Must-read report from NPR, showing once again that DOGE is a massive threat to the cyber/national security of the United States:

"In the first days of March, a team of advisers from President Trump's new Department of Government Efficiency initiative arrived at the Southeast Washington, D.C., headquarters of the National Labor Relations Board.

The small, independent federal agency investigates and adjudicates complaints about unfair labor practices. It stores reams of potentially sensitive data, from confidential information about employees who want to form unions to proprietary business information.

The DOGE employees, who are effectively led by White House adviser and billionaire tech CEO Elon Musk, appeared to have their sights set on accessing the NLRB's internal systems. They've said their unit's overall mission is to review agency data for compliance with the new administration's policies and to cut costs and maximize efficiency."

"But according to an official whistleblower disclosure shared with Congress and other federal overseers that was obtained by NPR, subsequent interviews with the whistleblower and records of internal communications, technical staff members were alarmed about what DOGE engineers did when they were granted access, particularly when those staffers noticed a spike in data leaving the agency. It's possible that the data included sensitive information on unions, ongoing legal cases and corporate secrets — data that four labor law experts tell NPR should almost never leave the NLRB and that has nothing to do with making the government more efficient or cutting spending."

"Meanwhile, according to the disclosure and records of internal communications, members of the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access — evasive behavior that several cybersecurity experts interviewed by NPR compared to what criminal or state-sponsored hackers might do."

"The employees grew concerned that the NLRB's confidential data could be exposed, particularly after they started detecting suspicious log-in attempts from an IP address in Russia, according to the disclosure. Eventually, the disclosure continued, the IT department launched a formal review of what it deemed a serious, ongoing security breach or potentially illegal removal of personally identifiable information. The whistleblower believes that the suspicious activity warrants further investigation by agencies with more resources, like the Cybersecurity and Infrastructure Security Agency or the FBI."

https://www.npr.org/2025/04/15/nx-s1-5355896/doge-nlrb-elon-musk-spacex-security

BREAKING.

From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.

In an unprecedented move, the Japan Fair Trade Commission has issued a cease-and-desist order against Google for violating the country's anti-monopoly law by forcing manufacturers to preinstall the company’s apps on their Android smartphones. https://www.japantimes.co.jp/business/2025/04/15/companies/google-anti-monopoly-law/

4chan infighting reaches epic levels, kind of a big deal: https://www.404media.co/4chan-is-down-following-what-looks-to-be-a-major-hack-spurred-by-meme-war/?ref=weekly-roundup-newsletter

Microsoft with an OOB advisory for Power Automate.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-29817

sev:MED 5.7 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C

Uncontrolled search path element in Power Automate allows an authorized attacker to disclose information over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-29817

NEW: The notorious image board 4chan has been hacked.

Site has been intermittently down for hours, and hackers have published screenshots of site's backend, alleged source code, and list of moderators and "janitors."

One janitor told us they are "confident" data is "all real."

https://techcrunch.com/2025/04/15/notorious-image-board-4chan-hacked-and-internal-data-leaked/

My message to Ursula von der Leyen in The Guardian this morning: EU race to rearm is pointless if hostile foreign powers can still use online algorithms to boost authoritarians to power across Europe. Europe’s new “Democracy Shield” should immediately shut them down.
https://www.theguardian.com/commentisfree/2025/apr/15/us-europe-military-spending-trump-ireland

#ToddlerDnD Wild Magic:

Verbal component: "Now I finally have some time to get back to my hobbies!"

Effect: Immediate routine breaking event selected from the random table below with a D12 roll

1. Ear infection
2. Tonsillitis
3. Head lice
4. PTA conflict
5. Skipping naps
6. Family holiday
7. Ear infection again
8. The poops
9. Can't sleep won't sleep
10. Childhood illness
11. Kindergarten break
12. More lice

#DnD #parenting

Unlocking secret ThinkPad functionality for emulating USB devices:

https://xairy.io/articles/thinkpad-xdci

#reverseengineering #informationsecurity #hardware #hacking #infosec #cybersecurity

There’s a new entry in our #Rust tool suite designed to assist with #reverseengineering and #vulnerabilityresearch against binary targets!

Oneiromancer by @raptor uses the locally running aidapal LLM by @atredis to analyze and improve #IDA pseudo-code.

https://security.humanativaspa.it/aiding-reverse-engineering-with-rust-and-a-local-llm

High level diff of iOS 18.5 beta 1 vs. iOS 18.5 beta 2 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/18_5_22F5042g__vs_18_5_22F5053f/README.md

@buherator @talosvulns Deja vu 😅 https://security.humanativaspa.it/multiple-vulnerabilities-in-eclipse-threadx/

The S is for Security. How to use WinRMS as a solid NTLM relay target, and why it’s less secure than WinRM over HTTP.

writeup: https://sensepost.com/blog/2025/is-tls-more-secure-the-winrms-case./

PR to impacket:
https://github.com/fortra/impacket/pull/1947/files

Ray of Sickness, #ToddlerDnD edition:

Casting time: immediate
Range: the whole family
Components: verbal
Duration: the next 2 weeks
Verbal components that automatically cast this spell:

"Hey, we haven't been sick for almost a week!"

"Only two more days and we are visiting Grandma!

"Yes, we are going to the birthday party this weekend!"

"It has been rough, but I finally booked that weekend getaway we have been planning!"

"I have a very important meeting tomorrow."

#parenting #DnD

A Tricky Commodore PET Repair and a Lesson About Assumptions

https://hackaday.com/2025/04/14/a-tricky-commodore-pet-repair-and-a-lesson-about-assumptions/