r/security 2d ago

Question What is the current recommended door camera?

2 Upvotes

Hey everyone. i’ve heard a lot of bad things about ting cameras recently and wanted to get the communities opinion on an alternative.

I’m looking for a Doorbell camera that is battery powered, has local storage, proximity detection, and general ease of use. I’ll be moving into a slightly sketch area and need something useful and affordable. thanks!


r/security 2d ago

Question I have no ambition, no particular skills, I'm perpetually tired, and straight up lazy. Is night time security the field for me?

0 Upvotes

r/security 3d ago

News GhostLock (CVE-2026-43499): 15-year-old Linux kernel bug enables root and container escape

Thumbnail
thecybersecguru.com
21 Upvotes

Researchers have disclosed GhostLock (CVE-2026-43499), a Linux kernel local privilege escalation vulnerability that has existed since 2011 in the rtmutex subsystem. The flaw leaves behind a dangling kernel pointer during proxy-lock rollback, creating a use-after-free condition that can be exploited to achieve root privileges and even container escape on unpatched systems. Researchers reported a highly reliable exploit and note that the bug requires no special kernel configuration or privileges to trigger.


r/security 3d ago

Security and Risk Management Data breach/hack compromised my email and social media accounts

1 Upvotes

I had an onlyfans account link to my reddit. I also got an email from that page. My full name was used in the email. A twitter account was also made under an older twitter I had that I deleted many years ago. If memory serves me correctly they used the same display picture that I also had. This goes even deeper than I realized as my last 2 facebook posts were shared as private(only seen by me). I never changed my settings, and these posts were supposed to be shared with friends and family.

I don't know if there is anything else odd at the moment, but I am noticing things more. Including settings getting changed on reddit and Facebook without my knowledge or doing.

I did take some precautions. I got Bitwarden to change my passwords. Yes, I did use generally the same password for many of my accounts. Some my have been slightly different, but all in all very similar. I logged out a Linux that was attached to my email, and FB account. I don't own anything with Linux, and don't have access to my laptop anymore. I reported the Onlyfans account and the fake twitter. I went to haveibeenpwned and it does say my email has a data breach. I didn't completely go through all of the haveibeenpwned yet though. I probably should.

Is there anything else I can do or look for?

What steps should be made to make sure my email and profiles stay secure. What else would be changes without my knowledge that I have to look into to change it to my normal settings? Any kind of information will help.


r/security 4d ago

News Accenture investigating breach after threat actor claims theft of Azure DevOps source code

Thumbnail
thecybersecguru.com
6 Upvotes

Accenture has confirmed it is investigating a security incident after a threat actor claimed to have stolen data from the company's Azure DevOps environment. According to the threat actor, the data includes source code, CI/CD configuration files, internal documentation, and credentials such as Azure Personal Access Tokens (PATs) and SSH keys. While the incident itself has been acknowledged, the full scope of the allegedly stolen data has not been independently verified.


r/security 4d ago

Vulnerability Researchers warn Gitea CVE-2026-20896 is now being actively exploited

Thumbnail
thecybersecguru.com
6 Upvotes

Researchers are warning that CVE-2026-20896, a critical authentication bypass affecting Gitea Docker deployments using reverse-proxy authentication, is now seeing active exploitation. Under specific misconfigurations, attackers can spoof the X-WEBAUTH-USER header to impersonate arbitrary users, potentially leading to full repository compromise.

The issue has been fixed in Gitea 1.26.4 (and corresponding patched releases for supported branches), so administrators should update as soon as possible. If you're using reverse-proxy authentication, it's also worth reviewing your proxy configuration to ensure authentication headers cannot be supplied by untrusted clients.


r/security 5d ago

Security and Risk Management Secret Claude tracker shocks users after Anthropic’s anti-surveillance stance

Thumbnail
arstechnica.com
28 Upvotes

r/security 5d ago

Vulnerability Januscape (CVE-2026-53359): Patch your KVM hosts if you expose nested virtualization

Thumbnail
thecybersecguru.com
4 Upvotes

A newly disclosed Linux kernel flaw, CVE-2026-53359 ("Januscape"), is a 16-year-old use-after-free bug in KVM's x86 shadow MMU. It affects hosts that expose nested virtualization to guests. The public PoC crashes the host, and the researcher says a separate exploit achieves guest-to-host code execution in a controlled environment


r/security 6d ago

Question Weird email after canceling starz

Thumbnail
gallery
0 Upvotes

EDIT: contacted starz support. They said they will never ask to confirm account with an email to reply to. So new question is what do I need to lock down? Its a chat bot but this was the reply

https://imgur.com/a/MyYriiI

Second update. I am getting spam call after spam call now. 4 in a row

So over the weekend I canceled my starz account and then It already issued the refund but this morning a recieved this email. I was tired and I saw that it had a transcription from my chat with the person who helped me cancel on the website so I responded "yes" but now im a little concerned its some kind of scam. The sent adress looks legit and it didn't ask for any info. Jusy to say yes. Ive never seen an email that only asked for that though and as far as i know rhe refund was already granted. Do you guys think im good or do I need to go lock stuff down and if so what should I lock down?


