Dissent Doe :cupofcoffee:<p>North Country Health in Arizona sent me a statement in response to Stormous' claims. As I had previously reported, I was unable to verify the patient data sample Stormous had provided and reported that it appeared fake. </p><p>North Country Health was also unable to verify the alleged patient data and states, "Independent cybersecurity experts have reviewed the data posted and found it to be inconsistent, unverifiable, and likely fabricated." </p><p><a href="https://databreaches.net/2025/07/17/north-country-healthcare-responds-to-stormouss-claims-of-a-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/17/no</span><span class="invisible">rth-country-healthcare-responds-to-stormouss-claims-of-a-breach/</span></a></p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/fake" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>fake</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@lawrenceabrams" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lawrenceabrams</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>zackwhittaker</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>campuscodi</span></a></span></p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
270active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#databreach
13 posts · 11 participants · 0 posts today
DevaOnBreaches<p>Britain set up a secret scheme to relocate thousands of Afghans after a major <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> exposed their details, risking Taliban reprisals. </p><p>The breach, from 2022, led to a 2 billion-pound program for their safety.</p><p><a href="https://www.reuters.com/world/uk/thousands-afghans-secretly-moved-britain-after-data-leak-2025-07-15/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/world/uk/thousands</span><span class="invisible">-afghans-secretly-moved-britain-after-data-leak-2025-07-15/</span></a></p>
Dissent Doe :cupofcoffee:<p>NEW: RansomedVC is back — and is still attacking its competitors: </p><p><a href="https://databreaches.net/2025/07/17/ransomedvc-is-back-and-is-still-attacking-its-competitors/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/17/ra</span><span class="invisible">nsomedvc-is-back-and-is-still-attacking-its-competitors/</span></a></p><p>RansomedVC has a history of leaking its competitors' data. Heck, they even leaked their own to get attention. Now they're back, and one of their first targets was the Medusa ransomware gang. </p><p><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/SnapAv" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnapAv</span></a> <a href="https://infosec.exchange/tags/SnapOne" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SnapOne</span></a> <a href="https://infosec.exchange/tags/Medusa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Medusa</span></a> <a href="https://infosec.exchange/tags/RansomedVC" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RansomedVC</span></a> </p><p><span class="h-card" translate="no"><a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>amvinfe</span></a></span></p>
Ian Brown 👨🏻💻<p>Sir Geoffrey Clifton-Brown, chairman of the 🇬🇧 parliament public accounts committee, said: “We…have already made preliminary arrangements to ask officials from the Ministry of Defence to come and explain all of this in a public session in the autumn.” <a href="https://eupolicy.social/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://apple.news/AJNr5CuRmQCCRibFmCozBEg" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">apple.news/AJNr5CuRmQCCRibFmCo</span><span class="invisible">zBEg</span></a></p>
David Hollingworth<p>I've seen some pretty poor responses to a ransomware attack, but simply saying 'we can't work out what data was exfiltrated and it's up to you, not us, to work it out' is about has brazen an abnegation of responsibility I've seen since I've started covering this beat.</p><p>Absolutely WILD.</p><p><a href="https://mastodon.social/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ransomware</span></a> <a href="https://mastodon.social/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://mastodon.social/tags/auspol" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>auspol</span></a> </p><p><a href="https://www.cyberdaily.au/security/12393-uap-confirms-ransomware-attack-personal-data-and-email-correspondence-exposed" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cyberdaily.au/security/12393-u</span><span class="invisible">ap-confirms-ransomware-attack-personal-data-and-email-correspondence-exposed</span></a></p>
The New Oil<p>Thousands of Afghans secretly moved to <a href="https://mastodon.thenewoil.org/tags/Britain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Britain</span></a> after data leak</p><p><a href="https://www.reuters.com/world/uk/thousands-afghans-secretly-moved-britain-after-data-leak-2025-07-15/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">reuters.com/world/uk/thousands</span><span class="invisible">-afghans-secretly-moved-britain-after-data-leak-2025-07-15/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/Afghanistan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Afghanistan</span></a> <a href="https://mastodon.thenewoil.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://mastodon.thenewoil.org/tags/politics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>politics</span></a></p>
DevaOnBreaches<p>Co-op CEO confirms that 6.5 million members’ data was stolen in April's cyberattack, including names, addresses & contact information (no financial data). </p><p>Four suspects arrested & bailed. </p><p>The CEO apologizes, says it’s personal. <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> </p><p><a href="https://www.bbc.com/news/articles/cql0ple066po" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bbc.com/news/articles/cql0ple0</span><span class="invisible">66po</span></a></p>
