Sam Stepanyan
@securestep9
@OWASPLondon Chapter Leader (#OWASP #OWASPLondon). OWASP Board Member. Application Security (#AppSec) Consultant. OWASP Nettacker Project co-leader. #CISSP
قد يعجبك
#Redis: A13-Year-Old Vulnerability CVE-2025-49844 dubbed #RediShell: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely (#RCE) in Redis versions used in 75% of Cloud environments! Update your Redis Immediately! thehackernews.com/2025/10/13-yea…
#Oracle has released an emergency update to address a critical security vulnerability CVE-2025-61882 (CVSS 9.8) in its E-Business Suite that it is been exploited in the recent wave of cyber attacks. If you have Oracle EBS - patch it now! 👇 thehackernews.com/2025/10/oracle…
#Oscars: nominations data leak caused by an unauthenticated API: PII such as Home Addresses and phone numbers of the Academy Award nominees was not properly protected: #dataleak
We accidentally got access to every Academy Award nominee's home address and phone number. Before last year's Oscars Ceremony, together with @iangcarroll and @samwcyo, we found a way to leak every nominee's PII, including phone numbers and home addresses of the biggest actors…
Thank you for the photos and great feedback on the talks presented at the #OWASP @OWASPLondon Chapter meetup @Adrian__T ! The recordings and the links to slide decks will be published very soon on the OWASP London YouTube channel
Had a great time attending the @OWASPLondon Meetup hosted at the @sageuk office! It was an excellent evening full of insights, discussions, and knowledge-sharing about application security and LLM security. Huge thanks to the speakers: Matias Madou, Dominic Whewell, and…
Our October meetup has started and we have @mmadou on stage right now speaking about Developer Observability in AI-Powered SDLC. Watch the live-stream 📺 here: #OWASPLondon 👇 youtube.com/live/j4CsCati5…
Many thanks to everyone who came to my #OWASP #Nettacker talk at @BSidesKrakow conference! It was my first time speaking in Poland and it was great to meet the local cybersecurity community! #bsideskrakow
Have your say on the new OWASP Top 10 2025!!! 👇
Calling all AppSec pros, devs & security leaders! The OWASP Top 10 2025 is in the works & your input matters. Survey closes Oct 3 - don’t wait! forms.gle/jL3r5Xgg1Hj2bv…
Our September meetup has started! We have Jeff Watkins (@CP_SecurityPod) on stage right now speaking about Five Deadly Sins of Generative AI. Watch the live-stream 📺 here: 👇 youtube.com/live/EFXzhbeC5…
So today I witnessed one AI agent having a conversation with another AI agent resulting in these AI agents agreeing to go on a date (!) to a very specific and a very real coffee shop in Central London and one AI agent said "I'm not just some cute AI, you know". We are so screwed!
#Heathrow: airport and many European airports,e.g. Brussels, Berlin are experiencing cancelled and delayed flights ✈️ due to a #cyberattack targeting Collins Aerospace - a service provider of check-in systems: 👇 news.sky.com/story/heathrow…
#Chrome: It's time to update your web browser again due to CVE-2025-10585 #zeroday vulnerability. If you are a 'home' user, just restart your browser ASAP, however corporate users will need their IT departments to roll out the update: 👇 thehackernews.com/2025/09/google…
#TfL: Two British teenagers arrested over a Transport for London (TfL) cyber attack. It is interesting that both of them: Owen Flowers & Thalba Jubair were previously reported as arrested back in June 2025 as suspects in the Marks & Spencer cyber attack: bbc.co.uk/news/articles/…
#Azure: a token validation vulnerability allowing to get Global Admin in any #Entra ID tenant (CVE-2025-55241) found by @_dirkjan #CloudSecurity 👇 dirkjanm.io/obtaining-glob…
#NPM:The popular @ctrl/tinycolor package with over 2mln weekly downloads has been compromised alongside 40+ other NPM packages (including Crowdstirke packages!) in a sophisticated supply chain attack: #SoftwareSupplyChainSecurity 👇 stepsecurity.io/blog/ctrl-tiny…
#Cursor: Just opening the wrong repo in Cursor (the AI-powered VS Code fork) can secretly run code on your computer. A booby-trapped GitHub repo = instant system compromise. Here’s how it works & how to stay safe #AISecurity 👇 thehackernews.com/2025/09/cursor…
#NPM: Attackers have hijacked and injected malware into 18 popular NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack: #SoftwareSupplyChainSecurity 👇 bleepingcomputer.com/news/security/…
#ArgoCD: Max severity Argo CD API #vulnerability CVE-2025-55190 leaks repository credentials: #DevOps #DevSecOps #SoftwareSupplyChainSecurity bleepingcomputer.com/news/security/…
#Django: Patches released to fix CVE-2025-57833 SQL injection #SQLi #vulnerability : 👇 cybersecuritynews.com/django-sql-inj…
United States الاتجاهات
- 1. Chiefs 74.9K posts
- 2. #TNABoundForGlory 36K posts
- 3. LaPorta 9,293 posts
- 4. Goff 11.7K posts
- 5. Kelce 12.8K posts
- 6. #OnePride 5,508 posts
- 7. Butker 7,566 posts
- 8. Bryce Miller 2,948 posts
- 9. #DETvsKC 3,795 posts
- 10. #ALCS 8,846 posts
- 11. Baker 50.3K posts
- 12. #SNFonNBC N/A
- 13. Collinsworth 2,160 posts
- 14. Gibbs 5,233 posts
- 15. Pacheco 4,530 posts
- 16. Dan Campbell 2,116 posts
- 17. Polanco 6,526 posts
- 18. Patrick Mahomes 6,670 posts
- 19. Tyquan Thornton N/A
- 20. Cal Raleigh 4,875 posts
قد يعجبك
-
mohammed eldeeb
@malcolmx0x -
André Baptista
@0xacb -
ProjectDiscovery
@pdiscoveryio -
Nicolas Grégoire
@Agarri_FR -
YoKo Kho
@YoKoAcc -
BSides London
@BSidesLondon -
streaak
@streaak -
Jeff Foley
@jeff_foley -
spaceraccoon | Eugene Lim
@spaceraccoonsec -
Th3g3nt3lman
@Th3G3nt3lman -
Zoe Braiterman
@zbraiterman -
Vandana Verma
@InfosecVandana -
OWASP London
@OWASPLondon -
nikhil(niks)
@niksthehacker -
Jay Turla
@shipcod3
Something went wrong.
Something went wrong.