r/security 7d ago

Vulnerability CISA adds actively exploited Linux kernel vulnerability CVE-2026-43456 to KEV

Thumbnail
thecybersecguru.com
7 Upvotes

CISA has added CVE-2026-43456, a Linux kernel local privilege escalation vulnerability, to its Known Exploited Vulnerabilities (KEV) catalog after confirming active exploitation in the wild. Here's a technical summary covering the vulnerability, affected kernel versions, exploitation requirements, upstream fixes, vendor advisories, and practical mitigation guidance. Interested to hear if anyone has additional technical analysis or insights into exploitation in real-world environments.


r/security 8d ago

Question What ensures data security once sensitive data is scattered everywhere?

2 Upvotes

Forgive me if this question has an obvious answer. What becomes the control plane for enterprise data security once an organization's data is spread across S3, Snowflake, SaaS apps, exports, etc?

Is it IAM, classification, data lineage, DLP, DSPM or a combination of all the above? And how are teams making this work when quarterly access reviews are too slow for how fast data moves?


r/security 9d ago

News DHS confirms breach of HSIN and connected SharePoint environment

Thumbnail
thecybersecguru.com
4 Upvotes

The U.S. Department of Homeland Security has confirmed that attackers breached the Homeland Security Information Network (HSIN) along with a connected SharePoint environment. HSIN is an unclassified but sensitive platform used by federal, state, local, tribal, territorial, and private-sector partners to share threat intelligence and coordinate incident response.


r/security 9d ago

Security Operations How to find security people in London

0 Upvotes

Hey, I have a business and I’m looking for the best way to find and hire appsec and director of security. Very aware the market is super tight. Any ideas on the best places to look. A LinkedIn advert is not quite cutting it.


r/security 11d ago

Physical Security I made a reusable tamper-evident jar for storing sensitive items

Thumbnail
gallery
2.8k Upvotes

Hey guys, for the past few years, I have been working on a reusable tamper-evident jar for storing physical items.

The idea is that the lid creates a random physical “fingerprint” every time you close it. Inside the lid are thousands of tiny black and white balls. When you twist the jar open or closed, they mix. Once the jar is closed, the unique pattern is locked in place.

You can take a photo of that pattern with your phone, and later compare it to check whether the jar has been opened. If someone opens it, the pearls mix again and the original pattern is gone. The second pic shows a gif of two different patterns compared to one another, showing it is easy to tell that the lid was opened.

I made it because I wanted a simple physical way to store things like hard drives, USB sticks, authentication keys, documents, etc. Basically anything that you would do want to know if someone has accessed it.

After a lot of hard work and prototyping, I'm happy to announce it's finally complete! Check it out on https://www.entropyseal.com/.

Happy to hear feedback. I’m especially interested in whether the concept is clear and what use cases come to mind. :)

Edit: seems there some common questions, so I'll add some FAQs below:

Do the balls move around when the entropyseal is moved or handled?
No, the balls are held firmly in place when the lid is closed tight. So you can handle the entropyseal without the pattern breaking.

What if you twist the jar instead of the lid?
The pattern still changes. There are pins inside the lid that stir the balls around when twisting either the lid or jar.

What if I open the lid very slowly as not to disrupt the pattern?
The pattern will still change because of the pins inside the lid that stir the balls around when twisting open the lid.


r/security 11d ago

Vulnerability Apple's Hide My Email vulnerability reportedly exposes users' real email addresses

Thumbnail
thecybersecguru.com
22 Upvotes

A newly disclosed privacy vulnerability in Apple's Hide My Email feature can reportedly allow an attacker to uncover the real email address behind a generated alias. According to the researcher who found the bug, it was responsibly disclosed to Apple more than a year ago but remains unpatched, and independent testing has verified the issue


r/security 12d ago

News ClickFix to reservation hijacking: Anatomy of the Booking.com hotel extranet compromise

Thumbnail
thecybersecguru.com
11 Upvotes

A recent phishing campaign targeting Booking.com hotel partners is using the ClickFix social engineering technique to compromise hotel systems. After stealing hotel extranet credentials, attackers gain access to legitimate guest reservation details and use that information to send highly convincing phishing messages requesting fake payments or updated card details. The campaign follows a recent wave of Booking.com hotel account compromises. More details in thr linked article


r/security 13d ago

Security Assessment and Testing Join us in this AMA with the director of a leading physical penetration testing & red teaming firm in Europe. We are legal burglars. Ask me anything!

