this post was submitted on 19 May 2026
817 points (99.5% liked)

Technology

86413 readers
2978 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related news or articles.
  3. Be excellent to each other!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
  9. Check for duplicates before posting, duplicates may be removed
  10. Accounts 7 days and younger will have their posts automatically removed.

Approved Bots


founded 3 years ago
MODERATORS
(page 2) 50 comments
sorted by: hot top controversial new old
[–] LovableSidekick@lemmy.world 7 points 1 month ago* (last edited 1 month ago) (1 children)

I'm surprised whatever software the keys were for didn't detect this and deactivate the keys. Discord did this automatically when I pushed a file to github that had a bot login token in it. Apparently Discord constantly scans github for such things, or maybe github does and sends Discord a msg, I dunno. But it was amazingly fast, like within 2 minutes.

[–] Wildmimic@anarchist.nexus 7 points 1 month ago (1 children)

that feature was probably deactivated, just like the feature on github which prevents uploading of SSH keys that had been explicitly disabled

[–] LovableSidekick@lemmy.world 6 points 1 month ago

No, I just checked - it's part of github's "Secret Scanning", which checks pushes for secret values and notifies partner services (like Discord) to deactivate them.

[–] mynameisbob@lemmy.ml 6 points 1 month ago

U.S. Cybersecurity Agency == Chat_gipity_techno_turds or short version doge_after_birth... like top jorb in the land man...or should be. Always running from or running to. Constipation or diarrhea

[–] sp3ctr4l@lemmy.dbzer0.com 5 points 1 month ago

Fast. Cheap. Good.

At best, pick 2.

This applies to code and coders as well, despite management's inability to comprehend reality.

[–] Monte_Crisco@thelemmy.club 4 points 1 month ago

And, when mainstream media periodically interviews republican congressmen who happen to be opposed to the Trump admin’s latest corruption/idiocy, why the hell do they never ask “Since you’re against these illegal/irresponsible actions… what the flying F are you gonna do about it?”

[–] wewbull@feddit.uk 4 points 1 month ago* (last edited 1 month ago) (2 children)

...but remember, everything needs to be written in memory safe languages to stop security breaches.

[–] gnufuu@infosec.pub 6 points 1 month ago* (last edited 1 month ago)

"I might get mugged in a dark alley, so why should I bother locking my door at home?"

[–] smeenz@lemmy.nz 3 points 1 month ago

Security breeches stop your phone falling out while riding a horse.

[–] Professorozone@lemmy.world 4 points 1 month ago

Defund DHS.

[–] Agent641@lemmy.world 2 points 1 month ago (2 children)
[–] Bytemeister@lemmy.world 3 points 1 month ago

A container of sweet stuff that you get stuck in.

Basically, a system full of juicy looking data that takes forever to collect and process... And then it was all fake data the whole time.

Plus, you can hide some real info, like the name of the machine compromised, or info about the attacker's system in the data, and then when it gets compromised, sold on the black market, and eventually published, you can reference the leaked data to see exactly which system the hackers got into, and get some insights on how they did it.

[–] getFrog@piefed.social 2 points 1 month ago

huh, so they've never used npm?

[–] cadekat@pawb.social -3 points 1 month ago (1 children)
[–] homesweethomeMrL@lemmy.world 3 points 1 month ago

Government contractors were a mistake

[–] Feathercrown@lemmy.world -4 points 1 month ago (4 children)

What are the odds this was AI related vs some underpaid intern

[–] homesweethomeMrL@lemmy.world 6 points 1 month ago

I’m sure that will be an excuse but no, this was lazy-ass we-dont-wanna incompetent garbage devs.

[–] Hawke@lemmy.world 3 points 1 month ago (1 children)

Odds are neither and it’s a “plausibly deniable” attack.

[–] frongt@lemmy.zip -1 points 1 month ago

Or worse, both

load more comments (2 replies)
load more comments
view more: ‹ prev next ›