Sharepoint is in the news again. It is never a good thing when Sharepoint is in the news.

#technology #security #microsoft #sharepoint

washingtonpost.com/technology/…

[aur-general] - [SECURITY] firefox-patch-bin, librewolf-fix-bin and zen-browser-patched-bin AUR packages contained malware

lists.archlinux.org/archives/l…

#security #linux #ArchLinux

I found a vulnerability in git. CVE-2025-48384: Breaking git with a carriage return and cloning RCE - dgl.cx/2025/07/git-clone-submo…

As the post explains this is one of my favourite classes of vulnerability, using characters that are old and sometimes forgotten.

#git #security #rce #ascii

Why is security work unlike any other contribution to an open source project?

We need to re-think the tight association between maintainers and security work if we want sustainable open source security.

Read more: sethmlarson.dev/security-work-…

#opensource #oss #security #supplychain

Open Source Security work isn't “Special”

I gave this keynote at OpenSSF Community Day NA 2025 in Denver, Colorado. There will be a YouTube video recording available at a later date. This talk was given as the Security-Developer-in-...

^{sethmlarson.dev}

Psst 👋 Getting organized will become much easier soon.

Get excited for the next update. 🤩

Here's a sneak peek 🤫

#teaser #calendar #sneakpeek #privacy #security #tuta

Who says you can’t have #privacy and #security in an OS? Meet PureOS — the #Linux OS that respects you.

No ads
No trackers
No #surveillance
No terms of service traps

PureOS supports Purism’s Librem 5 & Liberty Phone.

More Info: puri.sm/posts/what-is-pureos-a…

heise+ | Delta Chat in Russland vor Gericht: Urteil gegen deutsches Entwicklerteam

Russland geht gegen den Messenger Delta Chat vor und nimmt eine Freiburger Firma ins Visier. Die wehrt sich und warnt zugleich die EU.

heise.de/news/Delta-Chat-in-Ru…

#Apps #Datenschutz #IT #Security #news

Delta Chat in Russland vor Gericht: Urteil gegen deutsches Entwicklerteam

^{Keywan Tonekaboni (heise online)}

🔐 "Fixing Desktop Keyrings"
with Dhanuka Warusadura at #GUADEC2025
📅 24 July 🕒 12:30 CEST 📍 Brescia
🧩 GNOME 49 plans to replace gnome-keyring with a new D-Bus Secret Service. Here’s what’s changing.

🔗 events.gnome.org/event/259/con…

#GNOME #Security #Keyring #OpenSource

🛡️ "The evolution of Linux targeted cyber threats"
with Pau Hoz at #GUADEC2025
📅 24 July 🕒 11:05 CEST 📍 Brescia

🔍 From supply chain attacks to evasive malware, Pau digs into how Linux threats are evolving—and what it means for FOSS security.

🔗 events.gnome.org/event/259/con…

#Linux #Security #FOSS #CyberThreats

Who says you can’t have #privacy and #security in an OS?

Meet PureOS — the #Linux OS that respects you.

No ads
No trackers
No #surveillance
No terms of service traps

PureOS supports Purism’s Librem 5 & Liberty Phone.

More Info: puri.sm/posts/what-is-pureos-a…

What Is PureOS? A Beginner’s Guide for iOS, Android, and Windows Users – Purism

Purism makes premium phones, laptops, mini PCs and servers running free software on PureOS. Purism products respect people's privacy and freedom while protecting their security.

^{Purism SPC}

Who says you can’t have #privacy and #security in an OS? Meet PureOS — the #Linux OS that respects you.

No ads
No trackers No #surveillance
No terms of service traps

PureOS supports Purism’s Librem 5 & Liberty Phone.

More Info: puri.sm/posts/what-is-pureos-a…

How can #OpenSource and #security be interconnected?
What will be the future of funding the open source-dependent public digital infrastructure?

These and many other questions will guide the discussion of our panelists:
🔸@bagder from #cURL
🔸@melanierieback from @ros
🔸Matteo Mole from @EuropeanCyber SecurityOrganisation
🔸Nicholas Gates from @OpenForumEurope
🔸Mirko Boehm from #TheLinuxFoundation

Join the webinar : europeanopensource.academy/for…

Our monocles crowdfunding is ongoing and we're so grateful for the support so far! Thank you!

monocles empowers you with open-source, community-driven messaging via XMPP, a privacy friendly email service, a cloud and more – for a transparent alternative for your digital life.

