WPSteam

joined 2 weeks ago
sorted by: new top controversial old
5
Who Owns Incogni? The Surfshark, Nord & Tesonet Chain (thecybersecguru.com)
 

Incogni was built by Surfshark in 2021 and is now owned by Cyberspace B.V., the Netherlands-registered holding company created when Surfshark merged with Nord Security in February 2022. That same corporate family, traced back to Lithuanian venture builder Tesonet, also backs Oxylabs, one of the largest residential proxy and web-scraping infrastructure providers on earth

Only approved phones can pass Google’s new reCAPTCHA, locking out privacy-focused alternatives in c/privacy@lemmy.world
[–] WPSteam@lemmy.world 6 points 21 hours ago* (last edited 21 hours ago)

As if current version of recaptcha isn't inconvenient enough...clicking all the proper boxes yet it shows up as failed😑

VPNs Promised Privacy. Here's How Several Got Caught Lying in c/privacy@lemmy.world
How a Single Rogue BGP Announcement Took Telegram Offline Across Three Continents in c/technology@lemmy.world
[–] WPSteam@lemmy.world 6 points 3 days ago (1 children)

Regarding announcing more specific prefixes — we did exactly that, and Reliance responded with even more specific ones. That’s when we realized this might not be incompetence, but malevolence.

https://x.com/durov/status/2067241316463886549

Durov's Reply to the BGP Prefix issue

84
How a Single Rogue BGP Announcement Took Telegram Offline Across Three Continents (thecybersecguru.com)
submitted 4 days ago* (last edited 4 days ago) by WPSteam@lemmy.world to c/technology@lemmy.world
3 comments fedilink
 

Telegram faced major connectivity disruptions after researchers reported that Reliance Communications’ AS18101 allegedly announced Telegram’s 91.108.56.0/22 IP prefix, a route normally originated by Telegram’s AS62041. The announcement reportedly spread through FLAG Telecom and reached international peers, causing Telegram traffic in India and parts of the UAE, Europe, and Asia to be misrouted or dropped.

The incident came around the same time as India’s temporary Telegram restriction linked to NEET exam security, but the network-layer impact went far beyond a domestic block. Researchers say the route should have been flagged as RPKI-invalid and filtered, raising fresh concerns about weak BGP security enforcement, poor route filtering, and how a single unauthorized routing announcement can disrupt a major platform across borders.

5
CVE-2026-53435: Jenkins Deserialization Chain, PoC & Patch (thecybersecguru.com)
 

A newly disclosed Jenkins vulnerability, tracked as CVE-2026-53435, is now being actively exploited in the wild. The flaw allows an authenticated attacker with relatively low privileges to POST a malicious config.xml file, abuse Jenkins’ deserialization handling, and route requests through Stapler to access sensitive files on the Jenkins controller.

The issue affects Jenkins weekly versions up to 2.567 and LTS versions up to 2.555.2. Successful exploitation can lead to arbitrary file read, user impersonation, Script Console access, and possible exposure of SSH keys, credentials, and internal Jenkins secrets. Administrators are urged to upgrade immediately to Jenkins weekly 2.568 or LTS 2.555.3, review logs for suspicious createView requests, and audit users with View/Configure, Item/Configure, or Agent/Configure permissions.

Visa plugs its payment network into ChatGPT, letting AI agents shop and pay for users in c/technology@lemmy.world
[–] WPSteam@lemmy.world 41 points 1 week ago (1 children)

Payment integrations with AI is NOT a good idea. I still remember a few years back a controversy that happened with Amazon's Alexa. Apparently, alexa speakers started ordering people dollhouses after hearing its name on TV. Yes ik ik you can disable purchases from amazon from the alexa app but by default, it was enabled.

This article covers it all: https://www.theverge.com/2017/1/7/14200210/amazon-alexa-tech-news-anchor-order-dollhouse

This is the main part

At the end of the story, Anchor Jim Patton remarked: “I love the little girl, saying ‘Alexa ordered me a dollhouse,’” According to CW6 News, Echo owners who were watching the broadcast found that the remark triggered orders on their own devices.

Google Chrome is killing all uBlock Origin bypasses, Microsoft Edge, Opera to follow in c/technology@lemmy.world
[–] WPSteam@lemmy.world 1 points 1 week ago* (last edited 1 week ago) (14 children)

Yet another reason to switch to brave..oh wait...brave is built on chromium so...will adblocker of brave also cease to exist? Will it get blocked too? Vivaldi ad blockers may stop too as afaik its based on opera engine

Anthropic/OpenAI may be spending more than $1000 for every $100 you pay them in c/technology@lemmy.world
[–] WPSteam@lemmy.world 9 points 1 week ago

AI Bubble burst coming sooner?

YouTube Premium just got more expensive again: now $16 a month, or $27 for families in c/technology@lemmy.world
[–] WPSteam@lemmy.world 4 points 1 week ago

And it'll increase further in the near future... Only for background play and Advert removal, 16/month is absurd considering they don't have any content licensing headache and as such unlike Netflix, Disney + etc. Also, in case of YT Music, royalties paid out to artists are pretty opaque and pretty turbulent. Better to buy albums directly to support them. Brave FTW otherwise for YouTube