BREAKING & EXCL: Malicious Farage and Andrew Bailey scam ads are continuing today. Threat actors are now pixelating the faces of Farage and Bailey to evade automated detection. This confirms what I suspected: X is using AI image models and face recognition to detect the scam ads. X needs to check the URLs of ads and posts to defeat the scams. I stand ready to work together, as always, in service of the public.

The X account of BBC 5 Live Sport @5liveSport looks to be compromised, with scam affiliates listed under the account

BREAKING: Something really bad has just happened with the BBC 5 Live Sport account on here. Looks to be compromised. Two scam accounts are now affiliated with BBC 5 Live Sport: [@]FNSNVencicne [@]MngmntTrade [@]FNSNVencicne is NOT Venice AI but purports to be [@]MngmntTrade is a crypto and investment scam vehicle @bbc @bbc5live @5liveSport please remediate and investigate immediately Meanwhile, do not click any links from the 5 Live Sport account as it may be compromised. Investment scams may soon appear from the account and the affiliates.

Hello Lisbon! We're at the Global Anti-Scam Summit this week @ScamAlliance

16:55 UK time. Ad still live. Now 1.7 million impressions for this phishing campaign

PUBLIC ADVISORY from Epi Security: The X (Twitter) account for Alcatel USA [@]alcatelmobileus (21.8k followers) has been compromised and is currently pushing scam ads to tens of thousands of users. Don't trust the links from this account at this time, and continue checking all links in posts and ads. We have reported this compromise and the ongoing campaigns of malicious ads to X, and we stand ready to offer our assistance and internet intel to stop bad ads and links. IOCs: alcatelmobileus[.]shop [@]alcatelmobileus

PUBLIC ADVISORY from @episecurity: The X account for Alcatel USA [@]alcatelmobileus (21.8k followers) has been compromised and is currently pushing scam ads.

PUBLIC ADVISORY for Instagram users from @epiapp: We have responsibly disclosed a critical security vulnerability to Meta about Instagram. We are not detailing the vulnerability here, but it impacts the Instagram in-app web browser. We are issuing this redacted public advisory in the public interest. We advise Instagram users to be especially cautious and vigilant when using the Instagram browser, and to refrain from using the in-app browser to log in to third-party sites and services at this time. It is in the public interest for users to be aware and act accordingly, because the vulnerability is one of web trust as much as an exploitable technical failure. It affects all Instagram users worldwide right now, and we are concerned of active exploitation. Don't log in to sites in the Instagram web browser at this time. We stand ready to work closely with Meta on fixing this vulnerability and improving the security of the in-app browser.

PUBLIC ADVISORY for Instagram users from @epiapp: We have responsibly disclosed a critical security vulnerability to Meta about Instagram. We are not detailing the vulnerability here, but it impacts the Instagram in-app web browser. We are issuing this redacted public advisory in the public interest. We advise Instagram users to be especially cautious and vigilant when using the Instagram browser, and to refrain from using the in-app browser to log in to third-party sites and services at this time. It is in the public interest for users to be aware and act accordingly, because the vulnerability is one of web trust as much as an exploitable technical failure. It affects all Instagram users worldwide right now, and we are concerned of active exploitation. Don't log in to sites in the Instagram web browser at this time. We stand ready to work closely with Meta on fixing this vulnerability and improving the security of the in-app browser.

is this how you do it?

guess who has the URL checker APIs you're looking for 👀

Thanks for all the phish

lol. lmao even

Made a script to check our org and help others detect if they're affected by the Axios NPM library compromise. Axios is a hugely popular HTTP request library, installed over 100 million times every week, and is used in hundreds of thousands of software projects. This script checks a batch of Node repos in one go. Run it on your dev machines, CI and environments. gist.github.com/alexgreenlan…

Want to stop getting phished? Use a good link checker! The Epi link checker cares about your privacy and security. It doesn't log or record input URLs, doesn't track you, uses no third-party scripts, is free and requires no login. It resolves all redirects for you in its sandbox, so you get the right trust verdict — for the final destination. No star ratings. No subjective scores. We simply tell you whether a site is trusted, legitimate, malicious or unsafe. epihq.com

Big news: Apple just quietly published (1 Jan) a webpage describing the training data used for their gen AI This legal document is for compliance with the California Generative Artificial Intelligence Training Data Transparency Act. 🍿 Fascinating insights. Highlights: "Apple trains generative AI models using a mixture of data that includes publicly available data, including publicly available information crawled by Apple’s web crawler Applebot, data licensed or purchased from third parties, open-sourced data, data obtained through user studies, and synthetic data." "Applebot does not crawl data from websites that require login credentials or that are protected by a paywall. Applebot respects standard robots.txt directives" "Data sets for model training include both data from the public domain and data subject to intellectual property rights. For example, data used to train generative AI models includes data that has been directly licensed to Apple and data made available pursuant to licenses, such as common open-source licenses, that permit use of the data in the development of generative AI systems." "Apple does not use our users’ private personal data or user interactions when training our foundation models. Additionally, for content publicly available on the internet that has been crawled by Applebot, Apple takes steps to apply filters to remove certain categories of personally identifiable information, such as social security and credit card numbers, from training data." "Apple filters web-crawled data and publicly available datasets both at the time the data is crawled or imported and also as a part of post-acquisition processing prior to training. The data is managed both to limit the use of low-quality data and to remove content that is undesirable or unsafe. For example, Apple performs quality filtering and plain-text extraction on data crawled by Applebot, including safety, profanity, inappropriate content, spam, financial data, and quality filtering using heuristics and model-based classifiers, global fuzzy de-duplication using locality-sensitive n-gram hashing, decontamination against common pre-training benchmarks, and filtering against benchmark datasets. Different techniques are used to filter datasets, including manual and algorithmic ranking of content, use of heuristics, and use of machine learning models." "Apple has been collecting textual data for training since 2018 and image data for training since 2020. Data collection remains ongoing." "Apple uses generated text, images, audio, and other content to supplement datasets containing real-world data. This category of data is used to enhance the other corpora, including synthetic image caption data, question-answer pairs, and language data. Apple also uses synthetic data generation for post-training, including supervised fine-tuning." I wonder what happens with respect to the Google-trained Apple LLM model. This document was discovered by Epi Internet Intelligence (@epiapp).

Why Trusted Publishing and OIDC is dangerous for CI, your deployments and source code, and GitHub overall. My recommendation to machine-to-machine OIDC flow developers: always require a secret to be supplied as well.

Introducing Epi Security, the new brand for cybersecurity from Epi @epiapp

Here to help devs with reviews, audits and pentests for RSC, servers and client apps. In the wake of the significant and widespread attacks on NPM libraries and React2Shell exploits, security must no longer be an afterthought or bolt-on. I've been building secure apps and servers for 15 years, and running a cybersec startup for 6 years. Security works when it is at the foundation, with secure code practices followed religiously by devs, and platform safeguards built in. Reach out if you want me to look at your source and apps. Happy to take a deep dive into your repos, and if you like my work, establish a working relationship.

Trying something: Making an official/ophishal account which will just post professional tweets and thought leadership posts around phishing, quishing, scams, fraud and cyber threats. A SFW @ajrgd without the memes, humour and personality. Welcome to the unfunny side.