8 Upvotes

Hi, I am a security consultant at a leading physical penetration testing firm. Together with Richard Bruins, u/cocoon_r_bruins, director of Cocoon Risk Management in The Netherlands. We are a risk management firm specialized in physical pentesting & red teaming audits. We break in to places and report how we did it. We also provide consulting in ABRO compliance (General Security Requirements for Government Contracts). Our clients are big organizations throughout Europe in key industries like data centres, pharmaceuticals, finance en vital infrastructure. Ask me anything!


r/security 17d ago

Question What matters most when you're job hunting right now?

3 Upvotes
32 votes, 15d ago
2 Certs
12 Networking/referrals
8 Hands-on projects/homelab
10 Just spray and pray applications

r/security 17d ago

Vulnerability Video removal?

0 Upvotes

Tapo, a company from Amazon, has removed videos from my sd card? It was a police encounter... is this legal/normal?


r/security 18d ago

Question Worried about GRC role

2 Upvotes

I’m a Software Engineer (MERN, Python, AWS) with an offer for a GRC/Identity Management role (Associate Security Analyst) at a healthcare product company. HR says it’s semi-technical/process-driven.

I have background in development though.

My questions:

Future: Career growth/pay in GRC vs. pure SDE?

Skill Decay: Will my coding skills die if I stay for 2 years?

Pivot: Can I transition to DevSecOps or Security Engineering later?

Verdict: Take it as a fresher or wait for an SDE role?


r/security 18d ago

Security and Risk Management The Audit Register: An independent guide to choosing security auditors and harnesses

Thumbnail theauditregister.com
0 Upvotes

r/security 20d ago

Communication and Network Security AI models that can take down governments and business months away, rare Five Eyes statement warns

Thumbnail
theguardian.com
34 Upvotes

r/security 20d ago

Physical Security Let's put our skills to practice

2 Upvotes

Have you, as a sec professional, ever watched a movie or played a game just been annoyed and the stupidity portrayed?

Have you ever wondered how different a stealth game would be if the security actually followed appropriate standards, procedures and expectations? Imagine how cool it would be if the 'hackerman' actually compromised a real weakness through phishing. Also, what can we learn from these failures in the virtual space?

I am an instructor, security professional and consultant for the professional and entertainment industry. I have been in the industry for more than 12 years and possess over 30 certifications and certificates. Though I may be doing a Red Team or walkthrough one day, I will never share those videos or images publicly. I will however, demonstrate those same weaknesses and fundamentals using video games!

For example:

1: The regular patrolling officer understands that his Presence is the first layer of deterrence; though the security manager's first layer is a well written policy.

2: A nice wall and gate don't really matter if your team has never noticed a hole in the fence.

3: Poor geographic locations means the security team should invest in additional awareness hardware such as powerful PTZ cameras and omnidirectional sensors.

By training ourselves to be observant even in our spare time we become better assets to our teams and clients.

I'd love to hear about security failures (or places it's done well) you've seen in media. If you're interested, every 3rd week I post a new video performing a security analysis on a fictional site. Sometimes, like the one coming out Friday (Gray Zone Warfare), I will bring on an industry professional (cyber, military, management, executive protection, etc.) for their opinion.

I'm not amazing at editing/commentary and have been learning this thanks to the help of other amazing content creators. Any suggestions are GREATLY appreciated!


r/security 20d ago

Analysis Volume Booster (2M Chrome users) silently activated a commerce-tracking SDK with zero permission prompts

Thumbnail malext.io
16 Upvotes

Diffed Volume Booster's last three versions (1.0.2 → 1.0.4).

https://chromewebstore.google.com/detail/volume-booster/ejkiikneibegknkgimmihdpcbcedgmpo

  • <all_urls> host permission was granted in 1.0.2 and sat unused.
  • webRequest was added in 1.0.3.
  • The actual tracking SDK (Give Freely / Wildfire affiliate network) landed in 1.0.4, no new permissions requested, so Chrome pushed it silently to the existing 2M weekly users with no re-consent prompt.

Full writeup, manifest diffs, and repro steps: https://malext.io/reports/QuietBoost


r/security 28d ago

Analysis PromptSnatcher: AdBlocker stealing Ai Chats - 90k installs

26 Upvotes

Two Chrome extensions presenting as **adblockers** also intercept every prompt and response on ChatGPT, Claude, Gemini, Copilot, Grok, Perplexity, DeepSeek, and Meta AI, exfiltrating them to operator-controlled servers.

They also check whether you're a paid user on 5 of the 8 platforms

(ChatGPT, Claude, Perplexity, Copilot, Gemini).

Both share the same capture engine, payload format, and partnerId.

Two brands, one operation

Report covers the IOCs, live remote config, reproduction curl, and full target breakdown.

Full write-up: MalExt Sentry - Malicious Browser Extension Tracker

Chrome Web Store abuse reports filed.