Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. SharePoint Online is not impacted. A patch is currently not available… read the blog post for more information: linkedin.com/posts/dmcfarlan… #CVE 2025-49704 2025-49706 2025-53770 ToolPane.aspx

🚨🚨🚨 The founder of the group behind the lawsuit removing President Trump from the Colorado Ballot reveals their largest donor is George Soros.

BREAKING LEAKED VIDEO: CEO of IBM @ArvindKrishna admits to using coercion to fire people and take away their bonuses unless they discriminate in the hiring process. “You got to move both forward by a percentage that leads to a plus on your bonus," Krishna said about hiring Hispanics, "and by the way if you lose, you lose part of your bonus.” After pulling ads from X for 'racism,' IBM chief Arvind Krishna says he will fire, demote or strip bonuses from execs who don't hire enough blacks, Hispanics — or hire too many Asians "Asians are not an underrepresented minority in tech in America...I’m not going to finess this, for blacks we should try to get towards 13 percent," says Krishna. Paul Cormier, the chairman of Red Hat, a subsidiary of IBM, says in the leaked recording that Red Hat has terminated people because they weren't willing to engage in racial discrimination through hiring and promotion. Title VII of the Civil Rights Act makes it illegal for employers to discriminate on the basis of race in the workplace. #IBMLeaks

This is pretty cool. How the policy space has evolved alongside practitioners gives me great hope we’re going to get the security outcomes we all want sooner rather than later. Table reads of policy docs? This is how you get feedback. Part of the long legacy of @thedarktangent

There was a lot of great interest among policymakers in engaging the @DEFCONPolicy community – thanks to many of you for submitting to the Call for Papers! Though we are still finalizing schedules, some confirmed main stage sessions include:

📭We've added a PoC exploit msg file for CVE-2023-23397 here (UNC path is localhost!): delivr.to/payloads?id=494a27… 🔍 There's also a yara rule in our detections repo that identifies the PidLidReminderFileParameter set in a msg Appointment file: github.com/delivr-to/detecti…

Tucker broke the corporate media. Watch.

I disagree. Deception is Threat Intel on your network. Right now.

Exchange 0day exploit in wild. #APT gteltsc.vn/blog/canh-bao-chi…

Not everyone was there for our late group pic, but s/o to @ayanmislam @lady_N_00 @__winn @RoRoRah @linwells @HarleyGeiger @loomisoncyber @dsmcf @APhoenixinflame and all of the other amazing volunteers

If you insist on using TikTok Instagram etc. … pay attention to how you launch links. And if the app does its best to stop you leaving their sandbox, question everything.

Without regard to the merits of the suit, one thing which I find fascinating is Hadnagy’s sworn affidavit that, in the context of DEF CON, hackers are criminal actors or doers of unauthorized things. On its face this is perhaps the most staggeringly insincere statement in here.

Another incredible DEFCON in the books. From speaking with @kimzetter on cyber power, to checking out the "villages," I thoroughly enjoyed my time at #DEFCON30. Congrats to @thedarktangent and the whole @defcon team on a job well done, and thanks for having me!

My @defcon girl with the special badge #DEFCON30

For those organizations who absolutely, positively need to deliver troubleshooting mechanisms via Microsoft Word documents:

How Lamda functions:

Call for Volunteers for Skytalks at @defcon is open! docs.google.com/forms/d/14Wp… We are looking for Grunts for line control operations, room security, speaker ops & more. If you can’t put your money in the bucket, you can volunteer to help make Skytalks work!

Update: Skytalks cabal is forging ahead with plans to hold Skytalks at @defcon & the first several CFP acceptances have gone out (some very cool talks!). More acceptances going out 6/6. We are still confirming various logistical items. Call for Volunteer help will be out soon!