1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. A hidden MCP API in Comet browser allows embedded extensions…
A hidden MCP API in Comet browser allows embedded extensions to execute arbitrary local commands without consent, posing significant third-party risk related to AI browser security.
Category: Newsletter
9. The anime foresaw digital privacy issues, cyber-attacks, AI-…
The anime foresaw digital privacy issues, cyber-attacks, AI-driven threats, and government-sanctioned hackers, reflecting many contemporary cybersecurity challenges.
Category: Newsletter
10. The EU plans to reduce GDPR enforcement and loosen AI Act re…
The EU plans to reduce GDPR enforcement and loosen AI Act regulations to improve competitiveness, potentially weakening privacy protections and global standards.
Category: Newsletter
11. The Sneaky 2FA Phishing-as-a-Service kit employs browser-in-…
The Sneaky 2FA Phishing-as-a-Service kit employs browser-in-the-browser attacks to present fake login pop-ups with credible address bars using HTML/CSS.
Category: Newsletter
12. A former IT contractor re-entered Houston Waste Management’s…
A former IT contractor re-entered Houston Waste Management’s network, resetting 2,500 passwords and locking out thousands of employees across the US.
Category: Newsletter
13. Twenty companies became unicorns in October 2025, adding $44
Twenty companies became unicorns in October 2025, adding $44.5 billion in value amid a normalizing funding environment favoring strong B2B SaaS firms and AI-native startups.
Category: Newsletter
14. Benedict Evans presents macro and strategic technology trend…
Benedict Evans presents macro and strategic technology trends in biannual talks, with the latest ‘AI eats the world’ slides and videos from recent conferences available.
Category: Newsletter
15. Founder energy, which can be learned, plays a critical role …
Founder energy, which can be learned, plays a critical role in recruiting talent and raising funds by demonstrating momentum and enthusiasm to employees and investors.
Category: Newsletter