David Busby @icleus
Senior SRE, DevSecOps - Paranoia is a virtue *** All my tweets are my own and may not reflect the opinion of my employer *** blog.oneiroi.co.uk UK Joined August 2008-
Tweets7K
-
Followers306
-
Following265
-
Likes6K
This aged unfortunately well.
Universities are backing themselves into a dangerous corner by becoming more expensive at the same time they're becoming less necessary.
When the gate is left open …
someone made a fork of opencode that routes through the unsecured ai endpoints from chipotle
‼️🚨 BREAKING: Another researcher skipped coordinated disclosure entirely and dropped a critical 1-click GitHub token theft in public because he doesn't want to deal with MSRC. In his own words: "I really don't want to deal with MSRC on VSCode bugs." The bug: just clicking a link can hand an attacker a GitHub token that reads AND writes to all your repos, including private ones. It lives in github[.]dev, GitHub's browser-based VSCode editor, which passes the browser an OAuth token that isn't scoped to a single repo. That token can touch everything you can. Researcher Ammar Askar found that VSCode's sandboxed "webviews" leak keyboard events to the main editor. A malicious repo opened via one link can simulate keystrokes, install a local extension that skips VSCode's publisher-trust check, and exfiltrate your token. He published a working proof-of-concept. He says when he reports github[.]dev bugs, GitHub tells him they're out of scope and to go report to MSRC, and a prior VSCode bug he reported was silently fixed with no credit. One commenter summed up the mood: "MSRC has turned into Feedback Hub."
Your phone is about to stop being yours. Android was sold to us as an open platform. Now Google wants every developer to register and submit ID just to let you install their apps. Every app and every device, worldwide, with no opt-out.
A Reddit user found out that Motorola phones have started hijacking the Amazon app to insert affiliate codes - on a phone that cost $1,900 - talk about greed..
😭 VS Code extensions are no different than browser extensions - high risk that you should be controlling with an allowlist Yes, review and approval processes suck, but IR sucks even more code.visualstudio.com/docs/enterpris…
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version,
⚠️ On May 16, 2026, we confirmed a targeted attack by a cybercrime group that gained unauthorized access to our GitHub repositories and downloaded our codebase. Here is the latest update about our investigations. grafana.com/blog/grafana-l…
A perfect visualization of the enshittification of Google search. linkedin.com/feed/update/ur…
Someone has open-sourced a software that sees you through walls using only WIFI signals. It uses the signal bouncing around your house to map human bodies in real-time, through walls. No cameras. No sensors. Just wifi. 100% Open Source.
🚨 Major supply chain attack targeting npm is in progress. Multiple packages compromised and injected with Shai-Hulud style malware. [email protected] (4.2M dl/mo) [email protected] (3.8M dl/mo) @antv/[email protected] (2.2M dl/mo) [email protected] (1.15M) @antv/[email protected] (1M) @antv/[email protected] (1.1M) @antv/[email protected] (975K) @antv/[email protected] (883K) @antv/[email protected] (751K) @antv/[email protected] [email protected] (4.2M) [email protected] (1.15M) @antv/[email protected] (1M) @antv/[email protected] (975K) @antv/[email protected] (751K) @antv/[email protected] (1.25M) @antv/[email protected] (547K)
If you think it’s bad now, just try to fathom how bad it’s going to be after vibe coding became a thing …
Security things from the last few days: - CopyFail (linux pwn'd) - CopyFail 2/Dirty Frag - 13 advisories in Next.js - Over 70 CVEs addressed in MacOS 26.5 - ~50 CVEs addressed in iOS 26.5 - YellowKey (Windows Bitlocker pwn'd entirely) - GreenPlasma (Windows privilege escalation)
Security things from the last few days: - CopyFail (linux pwn'd) - CopyFail 2/Dirty Frag - 13 advisories in Next.js - Over 70 CVEs addressed in MacOS 26.5 - ~50 CVEs addressed in iOS 26.5 - YellowKey (Windows Bitlocker pwn'd entirely) - GreenPlasma (Windows privilege escalation) - CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE - CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access - Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning) - Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too" - Canvas (popular LMS used in most schools) pwn'd entirely - PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300 Are you scared yet?
