r/CyberSecurityAdvice

Hello! I want to purchase the Mafex 241 Tobey Spiderman figure from the Japanese website Hobby Search. I use Google Chrome on both my PC and tablet. On both devices, after I successfully log in and go to the account settings, whether I make changes or simply review them, as soon as I press the “back to account” button, Google shows me a notification saying that “the password you just used was detected in a data breach, etc.”

The issue is that this does not appear immediately when I log in, but later when I perform only the action described above. I also change passwords, and sometimes this warning appears immediately, and other times after some time (I do not log in there daily and I have not made other purchases).

I do not use saved Google passwords, I do not use password autofill, and Google account security does not find any issues with my Google account or my accounts in general. I created another Google account and Chrome profile, and the same thing happens in exactly the same sequence as described above.

When I log in using Google Incognito mode or Microsoft Edge and follow the same steps, this message never appears. My devices are not infected with malware and are properly updated.

What is happening? Should I be worried?

By the way, the site is considered trustworthy and I will be paying with PayPal Express Checkout. After I complete the payment, is it better to remove my bank card from PayPal?

Thank you for reading this long message!

Hello, I am new to cybersecurity and would appreciate guidance on the best career path.

I am an ICT graduate. I have done mainly data networking jobs, and I am an experienced IT support. Now I want to begin my cybersecurity career focusing on penetration testing.

I am on a tight budget to get a professional certificate. For all who are in the cybersecurity industry, how can I start? I have done Introduction to cybersecurity with Cisco, so I am not yet proficient enough.

I am also afraid that AI will take any cybersecurity job. Looking forward to hearing your advice before I completely lose my mind.

I was dumb and clicked “accept” on the new privacy terms a few months back when it rolled out, with the idea that Oracle could easily scrape this information from other sources anyway (used to post constantly on Meta platforms). Since then, I posted some stuff about my mental health, some stuff with my face in it-again, stuff that they could pull from other places.

I’m an artist and unfortunately I get the most pull on TT. My question is-if I delete all the posts that are NOT art (which Oracle already has), be extremely careful what I like/reblog/save (already have been), turn off location settings and tracking on iOS, only share the photos I want to upload, don’t share camera or microphone access at any time…can I keep using the app safely?

I don’t know what they could scrape from the videos, especially since they’re stop-motion screen recordings. One of them mentions my age but you could easily find that from any ol “find a person” site if you connected it with the email I have.

Currently it’s set for deletion, but I’d really, REALLY rather not do that if there’s a safer way to do it. Thoughts?

I know everyone has problems trying with bots unsuccessfully trying to sign into their accounts with Microsoft. But I think they have my password because I have the authentication app and I keep getting notifications for sign ins from the US and Japan. This normally only happens when I sign in with my password this has never happened before and now I’ve gotten about 4 attempts in 2 days after changing my password 2 times.

One of the bigger stories right now is how advanced AI systems are being used internally by security teams to uncover huge numbers of flaws in existing software. Palo Alto reportedly found 7x more vulnerabilities than normal after testing newer AI-assisted systems, and Anthropic’s unreleased “Mythos” model is already raising concerns among financial regulators because of the kinds of infrastructure weaknesses it can identify.
What stands out is that the risk is no longer hypothetical. The fear isn’t just “AI might help hackers someday,” it’s that these tools may compress years of vulnerability discovery into weeks. A lot of organizations already struggle to patch normal findings fast enough. If AI starts surfacing flaws at machine speed, backlog management itself could become a security problem.

After panicking slightly, signing into my Microsoft, changing the password, ensuring I had 2FA still set-up and thwn changing my email password just to be safe. I finally settled down enough to check my attempted sign ins only to find, there were none. None that wasn't mine anyway. So what gives? My recovery email is linked to my brothers and vice-versa but I asked him and he hasn't tried to sign into his account.

The email is legit, it's from the same email address I got previous login codes from.

Could any app or service I'm using have tried to sign me in?

Is there a possibility that it was just a harmless mistake by Microsoft?

How do I find out if I've been hacked or if my email address has been published? It's my more official one, I use another one for things that might be shady...

What am I supposed to do?

I did check the login activity site and didn't see anything sus.

I understand that password managers and 2FA are probably more important than most network tweaks, but getting my family to change habits is hard. I can improve my own network security as I am more cautious when browsing the internet, but shared accounts, streaming accounts, school logins, and a lot more from my family members are messier. I need some advices from people managing family cybersecurity that would work, thanks!

Mandiant's new figure: attacks begin 7 days before the patch ships. Patch Tuesday is now exploit-last-Friday

Supporting stats:

71% of known exploits hit same-day as disclosure (Zero Day Clock)

40% of breaches start with an unpatched flaw (IBM)

+162% CVE volume since 2020 (Mondoo)

25,973 CVEs filed in 2026 already — heading towards 70k, FIRST.org forecasts up to 100k

And we seem to be seeing a lot of Linux and other software critical vulnerabilities lately, all thanks to AI.

Take a look at https://zerodayclock.com

Is the AI exploit apocalypse here?

Is this the end?