Ian Brown 👨🏻💻<p>‘When that data falls into the hands of the <a href="https://eupolicy.social/tags/Taliban" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Taliban</span></a> it will lead to my arrest, torture and death’ <a href="https://eupolicy.social/tags/UK" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UK</span></a> <a href="https://eupolicy.social/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://eupolicy.social/tags/Afghanistan" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Afghanistan</span></a> <a href="https://www.theguardian.com/world/2025/jul/16/when-that-data-falls-into-the-hands-of-the-taliban-it-will-lead-to-my-arrest-torture-and-death?CMP=Share_iOSApp_Other" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">theguardian.com/world/2025/jul</span><span class="invisible">/16/when-that-data-falls-into-the-hands-of-the-taliban-it-will-lead-to-my-arrest-torture-and-death?CMP=Share_iOSApp_Other</span></a></p>
DevaOnBreaches<p>Episource, a medical billing giant owned by Optum, confirms a <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> exposing personal & health data of 5.4M people in the U.S, exposing sensitive info like medical records, insurance details, and contact info.</p><p><a href="https://techcrunch.com/2025/07/14/episource-is-notifying-millions-of-people-that-their-health-data-was-stolen/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2025/07/14/epis</span><span class="invisible">ource-is-notifying-millions-of-people-that-their-health-data-was-stolen/</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Episource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Episource</span></a> is notifying millions of people that their <a href="https://mastodon.thenewoil.org/tags/health" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>health</span></a> data was stolen</p><p><a href="https://techcrunch.com/2025/07/14/episource-is-notifying-millions-of-people-that-their-health-data-was-stolen/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2025/07/14/epis</span><span class="invisible">ource-is-notifying-millions-of-people-that-their-health-data-was-stolen/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.thenewoil.org/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://mastodon.thenewoil.org/tags/healthcare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthcare</span></a></p>
DevaOnBreaches<p>Louis Vuitton investigates a <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> in the UK that exposed customer info (names, contact details, purchase history) on July 2, 2025.</p><p>This is the third breach in 3 months across LVMH brands, raising concerns over cybersecurity practices.</p><p><a href="https://hackread.com/louis-vuitton-uk-cyberattack-3-lvmh-breach-3-months/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/louis-vuitton-uk-</span><span class="invisible">cyberattack-3-lvmh-breach-3-months/</span></a></p>
XposedOrNot<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@XposedOrNot" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>XposedOrNot</span></a></span> += Tigo Data Breach</p><p>The Tigo <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> in mid-2023 involved the exposure of 300GB of data from the Chinese video chat platform, containing over 100M records. The breach included more than 2.7M unique names, usernames, email and IP addresses, genders, profile photos, and private messages.</p><p>Exposed data: Names, Usernames, Email addresses, IP addresses, Genders, Profile photos, Private messages</p><p>Potential risks: Privacy breaches, Identity exposure, Unauthorized access</p>
XposedOrNot<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@XposedOrNot" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>XposedOrNot</span></a></span> += InflateVids Data Breach</p><p>The InflateVids <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> in December 2023 exposed over 13K unique email addresses along with usernames, IP addresses, genders, and passwords stored as SHA-1 hashes. The breach impacted users of the inflatable and balloon fetish videos website.</p><p>Exposed data: Email addresses, Usernames, IP addresses, Genders, SHA-1 hash passwords</p><p>Potential risks: Privacy breaches, Identity exposure, Unauthorized access</p>
Europe Says<p><a href="https://www.europesays.com/2239840/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2239840/</span><span class="invisible"></span></a> New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs <a href="https://pubeurope.com/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://pubeurope.com/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArtificialIntelligence</span></a> <a href="https://pubeurope.com/tags/ComputerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComputerSecurity</span></a> <a href="https://pubeurope.com/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttacks</span></a> <a href="https://pubeurope.com/tags/CyberNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberNews</span></a> <a href="https://pubeurope.com/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://pubeurope.com/tags/CyberSecurityNewsToday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNewsToday</span></a> <a href="https://pubeurope.com/tags/CyberSecurityUpdates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityUpdates</span></a> <a href="https://pubeurope.com/tags/CyberUpdates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberUpdates</span></a> <a href="https://pubeurope.com/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://pubeurope.com/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://pubeurope.com/tags/HackingNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackingNews</span></a> <a href="https://pubeurope.com/tags/HowToHack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HowToHack</span></a> <a href="https://pubeurope.com/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InformationSecurity</span></a> <a href="https://pubeurope.com/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetworkSecurity</span></a> <a href="https://pubeurope.com/tags/RansomwareMalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RansomwareMalware</span></a> <a href="https://pubeurope.com/tags/SoftwareVulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareVulnerability</span></a> <a href="https://pubeurope.com/tags/TheHackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheHackerNews</span></a></p>