Help us create this real ethical digital solution, by the people, for the people. Every contribution makes a huge difference!

Be part of the journey & donate today ✊️: startnext.com/en/monocles

#xmpp #monocles #security

monocles - Privacy is not a feature. It is a right.

Secure communication, fair cloud, ethical hardware - monocles offers a digital solution without tracking, without surveillance, without compromise.

^{startnext.com}

Who says you can’t have #privacy and #security in an OS?

Meet PureOS — the #Linux OS that respects you.

No ads
No trackers
No #surveillance
No terms of service traps

PureOS supports Purism’s Librem 5 & Liberty Phone.

More Info: puri.sm/posts/what-is-pureos-a…

Lightweight open source Google reCaptcha alternative: ALTCHA leverages a proof-of-work mechanism to safeguard your website, APIs, and online services from spam and abuse. Unlike traditional solutions, ALTCHA is self-hosted, does not rely on cookies or fingerprinting, and ensures complete user privacy. It is fully compliant with GDPR, WCAG 2.2 AA-level, and the European Accessibility Act. github.com/altcha-org/altcha

#privacy #webdev #security #opensource

GitHub - altcha-org/altcha: GDPR, WCAG 2.2 AA, and EAA compliant, self-hosted CAPTCHA alternative with PoW mechanism and advanced anti-spam filter.

GDPR, WCAG 2.2 AA, and EAA compliant, self-hosted CAPTCHA alternative with PoW mechanism and advanced anti-spam filter. - altcha-org/altcha

^GitHub

Who says you can’t have #privacy and #security in an OS?

Meet PureOS — the #Linux OS that respects you.

✅No ads
✅No trackers
✅No #surveillance
✅No terms of service traps

Run it on Purism’s Librem 5 & Liberty Phone.

Link - What is #PureOS?: puri.sm/posts/what-is-pureos-a…

cURL-Maintainer: "Habe die Nase voll" – wegen KI-Bug-Reports

Bereits im vergangenen Jahr hat cURL-Entwickler Daniel Stenberg gegen KI-Bug-Reports gewettert. Nun hat der die Nase voll davon.

heise.de/news/cURL-Maintainer-…

#IT #KünstlicheIntelligenz #Security #news

cURL-Maintainer: "Habe die Nase voll" – wegen KI-Bug-Reports

^{Dirk Knop (heise online)}

Long passwords are important.

Source: reddit.com/r/dataisbeautiful/c…

#tech #technology #encryption #password #passwords #Security #cybersecurity #computing #computers #computer

Aufgepasst, wer ein Samsung Smartphone nutzt!

Samsung: Android-Zwischenablage speichert Passwörter zwischen
heise.de/news/Samsung-Android-…

#security #Android

Samsung: Android-Smartphones speichern auch Passwörter zwischen

Die Samsung-Tastatur auf Samsung-Smartphones listet im Verlauf auch alte kopierte Passwörter. Der Hersteller prüft mögliche Änderungen.

^{Dirk Knop (heise online)}

4Chan hacked; Taken down; Emails and IPs leaked

Apparently they were not only running an old, unsecure version of PHP their entire stack was outdated.

the-sun.com/tech/14029069/4cha…

#news #tech #technology #security #privacy #4chan #hack #breach #databreach

4Chan down UPDATES: Thousands of users report issues accessing controversial website...

CONTROVERSIAL website 4Chan has gone down for thousands with users unable to access the message board. More than 1,000 users of the site have logged complaints on the Downdetector website, which me…

^{Allan Glen (The US Sun)}

South Africa gets online system for reporting data breaches

“South Africa’s Information Regulator has launched an online platform for public and private entities to report security compromises. It has instructed all organisations to report any compromises through the system. The system is accessible through ...continues

See gadgeteer.co.za/south-africa-g…

#databreaches #security #southafrica #technology

South Africa gets online system for reporting data breaches

^{Danie (GadgeteerZA)}

@Tutanota users!

"jonahrichie09@gmail.com" does 100% *not* work at Tuta.

Do not under any circumstances click on the attached pdf.

#phishing #security #email

PS. The e-mail was forwarded to abuse@tutao.de as well as marked as phishing. DS

GrapheneOS version 2025032500 released:

grapheneos.org/releases#202503…

See the linked release notes for a summary of the improvements over the previous release.

Forum discussion thread:

discuss.grapheneos.org/d/21207…

#GrapheneOS #privacy #security

GrapheneOS version 2025032500 released - GrapheneOS Discussion Forum

GrapheneOS discussion forum

^{GrapheneOS Discussion Forum}

Getting started with XMPP/Jabber and PGP for federated, encrypted messaging

This is a short thread where I explain how I started using the XMPP protocol and PGP encryption for secure messaging. I am not a security expert, but I am a mathematician and I am confortable with the Linux command line. This guide is for people who want to use PGP for secure messaging easily. You will need to be okay with typing commands into the Linux command line in order to do this, but I will tell you exactly what to enter.

Part 1: XMPP

Mastodon is like email, but for social media. You sign up for an account with a server, and then you can talk with any other accounts that are signed up on other servers, as long as your servers are getting along. (No one wants emails from the sketchy spam server, and we want to be able to choose between Yahoo, Gmail, etc.) XMPP (a.k.a. Jabber) is the same thing for text messaging.

Just like signing up for an email/Mastodon account, you need to sign up for an account. You can find a list of servers at list.jabber.at/ and will probably at least need to provide an email addess when making an account.

Once you have made an account, you need a client. On Linux, I've been having a good time using Dino (dino.im/). You can then enter your account name and password to log into your XMPP account and start chatting! There are both public rooms and you can also message directly with your friends.

#security #PGP #XMPP #FOSS #Jabber #Dino #MonoclesChat

(1/4)

Dino. Communicating happiness.

A privacy-friendly messaging app for the desktop. It uses the XMPP protocol and provides a clean UI with modern features.

^dino.im

New Privacy Guides article 🔐✨
by me:

If you want to keep your password manager local-only, KeePassXC is a great solution!

It's free,
Open-source,
Easy to install and use,
Doesn't require an account,
Works on Linux, macOS, and Windows,
And the team is here! 👉 @keepassxc

Here's how to set it up with a YubiKey: privacyguides.org/articles/202…

#PrivacyGuides #KeePassXC #Privacy #Security #PasswordManager #Passwords #FOSS

"Google refuses to deny it received encryption order from UK government"

The UK’s encryption-breaking order for a backdoor into iCloud isn’t a one-off.

The secret hearing happening RIGHT NOW is bigger than just Apple. If the government wins, our right to privacy and security falls.

Other services will be hit.

therecord.media/google-refuses…

Sign our petition ➡️ you.38degrees.org.uk/petitions…

#e2ee #encryption #apple #google #privacy #security #cybersecurity #ukpol #ukpolitics #tech

Google refuses to deny it received encryption order from UK government

U.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K. — a mechanism to access encrypted messages that Apple reportedly received.

^{therecord.media}

📣 Break the silence: Save encryption!

The UK government wants to be able to access anything, anywhere, any time — from your pics to your docs.

It begins with Apple. Other services will be next. That's why we must take a stand NOW!

Sign and share our petition ⬇️

you.38degrees.org.uk/petitions…

#encryption #e2ee #Apple #privacy #security #cybersecurity #ukpolitics #ukpol #icloud #tech

Keep our Apple data encrypted

It is reported that the Home Office has ordered Apple to build a backdoor into its encrypted services so that they can get hold of content that any Apple user has upload to the cloud. Encryption keeps our private information safe and secure.

^{38 Degrees}

The message is clear across the political divide: let's hear it!

The UK government should argue in open court why they want to make us less secure by ordering a backdoor into Apple encryption.

A secret Tribunal would be an affront to the privacy and security issues at stake. It must be held in public.

