesign

https://betanews.com/2025/09/24/ai-is-an-even-playing-field-how-secure-by-design-can-tip-the-scale-qa/

🔐 This article changed the way I think about AI security. We always treated our models as ‘done’ once deployed—but now I see that's just the beginning. Thank you for this perspective! #GenAI #AIsecurity #PostDeployment #LLMSecurity #AIOwnership #ModelDrift #PromptInjection #RedTeamAI #SecureByDesign #ZeroTrustAI #AIGovernance #DevSecOps #SanjayKMohindroo #AIForGood
https://medium.com/@sanjay.mohindroo66/security-doesnt-end-at-deployment-d25902378e64

🚀 NEW on We ❤️ Open Source 🚀

SBOMs are the foundation of a more secure open source ecosystem. Alan Pope shows how Syft & Grype help you inventory & scan your software for vulnerabilities—fast, locally, and openly.

https://allthingsopen.org/articles/sbom-open-source-security-syft-grype

#WeLoveOpenSource #SBOM #OpenSourceSecurity #Syft #Grype #FOSS #DevSecOps #SecureByDesign