恐怖!用家Wi-Fi就能知道隔壁墙后的人在干什么! 开源项目 RuView 在GitHub已经冲到 5万+星,直接炸了! 完全不用摄像头,也不用戴任何设备,就靠家里普通的WiFi信号,就能穿墙透视: - 隔壁有几个人、在哪个位置、是走路还是躺着,全看得见 - 实时看人体姿态(17个关键点) - 睡觉时自动测呼吸和心率 - 有人跌倒立刻报警,动作识别超准 用WiFi CSI + AI,把你家路由器直接变成隐形雷达! 没有视频、没有录像,隐私安全拉满,天然符合GDPR,完全本地跑,不上云。 ESP32几块钱就能玩,Docker零硬件也能直接试。
Nothing humbles you like telling your OpenClaw “confirm before acting” and watching it speedrun deleting your inbox. I couldn’t stop it from my phone. I had to RUN to my Mac mini like I was defusing a bomb.
There is a whole game explaining why this is a bad idea.
ai data centers when they realize the ocean exists:
When the technical implementation fails to live up to expectations; who the F decided "good enough ship it" ... SMH
YouTube will be forced to push Pro-Censorship propaganda from the UK Government onto everyone's homepage soon. Creators are also starting to say YouTube is censoring this topic on their entire site So please share this video for the algorithm. youtu.be/wLPKiPhuVVk
YouTube will be forced to push Pro-Censorship propaganda from the UK Government onto everyone's homepage soon. Creators are also starting to say YouTube is censoring this topic on their entire site So please share this video for the algorithm. youtu.be/wLPKiPhuVVk
posting for posterity; and under the thought of how long until this is reality
Satire for the moment -> play on words as pointers can be dereferenced in the languages.
UK moves to make C & C++ programming languages illegal to stop based coders from dereferencing the online safety act.
Satire ... for now ...
Peter Zaitsev @PeterZaitsev
47K Followers 12K Following Founder at Percona - Open Source with MySQL, MariaDB, MongoDB, PostgreSQL Entrepreneur, Author, Speaker #mysql #mongodb #postgres #mariadb #opensource
lefred - @lefredbe.bs... @lefred
4K Followers 606 Following MariaDB Community Advocate. All you need to know is on https://t.co/AJYprUUNWJ ;-)
Nikki Morton @nikkiAmorton
898 Followers 974 Following Horses. Hiking. Fitness. Efficient observability at scale. OSS groupie.
Percona @Percona
16K Followers 3K Following Open Source Databases Run Better with Percona. Our expertise, software, services, and 24x7 support empower orgs to scale, optimize, and innovate w/o limits.
Percona Community @PerconaBytes
7K Followers 4K Following Databases are hard. We make them faster. ⚡ Deep dives on optimization, open source advocacy, and expert peer support. Stay portable: https://t.co/2oh0b9IvrS
Alkin Tezuysal @ask_dba
2K Followers 2K Following Open Source Database Evangelist -Born to Sail, Forced to Work! #mysqlcookbook4e #designandmodeling #mysqlrockstar #oracleacepro https://t.co/mcHsHWnypW
Justin Grayston @justingrayston
365 Followers 913 Following Father, Googler, Technical problem solver that likes all things Cloud, Typescript, Angular, Python and many other such things. Opinions are my own.
clairy17 @nder56684138
0 Followers 354 Following collecting sunsets and mutuals 🌇 always follow back
Elon Musk @elon93948
95 Followers 913 Following
Kristine Natalie @KNatalie3306
3 Followers 171 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/2PHGWea0bx
FreddyRotenberg @FreddyRote81995
48 Followers 2K Following
ALL-Samanta Leitão @McShafe81107
5 Followers 752 Following Melhores de meio período,junte-se a All,ganhe mais de 200 por dia,se você estiver interessado,tome a iniciativa de conversar comigo em particular!
/adrian//alien8 @alien8
2K Followers 708 Following Founder alien8 Security, Threat Condition, @infosec_city Co-Founder @44CON, Cortex Insight , Retired Defcon goon. I ride bikes. Likes *good* coffee.
Matthew Toussain @0sm0s1z
7K Followers 2K Following 🏳️🌈 Founder @_OpenSecurity_ // Former @BHInfoSecurity // Former SANS // Former USAF / Former me… #RedTeamFit /https://t.co/TkCZZSc4xA
࿆࿆࿆࿆࿆࿆࿆... @HikeInstead
21K Followers 3K Following Moderate extremist researcher. Opinions expressed here are those of your mom's employer.