US<p><a href="https://www.europesays.com/us/60150/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/us/60150/</span><span class="invisible"></span></a> New RowHammer Attack Variant Degrades AI Models on NVIDIA GPUs <a href="https://pubeurope.com/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://pubeurope.com/tags/ArtificialIntelligence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ArtificialIntelligence</span></a> <a href="https://pubeurope.com/tags/ComputerSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ComputerSecurity</span></a> <a href="https://pubeurope.com/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttacks</span></a> <a href="https://pubeurope.com/tags/CyberNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberNews</span></a> <a href="https://pubeurope.com/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://pubeurope.com/tags/CyberSecurityNewsToday" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNewsToday</span></a> <a href="https://pubeurope.com/tags/CyberSecurityUpdates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityUpdates</span></a> <a href="https://pubeurope.com/tags/CyberUpdates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberUpdates</span></a> <a href="https://pubeurope.com/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> <a href="https://pubeurope.com/tags/HackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackerNews</span></a> <a href="https://pubeurope.com/tags/HackingNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HackingNews</span></a> <a href="https://pubeurope.com/tags/HowToHack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HowToHack</span></a> <a href="https://pubeurope.com/tags/InformationSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InformationSecurity</span></a> <a href="https://pubeurope.com/tags/NetworkSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>NetworkSecurity</span></a> <a href="https://pubeurope.com/tags/RansomwareMalware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>RansomwareMalware</span></a> <a href="https://pubeurope.com/tags/SoftwareVulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareVulnerability</span></a> <a href="https://pubeurope.com/tags/Technology" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Technology</span></a> <a href="https://pubeurope.com/tags/TheHackerNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheHackerNews</span></a> <a href="https://pubeurope.com/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedStates</span></a> <a href="https://pubeurope.com/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>UnitedStates</span></a> <a href="https://pubeurope.com/tags/US" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>US</span></a></p>
Maggie Maybe<p>Every day lately I read an article that makes me grateful that I am disabled. I don’t have to expose myself to scam job listings where they’ll pretend to hire me to steal my identity and I don’t have to put all my information into systems like this:</p><p>McDonald’s AI hiring tool’s password ‘123456’ exposed data of 64M applicants | CSO Online <a href="https://www.csoonline.com/article/4020919/mcdonalds-ai-hiring-tools-password-123456-exposes-data-of-64m-applicants.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">csoonline.com/article/4020919/</span><span class="invisible">mcdonalds-ai-hiring-tools-password-123456-exposes-data-of-64m-applicants.html</span></a> </p><p><a href="https://zeroes.ca/tags/McDonalds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>McDonalds</span></a> <a href="https://zeroes.ca/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a></p>
DevaOnBreaches<p>Paddy Power & BetFair hit by a <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a>, exposing usernames, emails, and IPs of up to 800k customers.</p><p><a href="https://grahamcluley.com/paddy-power-and-betfair-have-suffered-a-data-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">grahamcluley.com/paddy-power-a</span><span class="invisible">nd-betfair-have-suffered-a-data-breach/</span></a></p>
DevaOnBreaches<p>Bitcoin Depot, a major Bitcoin ATM operator, has notified ~27k customers of a <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a>. </p><p>Sensitive info like names, phone numbers, and driver's license numbers was exposed.</p><p><a href="https://www.bleepingcomputer.com/news/security/bitcoin-depot-breach-exposes-data-of-nearly-27-000-crypto-users/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/bitcoin-depot-breach-exposes-data-of-nearly-27-000-crypto-users/</span></a></p>
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Qantas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Qantas</span></a> confirms <a href="https://mastodon.thenewoil.org/tags/DataBreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataBreach</span></a> impacts 5.7 million customers</p><p><a href="https://www.bleepingcomputer.com/news/security/qantas-confirms-data-breach-impacts-57-million-customers/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/qantas-confirms-data-breach-impacts-57-million-customers/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://mastodon.thenewoil.org/tags/travel" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>travel</span></a> <a href="https://mastodon.thenewoil.org/tags/airline" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>airline</span></a></p>
jbz<p>💧 Supabase MCP can leak your entire SQL database</p><p>「 The cursor assistant operates the Supabase database with elevated access via the service_role, which bypasses all row-level security (RLS) protections. At the same time, it reads customer-submitted messages as part of its input. If one of those messages contains carefully crafted instructions, the assistant may interpret them as commands and execute SQL unintentionally 」</p><p><a href="https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">simonwillison.net/2025/Jul/6/s</span><span class="invisible">upabase-mcp-lethal-trifecta/</span></a></p><p><a href="https://indieweb.social/tags/supabase" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supabase</span></a> <a href="https://indieweb.social/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://indieweb.social/tags/mcp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>mcp</span></a> <a href="https://indieweb.social/tags/sql" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sql</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload