Leaked and Loaded: DOGE’s API Key Crisis

One leaked API key exposed 52 private LLMs and potentially sensitive systems across SpaceX, Twitter, and even the U.S. Treasury.

In this episode of Cyberside Chats, @sherridavidoff and @MDurrin break down the DOGE/XAI API key leak. They share how it happened, why key management is a growing threat, and what you should do to protect your organization from similar risks.

Watch the video: https://youtu.be/Lnn225XlIc4

Listen to the podcast: https://www.chatcyberside.com/e/api-key-catastrophe-when-secrets-get-leaked/

Hey folks,

Decided it was time for a fresh alias, so here’s my #introduction. I’m a creatively driven fellow with a passion for privacy, cybersecurity, Linux, and free and open source software. I enjoy gaming, creative writing, and technology—the latter of which inspired me to pursue cybersecurity and system administration.

I embarked on this journey around the start of the pandemic, when the sudden surplus of free time gave me the opportunity to try Manjaro, a distribution of Linux based on Arch. With the release of the Steam Deck, I moved over to NixOS, which I’ve been using ever since while studying cybersecurity in higher education.

The majority of my posts will be set to follower-only, so feel free to throw a follow my way if anything of mine has piqued your curiosity at all.

Look forward to interacting with you all in the future! ^^

Tags: #privacy, #cybersecurity, #cybersec, #hacker, #pentest, #pentester, #infosec, #linux, #foss, #gaming, #creativewriting, #writing, #technology, #sysadmin, #archlinux, #steamdeck, #nix, #nixOS.

Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“DIY Azure Security Assessment" - with Teri Radichel
https://twp.ai/4iodU5

Here's a new-to-me password spray tool that looks a hell of a lot more functional that Burp Intruder.

https://github.com/blacklanternsecurity/TREVORspray

How do attackers go from file shares to full domain admin access without ever stealing a password? In this real-world case study, we'll share how a single misconfiguration opened the door to a full network compromise, and how our #pentest team exploited hidden file shares (with that sneaky $ at the end) to uncover sensitive data most IT teams don’t realize is exposed.

We'll share:
• How attackers exploit hidden file shares
• Why misconfigured Windows Deployment Services are a major risk
• The exact relay attack path that led to domain dominance
• What red flags to look for in your environment

Watch: https://youtu.be/78L2Zz2Ttbs

A friend is looking for an ICS pentesting gig in the UK. He has lots of experience in maritime, power, water, gas OT & SCADA.

He's also excellent on internal inf / red team especially when there's an OT element to the org and you need a safe pair of hands.

If you have any leads please message me and I'll hook you up.

ParrotOS 6.4 is out now!

This release sets the stage for Parrot 7 with upgraded tools, security fixes, and system improvements

Upgrade via sudo parrot-upgrade or grab a fresh install from the official site

Click the link down below and read more on the changelog

https://parrotsec.org/blog/2025-07-07-parrot-6.4-release-notes

Hi everyone! I recently released 3 blog posts!
All of them are writeups on CTFs where I make some scripts and tools in bash and golang!

I'll leave you the link of the blog posts and if you have any suggestions or interact with me, don't hesitate to comment or DM me!

I hope you all can enjoy reading them!

https://blog.jackrendor.dev/posts/tryhackme-securityfootage/

https://blog.jackrendor.dev/posts/tryhackme-bugged/

https://blog.jackrendor.dev/posts/tryhackme-eavesdropper/

Your UPS might be a silent security risk.

Watch our new video to see how a standard uninterruptible power supply (UPS) became the gateway to hacking a real bank.

We walk you through:

How UPS devices connect to networks—and why that matters
The danger of default credentials on embedded systems
How spoofed email servers let attackers steal domain credentials
The exact steps that led to full network compromise

Watch now! https://youtu.be/Ru5RR9COqYw

Understanding the ‘Slopocene’: how the failures of AI can reveal its inner workings

I love this "pentest" style of learning how llm's work. Break it and admire the way it pukes. #ai #pentest #slop #aislop #chatgpt
https://theconversation.com/understanding-the-slopocene-how-the-failures-of-ai-can-reveal-its-inner-workings-258584

New mass scanning activity may be the first step in another MOVEit attack.

Hackers are actively scanning the internet for exposed MOVEit systems—hundreds of unique IPs every day—suggesting the early stages of coordinated exploitation.