0V3RR1D3 @techitupke
3 Followers 161 Following
yesterday’s parody @infoseccrow
891 Followers 895 Following Not here. Present on @[email protected]. Active on https://t.co/3Z8YYXY7nq at the sky place 🏳️⚧️ ally #actuallyautistic #AuDHD he/they
Yekki @Yekki_1
1K Followers 582 Following Phil - stumbling towards IT & Infosec, 90% retweets! I do blogs and stuff: https://t.co/fXVrLK56Kq
Friend of Jamis @BrWiSmith
342 Followers 4K Following Anxiety a Superpower Banner via @SwiftOnSecurity
Mh Asif Kamal @mhasif0786
139 Followers 2K Following Looking for DevOps Engineer role || Software Engineer II at Akamai l Ex- DevOps Engineer at Netskope | https://t.co/Hp9TSHHhgu From NIT Bhopal
Katie Busby @katiechoccy
32 Followers 92 Following 28 years Old , Sagittarius ♐ , Married to my Viking man ❤️💙
Mukesh kumar @mukeshkumarmodi
100 Followers 420 Following NoSQL DBA, Apache Cassandra Certified professional, MongoDB, Cassandra
Rachel Pescador @PescadorRachel
85 Followers 91 Following Brit abroad in Madrid. Working remotely as Manager of Marketing Communications and Content for Percona, the open source database experts. All opinions my own.
TORDARKNET @TORDARKNET
10 Followers 767 Following Privacy Advocate, Developer, Sys Admin | GPG Key EE89 472F 050D 5B02 C954 E413 53A0 DE36 232D 1D2B 3559 | All tweets are my own personal views & opinions
Eazhumalai @Eazhumalai
7 Followers 58 Following
Ellie Olsovszky @eolsovszky
129 Followers 281 Following Business Consultant. MBA. #remotework advocate. Data enthusiast and operations nerd.
Lea822 @Lea8221
1 Followers 9 Following
Virginia Real de Azua @azua_virginia
106 Followers 359 Following
Aleksey “AlekSi” ... @paaleksey
1K Followers 942 Following 🎲 Pseudo-random person. 👨💻 @ferret_db. 🐹 #golang gopher. Prev: 🎙 @golangshow co-host. 📢 @GopherConRu and #GolangMoscow organizer/speaker. 🕊
Shiv Iyer @thewebscaledba
1K Followers 4K Following Entrepreneur & Investor | Founder & CEO, MinervaDB & ChistaDATA | Database Systems | SQL | Column Stores | NoSQL | DBaaS | Data Analytics | OLTP | GCC
Shah Raj @raj_prince65
853 Followers 4K Following Computer Engineer #Python Developer #Django Developer #MERN STACK DEVELOPER #FLUTTER DEVELOPER
Bronwyn Campbell @bron_campbell
406 Followers 534 Following 🌍 Remote Worker 🐝 Events & Campaigns @ Yugabyte 🏡 Ireland 🙋♀️Views are my own
Percona Jobs @PerconaJobs
463 Followers 359 Following The open source database revolution is here. Join us today and help build the future! 💻Percona Careers #remotework 🌎Adventure Team @perconarocks
Alex Weibel @alex_weibel
624 Followers 5K Following Sr. Software Engineer building open source cryptographic libraries @AWS Cryptography. Working on Post-Quantum TLS, s2n, ACCP, and FIPS. My views are my own.
Rezaul Hoque Turjo @TurjoAt
224 Followers 913 Following Founder @theNextctl | Helping SMEs with Digital Automations & Cloud Solutions
batwan @batwan11
0 Followers 9 Following
Andrew Case @attrc
27K Followers 5K Following @Volatility Core developer, Dir. of Research @Volexity, @lsucyber, The Art Of Memory Forensics Co-Author
Emily Robinson @AZEmilyRobinson
192 Followers 4K Following #DataProfessionals, #DataPrivacy, #WorldClassEducation, #STEM Opinions expressed are my own. RTs and likes are not endorsements. twitter at azemily . c o m
Alexander Blinkov @A_Blinkov
43 Followers 109 Following
KitKat @K4tTr33
2K Followers 1K Following Senior Cybersecurity Consultant | Former Protector of Magic 🏰✨| #DFIR 💙 https://t.co/zrwbXwRNM1./Ph.D #InfoSec #CURIOSITY & #COFFEE~! ☕☕💕 @DeadPixelSec
allie🖤✨ @ac1dgoddess
23K Followers 4K Following infosec vampire; OG linux&cloud punk🤘🏼@hacknotcrime advocate; @notasockpuppet1 is bae 💍 views are mine.
