1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. On November 18, 2025, Cloudflare experienced a widespread ou…
On November 18, 2025, Cloudflare experienced a widespread outage due to a database permissions change generating oversized Bot Management files that caused repeated module crashes and 5xx errors, initially misdiagnosed as a DDoS attack.
Category: Newsletter
9. ServiceNow’s Now Assist AI agents can be tricked into uninte…
ServiceNow’s Now Assist AI agents can be tricked into unintended actions via second-order prompt injections, enabling privilege escalation and data theft. Organizations are advised to strengthen monitoring and implement guardrails.
Category: Newsletter
10. Approximately 50,000 outdated ASUS routers in Taiwan and Sou…
Approximately 50,000 outdated ASUS routers in Taiwan and Southeast Asia were compromised by Operation WrtHug, a suspected China-linked campaign utilizing multiple vulnerabilities to steal data stealthily for espionage purposes.
Category: Newsletter
11. Thunderbird 145 now supports Exchange Web Services natively,…
Thunderbird 145 now supports Exchange Web Services natively, enabling Microsoft Exchange account integration without third-party extensions for improved email client functionality.
Category: Newsletter
12. The US, UK, and Australia sanctioned Media Land, a Russia-ba…
The US, UK, and Australia sanctioned Media Land, a Russia-based bulletproof hosting provider linked to ransomware groups like LockBit and BlackSuit, increasing challenges for such providers.
Category: Newsletter
13. Nvidia posted record sales of $57 billion in the October qua…
Nvidia posted record sales of $57 billion in the October quarter—a 62% increase year-over-year—and projects $65 billion in the current quarter. Shares rose 6.5% in after-hours trading following the earnings report.
Category: Newsletter
14. Apple’s N1 chip, its first in-house wireless chip supporting…
Apple’s N1 chip, its first in-house wireless chip supporting Wi-Fi 7, Bluetooth 6, and Thread protocol, delivers superior upload/download speeds over prior iPhone 16 hardware, though it is not the market’s top chip.
Category: Newsletter
15. At the Progress Conference 2025, experts discussed targeting…
At the Progress Conference 2025, experts discussed targeting biological hallmarks of aging—like genomic instability and cellular senescence—to extend life. The field is nascent, progressing via unconventional research and funding models.
Category: Newsletter