Read the joint letter from ORG, Big Brother Watch and Index on Censorship ⬇️

openrightsgroup.org/press-rele…

#Apple #encryption #e2ee #privacy #security #cybersecurity #ukpol #ukpolitics #tech

Make the Investigatory Powers Tribunal on Apple Encryption a Public Hearing

Rights groups call for Apple’s closed appeal against the Home Office’s encryption-breaching order to be opened to the public.

^{Open Rights Group}

Bipartisan US Congress Members want the secrecy around the UK's encryption-breaking order to be lifted.

"It is imperative that the UK's technical demands of Apple - and of any other US companies - be subjected to robust, public analysis and debate."

“Secret court hearings featuring intelligence agencies and a handful of individuals approved by them do not enable robust challenges on highly technical matters.”

wyden.senate.gov/news/press-re…

#encryption #e2ee #Apple #privacy #security #cybersecurity

UK MPs have joined the chorus of voices wanting the Apple case to be held in public.

"If the Home Office wants to have effectively unfettered access to the private data of the (innocent) general public, they should explain their case in front of the public."

🗣️ David Davis MP.

"People deserve to know what's happening to their private personal information."

🗣️ Victoria Collins MP.

news.sky.com/story/apple-vs-ho…

#encryption #e2ee #Apple #privacy #security #cybersecurity #ukpolitics #ukpol

Apple vs Home Office encryption court battle must be held in public, say MPs

A row between the tech giant and the government over customer data will reportedly move to London's High Court this week – but the hearing will be held behind closed doors.

^{Tim Baker (Sky News)}

📣 Make it public!

The call is getting louder for a public hearing of the appeal over the UK's order to break Apple encryption.

Alongside the joint letter from ORG, Big Brother Watch and Index on Censorship, UK MPs, US Congress Members and the BBC want the secrecy to end.

bbc.co.uk/news/articles/c4g0rr…

#encryption #e2ee #privacy #security #cybersecurity #ukpol #ukpolitics #Apple #tech

Pressure grows to hold secret Apple privacy hearing in public

Civil liberties campaigners have joined US politicians and the BBC in saying Friday's hearing should not be secret.

^{Tom Singleton (BBC News)}

Nutzt ihr Antivirus-Apps auf eurem Android? Spart euch den unnötigen Ballast – sie bieten nur trügerische Sicherheit und sind oft voller Tracker. 👇

kuketz-blog.de/truegerische-si…

#android #security #google #tracking #virus #antivirus #app

Trügerische Sicherheit: Virenscanner-Apps sind schlichtweg überflüssig

Die Sicherheitsarchitektur von Android/iOS schränkt die Funktionsweise von Virenscanner-Apps stark ein und macht sie im Grunde nutzlos. Schlimmer: Die vermeintlichen Sicherheits-Apps sind Datenschleudern.

^{www.kuketz-blog.de}

🚨BREAKING🚨 The French National Assembly removed the backdoor section from the amendment to the #Narcotrafic law.

Read here how Politicians tried to undermine everybody's #security: tuta.com/blog/france-surveilla…

🙏 And thank you for fighting against this with us. This is a great win for privacy, yet, the battle is not over. Together we are strong! 💪

#backdoor #encryption #privacy #security

Everybody should learn how to use GPG.

gnupg.org/

#gpg #gnupg #encryption #security #privacy #cybersecurity #linux #pgp

The #Security #Trinity - spotted at @bitwarden explains how to secure your accounts with 2FA:

👉 bitwarden.com/resources/presen…

And rightly so: Because #encrypted email get even more secure with #2FA and #passwordmanagers 💪

Check out our top 3:
tuta.com/blog/best-password-ma…

France is about to pass the worst surveillance law in the EU.

Here's how you can stop them: 👉 tuta.com/blog/france-surveilla…

#backdoor #encryption #privacy #security

Here are some of our main takeaways from the EU Open Source Policy Summit 2025:💡 👨‍💻

— Open and collaborative innovation solves the dilemma of #competitiveness and #sovereignty
— Now is the time to invest in open source #maintenance and #security
— Building sustainable open source ecosystems remains challenging but necessary
— Open source is being increasingly regulated in Europe, and the new challenge is #implementation and #compliance

Read more in our new blog: 👇 🔗

openforumeurope.org/the-eu-ope…