Phillip Wylie @PhillipWylie
52K Followers 20K Following Chief Security Evangelist & Sr. Consultant & @suzulabs | Offensive Security Expert | Phillip Wylie Show Podcast Host @thehackermaker | @pentesterblue coauthor
Asif Wani @KernelCrypt
103 Followers 311 Following Security Engineering Manager @ DigitalOcean | Ex-Amazon | Security Researcher | Malware Artist
ProxySQL @proxysql
1K Followers 507 Following A high-performance L7 proxy for MySQL and PostgreSQL protocols . 100% open source. Contact us for 24/7 Support, DBRE, Consulting & more!
Peter Zaitsev @PeterZaitsev
47K Followers 12K Following Founder at Percona - Open Source with MySQL, MariaDB, MongoDB, PostgreSQL Entrepreneur, Author, Speaker #mysql #mongodb #postgres #mariadb #opensource
lefred - @lefredbe.bs... @lefred
4K Followers 606 Following MariaDB Community Advocate. All you need to know is on https://t.co/AJYprUUNWJ ;-)
Percona @Percona
16K Followers 3K Following Open Source Databases Run Better with Percona. Our expertise, software, services, and 24x7 support empower orgs to scale, optimize, and innovate w/o limits.
Percona Community @PerconaBytes
7K Followers 4K Following Databases are hard. We make them faster. ⚡ Deep dives on optimization, open source advocacy, and expert peer support. Stay portable: https://t.co/2oh0b9IvrS
Alkin Tezuysal @ask_dba
2K Followers 2K Following Open Source Database Evangelist -Born to Sail, Forced to Work! #mysqlcookbook4e #designandmodeling #mysqlrockstar #oracleacepro https://t.co/mcHsHWnypW
Justin Grayston @justingrayston
365 Followers 913 Following Father, Googler, Technical problem solver that likes all things Cloud, Typescript, Angular, Python and many other such things. Opinions are my own.
Sherpa @LLMSherpa
7K Followers 2K Following simplicity, patience, compassion. fundamentals, ai red teaming, experiments. liberating ai models @ https://t.co/v3fsqLUZOJ & mining prime gaps @ https://t.co/8Or8ftyxJW
JS0N Haddix @Jhaddix
176K Followers 7K Following CEO, CISO, Trainer, Hacker, and Speaker. Cybersecurity + Hacking + AI + Sec Leadership @arcanuminfosec
KarthiDreamr @KarthiDreamr
446 Followers 432 Following building https://t.co/1Lov2aJFZW at @injectprompt AI Red Teamer 👾 Software Architect 🤖 LLM Safety
Shiv Iyer @thewebscaledba
1K Followers 4K Following Entrepreneur & Investor | Founder & CEO, MinervaDB & ChistaDATA | Database Systems | SQL | Column Stores | NoSQL | DBaaS | Data Analytics | OLTP | GCC
HiddenLayer @hiddenlayersec
817 Followers 24 Following HiddenLayer helps enterprises safeguard the AI models behind their most important products with a comprehensive security platform
Matt Yonkovit @MYonkovit
1K Followers 744 Following A man of many hats. Open Source Advocate. #databases, #opensource #mysql #percona #mongodb #mariadb #postgresql ... and yes a CLE Browns Fan! opinions my own.
Katie🌻Moussouris (... @k8em0
109K Followers 10K Following @LutaSecurity CEO @payequitynow MIT&Harvard visiting scholar, @MasonNatSec fellow, 1/2 Chamoru, hacker @k8em0.bsky.social Legacy blue check
Roman Vynar @rvynar
73 Followers 16 Following
Car Hacking Village @CarHackVillage
13K Followers 876 Following
SeCURiTY NiHiLiST @a8n_pub
3K Followers 2K Following (@autom8on --protection) *long* term veteran of the UK security industry. Old. Grumpy. Cynical. Argumentative. ;-p I’m obsessed with locks, expect pictures…
Bad Packets by Okta @bad_packets
51K Followers 2 Following We provide cyber #threatintel on emerging threats, DDoS botnets, and network abuse.