I’m currently a Sophomore entering my junior year of college as a Medical Laboratory Science Major. Recently I be realized that idk if that’s something I really want to do due to what I’ve heard about the limited pay. Because of this I spoke to my dad who is in cybersecurity and he recommended I do that instead. I’m just unsure what to do and need advice. How hard is cybersecurity really? Is the lid of MLS pay and moving ranks real? Should I maybe die cyber security and have a health major?Please help I have to have a decision by 11:59

Update: Ok guys after unregistering and registering myself I have decided to stick with the MLS program. It is something that I really really love and interests me. My only fear was not being paid that well but that’s not the most important thing and that may change by the time I enter the field. Additionally, someone recommended that I obtain certificates and get experience when I can in cybersecurity if I really wanted to enter the field while pursuing MLS, which is super smart! Thank you all for the help!!!

I'm de-Microsofting/de-Googling and rethinking my email setup after finding my old Outlook address in multiple data breaches. Drowning in phishing too.

What I have (all free): Proton Mail, Tuta, SimpleLogin, AnonAddy.

My use cases:

• Job applications (real name needed?)
• Government/institutional services (real identity, or can I use an alias here?)
• Everything else (real name irrelevant)

What I'm trying to figure out:

• How do you compartmentalize across these tools in practice?
• Proton vs Tuta as primary inbox?
• how do you organize aliases?
• What's your approach when an address gets found in a breach, how do you migrate cleanly?
• Any schemas that balance privacy with actually being usable day-to-day?

Free only, no paid plans. Thanks.

A few weeks ago my employer sent out a memo and instructions on how to change over from use of the authenticator app to passkey. However, they failed to mention passkey use requires temporary Bluetooth activation on personal phones/devices.

A bunch of us are really uncomfortable with this connection/exchange of data via BT from our own personal devices to our workstations -- we work for a very large corp and they aren't exactly known for respecting employee privacy.

What's the potential exposure risk for passkey via BT use in this case?

Thank you!

I want to get into help desk/ IT. I really want to leave my current job. Right now i work in security and I’ve been at my current site for 7 years and since covid the management has gone downhill micromanaging has been a pain. The turnover rate is ridiculous. I plan to return to college in the fall and work towards an A.S in Cybersecurity so I may get into an entry level position!

We are a mid-sized organization in the banking and financial sector looking to implement a PAM solution for securing privileged access and meeting compliance requirements. Previously we have evaluated solutions including delinea, miniorange, manageengine, and jump cloud.

Looking for feedback from anyone who has used or is currently using these platforms - especially regarding security, reporting, integrations, support, and overall experience.

Current Fedora Configuration:

Installation date: 21 April 2026 (27 days ago).

Info from the settings app: Fedora Linux 44, Kernel 7.0.8, Wayland display system, Secure Boot functioning correctly.

Browser: Firefox 150.0.3 with uBlock Origin, prompting where to save files, and no telemetry. Firejail sandboxing implemented manually in this way:
[Desktop Entry]
Name=Firefox (Sandboxed)
Exec=firejail --private=/home/local83/sandbox/firefox --dns=1.1.1.1 --dns=9.9.9.9 --seccomp --caps.drop=all --nonewprivs --no3d --netfilter firefox -no-remote
Icon=firefox
Type=Application
Categories=Network;WebBrowser;

Sandboxing tools I know how to use, at least at a limited degree: Firejail, Bubblejail, Flatseal.

SELinux status: enforcing and targeted (confirmed by looking at /etc/selinux/config and running the command sestatus). Working as expected (ausearch found an alert from 12 May 2026 saying that systemd-rfkill was blocked from using dac_read_search, dac_override, and the syscall openat).

Third-party game I downloaded:
bubblejail create --no-desktop-entry --profile generic TheNatureOfMagic
nano ~/.local/share/bubblejail/instances/TheNatureOfMagic/services.toml
[common]
[wayland]
[pulse_audio]
[direct_rendering]
[home_share]
home_paths = ["games/TheNatureOfMagic-PartThree-pc"]
bubblejail run TheNatureOfMagic home/local83/sandbox/games/TheNatureOfMagic-PartThree-pc/TheNatureOfMagic.sh
Verification for namespace: sudo nsenter --target 16086 --mount --pid ls -la /home

Kernel memory protections: active (confirmed through the command sestatus).

Sudo configuration hardened in this way:
Defaults env_reset
Defaults secure_path = /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
Defaults use_pty
Defaults timestamp_timeout=0

Listening services: dhcpv6.

Disabled services: cups, samba-client, ssh, llmnr-client, llmnr-tcp, llmnr-udp.

Command for disabled services:
sudo systemctl disable --now cups
sudo firewall-cmd --remove-service=samba-client --permanent
sudo firewall-cmd --zone=public --set-target=DROP --permanent
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv4" source address="224.0.0.0/4" drop'
sudo firewall-cmd --permanent --add-rich-rule='rule family="ipv6" source address="ff00::/8" drop'
sudo firewall-cmd --reload

Services that have been “unpowered” by removing usable ports through firewall-config: llmnr-client, llmnr-tcp, llmnr-udp.