Threat intel firm GreyNoise warns this is the same pattern seen weeks before past mass attacks. Known MOVEit vulnerabilities, such as CVE-2023-34362 and CVE-2023-36934, are already being tested in the wild.

If your MOVEit Transfer instance is online and unmonitored, you may already be on an attacker’s target list.

Now’s the time to:
• Patch all known MOVEit vulnerabilities
• Limit public-facing access
• Monitor for scan activity and open ports
• Block IPs identified by threat intelligence feeds
• Harden file transfer environments and deploy honeypots if needed

Scanning isn’t random—it’s reconnaissance. Act now before scanning turns into breach.

Read the article for details: https://www.cuinfosecurity.com/scans-probing-for-moveit-systems-may-be-precursor-to-attacks-a-28832

More information on printer security, since they are often a cybersecurity blind spot!

Last week, we shared a warning about the unpatchable Brother printer vulnerability (CVE-2024-51978) that puts millions of devices at risk. If you haven’t updated your default admin passwords, do it now.

Since there was a lot of interest in this topic, we're sharing our classic, but still very relevant, on-demand webinar, "How I met your printer": https://youtu.be/b6d6RO2AFgw

@tompohl shares real-world techniques attackers use to exploit printers for initial access and lateral movement—exactly what we see in our penetration tests all the time.

If you haven’t tested your print infrastructure, now’s the time. Need help? Our pentest team can assess your network and highlight hidden vulnerabilities.

#Cybersecurity #CISO #PrinterSecurity #PenetrationTesting #LMGSecurity #NetworkSecurity #Infosec #ITsecurity
#penetrationtesting #pentest #pentesting

Hundreds of Brother printer models are affected by a critical, unpatchable vulnerability (CVE-2024-51978) that allows attackers to generate the default admin password using the device’s serial number—information that’s easily discoverable via other flaws.

748 total models across Brother, Fujifilm, Ricoh, Toshiba, and Konica Minolta are impacted, with millions of devices at risk globally.

Attackers can:
• Gain unauthenticated admin access
• Pivot to full remote code execution
• Exfiltrate credentials for LDAP, FTP, and more
• Move laterally through your network

Brother says the vulnerability cannot be fixed in firmware and requires a change in manufacturing. For now, mitigation = change the default admin password immediately.

Our pentest team regularly highlights printer security as a critical path to system compromise—and today’s news is another example that underscores this risk. This is your reminder: Printers are not “set-and-forget” devices. Treat them like any other endpoint—monitor, patch, and lock them down.

Need help testing your network for exploitable print devices? Contact us and our pentest team can help!

Read the Dark Reading article for more details on the Brother Printers vulnerability: https://www.darkreading.com/endpoint-security/millions-brother-printers-critical-unpatchable-bug

How Mouse Without Borders can be use lateral movement and data exfiltration

https://0xsultan.github.io/dfir/Exfiltrate-Without-Borders

Missed one of my past conference talks? Let’s fix that.

I’m sharing my favorites—packed with real-world advice, lessons, and a few laughs.

“DIY Azure Security Assessment" - with Teri Radichel
https://twp.ai/4in9rU

New cheatsheets pushed

https://github.com/r1cksec/cheatsheets

Neu im Research-Blog: Windows-Angriffe entgegen der Vertrauensstellung

Windows Domänen lassen sich durch Vertrauensstellungen zusammenbringen. Wird der Zugriff nur in eine Richtung benötigt, kann man das Vertrauen auch nur einseitig aussprechen – aber sind damit Angriffe in die andere Richtung ausgeschlossen? Leider nicht, denn es gibt Wege um das Vertrauen entgegen der „Direction of Access“ auszunutzen.

Das Problem ist schon länger bekannt und die Ausnutzung ist fester Bestandteil von einigen Pentest-Tools. Wir stellen aber immer wieder fest, das erfahrene Windows-Administratoren überrascht sind, wenn wir diesen Angriffsweg in Pentests nachweisen. Daher haben unsere Experten in einem Blogpost noch einmal die Grundlagen und einen konkreten Angriff inklusive passender Gegenmaßnahmen zusammengefasst.
https://research.hisolutions.com/2025/06/windows-angriffe-entgegen-der-vertrauensstellung/