Jake Williams @MalwareJake
149K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
yesterday’s parody @infoseccrow
891 Followers 895 Following Not here. Present on @[email protected]. Active on https://t.co/3Z8YYXY7nq at the sky place 🏳️⚧️ ally #actuallyautistic #AuDHD he/they
Jamie Duxbury @w1bble
1K Followers 2K Following InfoSec geek + social skills (ie: ability to talk to people as well as computers); All views my own. He/Him #ADHD Starting to live again after years of existing
Flipper Devices @flipper_net
105K Followers 152 Following A portable multi-tool device in a toy-like body for pentesters and hardware geeks. Buy worldwide here ➡️ https://t.co/n09EKVnYgQ
MalwareTech @MalwareTechBlog
272K Followers 1 Following Not here anymore. Profiles: https://t.co/sFoOuGmYK2
Katie Busby @katiechoccy
32 Followers 92 Following 28 years Old , Sagittarius ♐ , Married to my Viking man ❤️💙
Marco Tusa @marcotusa
274 Followers 87 Following
Sophia 🦊 @spookphia
9K Followers 1K Following Threat Intelligence & Security• GT86, Cooper S & MK1 MX5🏁 • @Security_Queens co-founder 👑 • Cyber Hunter @Hunted_HQ 🕵• @LHS_Chelt Admin 💚 • Views are my own
Intel Point Alert @IntelPointAlert
133K Followers 2K Following Informant reporting major incidents as they occur throughout the United States.
Dan Kaminsky @dakami
83K Followers 414 Following We can fix it. We have the technology. OK. We need to create the technology. Alright. The policy guys are mucking with the technology. Relax. WE'RE ON IT.
failOpen @failOpen
1K Followers 212 Following Don't be shitty. 🏳️🌈 Black Lives Matter Mostly afk, no notifications on. Twitter is awful.
F-Secure Consulting @FSecure_Consult
9K Followers 714 Following Technical research and business insights for the intellectually curious. #cybersecurity #infosec
Tim Tomes @LaNMaSteR53
8K Followers 122 Following Believer † | Husband :-* | Father \o/ | Veteran o7 | PractiSec | "Burp Suite master and king of making HTTP requests tremble."
Cannibal 🎃 @Cannibal
9K Followers 833 Following Ex medical infosec. Red team. Threat hunter. Patient safety. Locksport. Metal work. Rapid prototyping. 3D Printing. I break things.
𝐆𝐑𝐈𝐌𝐅�... @TheGrimfrost
16K Followers 6 Following ᚴᚱᛁᛘᚠᚱᚬᛋᛏ® ᛫ Let the past inspire the present ᛫ Modern and historical Viking products from Sweden
GL.iNet @GLiNetWiFi
6K Followers 970 Following We are a leading developer of #OpenWrt pre-installed #networking products and a #cybersecurity solution provider, also offering quality #IoT services.
mewtype.online on tw*... @ComradeEevee
8K Followers 2K Following DevOps Bard. Tragic Gay Magical Cat Enby. Shitposts galore. Computer booper, into volcano yeeter. @[email protected] if the bird dies 🏳️🌈
TC Johnson 🅅 @TC_Johnson
8K Followers 2K Following Dad, husband, pentester, Traveling Man, oddball -- All views/opinions expressed are mine (This account is fun, not professional) -- https://t.co/TMLrXF4zg8
lil Limewire @timmydoomsday
1K Followers 0 Following DMs open anywhere but here. he/him. My tweets are my own.
Whitney Champion 🍪... @shortxstack
29K Followers 11K Following security architect / cofounder @Recon_InfoSec / cofounder @DDI_training / ♥️♥♥ == @eric_capuano, nerdery, rainbows, sweatpants | she/her 🤍🌿🍄🌈🫶
gabsmashh @gabsmashh
109K Followers 3K Following security strategist | 2L JD Candidate | NYU alum | UMGC adjunct professor | DVC-YR USCG AUX
allie🖤✨ @ac1dgoddess
23K Followers 4K Following infosec vampire; OG linux&cloud punk🤘🏼@hacknotcrime advocate; @notasockpuppet1 is bae 💍 views are mine.
Phillip Wylie @PhillipWylie
52K Followers 20K Following Chief Security Evangelist & Sr. Consultant & @suzulabs | Offensive Security Expert | Phillip Wylie Show Podcast Host @thehackermaker | @pentesterblue coauthor
Accidental CISO @AccidentalCISO
59K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.
RF Hackers Sanctuary @rfhackers
11K Followers 148 Following The Radio Frequency Village Team from all your favorite hacker cons. Discord link on our website.
wallofsheep @wallofsheep
14K Followers 1K Following We capture sheep. Official hashtag for Black Hat and Defcon #WOS Also on Mastodon at @[email protected]
Steve Pordon (@legion... @Legion303
308 Followers 84 Following This account is now completely inactive. DMs will not be checked. Catch me on Mastadon instead: @[email protected]
sshell @sshell_
10K Followers 1K Following AI offensive security at @RunSybil (prev. @BishopFox). security research. ccdc red team. tummy ache survivor.You might like