Verification for listening services:
sudo firewall-cmd --list-all
sudo firewall-cmd --list-services
ss -tulpn
sudo dnf install nmap
nmap localhost

Assumptions: hardware, firmware, and kernel are not malicious; baseline security involving system integrity, lateral movement, control flow validation, memory protections, and privilege escalation is trusted but should be strengthened according to threat model.

New learned info: sandboxes can be created using Firetools Config, internet access can be blocked using Portmaster, Firejail has these flags: net=none, --memory-deny-write-execute, --private-bin, --protocol=unix,inet,inet6. None of these new learned info have been implemented yet.

Goals: learn browser hardening, learn attack surface reduction, learn SELinux, learn Firewall filtering, learn seccomp, cgroups, and namespaces, learn everything about Firejail, Bubblewrap, Flatpak, and Bubblejail. Progress ongoing for Firejail, Bubblejail, SELinux, seccomp, and namespaces.

Security constraint = reduction of achievable attacker state space. Depending on context, that reduction:
- prevents certain executions entirely;
- limits execution capabilities;
- reduces impact of compromised execution.

My mindset: former designer and tweaker of high-assurance-like security environments based on Windows, preference for least-privilege and default-deny above isolation of interaction, first-principles-driven, aware of the principles of Saltzer and Schroeder, somewhat aware of IPC pipelines, learner of Linux Assembly 64-bit, creative thinking, researcher of enforcement and execution boundaries. I believe that in-memory attacks are inevitable and can only be somewhat constrained. Control flow is mostly bypassable if the values can be overwritten or the stages of the program are jumped.

Hey guys, so I got hacked today on my MacBook. I was working on my project, when all pages froze, terminal pop up and was running a bash64 string.

I tried to close tabs, nothing responded, so I ran over the other room to unplug the WiFi modem. 4 minutes passed.

Then I completed all these steps:
- Claude AI found, killed the string, revoked all sessions
- Restarted MacBook to clear memory
- Ran Malwarebytes (free), no issues found
- Logged out from all devices
- No malicious third party app or extensions found in Chrome
- No email forwarding set in Gmail
- Changed passwords (2FA was already set), rotated API keys, deleted my bankcards

Is there anything I might have missed? Please share in comments, thank you 🙏

Don’t forget to often change your passwords, set 2FA wherever it’s possible and rotate your API keys regularly. Stay safe and happy coding Sunday.

20M , 1st I don't know where to start. On YouTube teacher is teaching in theory. I know theory is equally important but I am just studying theory.

2nd I am scared that I will not get a job . Iykyk what I am taking about. Company's layoff , entering is hard in this career. And many more.

3rd I am scared that I will be happy mentally because I have been in depression and I am still getting this thought that I am not safe in this career.

4rd I don't have many options other then this because I'm a bba student and you know this degree is just a piece of paper.

Plz help me. You don't know your one help will make my life .

Hi all, I've been having concerns when I sit in at my local McDonald's. It seems like every time I stay to eat, especially in a certain area, I have someone or something force open apps.

First few times, Discord or Instagram would open on it's own with a group join request. The group names are clearly a joke, and seemed to have a dozen members or so. This most recent visit, YouTube was forced open and started playing Rick Astley, I'm sure i dont need to tell you which song.

I can appreciate the memes and it doesn't seem entirely malicious, but I am worried about my phone being remotely manipulated. I'm not on public wifi, and I checked all my phone settings for anything regarding device and data sharing. It only happens inside this business.

Should I be worried? Any advice is appreciated.

threw my name into google last week nothing special just bored at 2am you know how it goes

first few results were my linkedin my insta whatever fine normal stuff but then I scrolled a bit and found like 6 different websites with my home address my cell number my last three apartments and even my moms name which was weird cause we dont even share a last name anymore. one of them had a picture of my house from google maps like someone could literally just show up. I work in security not like a hacker or anything but I know enough to be paranoid and this really got me thinking how easy it is

data brokers they call them, sites like whitepages spokeo radaris truthfinder fastpeoplesearch they just scrape public records voter registration property tax stuff and package it for anyone to see for like two bucks

showed my friend and he found my current address in like ten seconds from just my first name and city its insane. so I tried opting out manually from a few of them just to see if it worked

whitepages took me fifteen minutes and a phone call verification thing then I did spokeo which was easier but then I read that even after you opt out they just put your info back up after a couple months cause the public records still exist so youre basically playing a game of whack a mole forever. I dont have time for that tbh

started looking into services that do this automatically but im suspicious of giving my info to another company like isnt that the whole problem

but also I dont want to spend every three months redoing opt outs for thirty different sites. im not asking for perfect removal I know my data is probably out there forever once a breach happens its done but I want to at least make it harder for random people to find where I sleep. has anyone here used one of these services long term like six months or more did it actually help or was it just throwing money at something that cant be fixed

also what about the dark web stuff like credit monitoring is that separate or do these removal services cover that too. im tired of feeling like anyone with five bucks and my name can pull up my address lol

let me know what worked for you guys.Ty