1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. The SEC dismissed its lawsuit against SolarWinds and its CIS…
The SEC dismissed its lawsuit against SolarWinds and its CISO over alleged investor misrepresentation prior to the 2020 SUNBURST attack. SolarWinds views this as vindication with hopes of reducing industry pressure on CISOs.
Category: Newsletter
9. The FCC rescinded a mandate requiring US telecom providers t…
The FCC rescinded a mandate requiring US telecom providers to implement cybersecurity risk management plans established after the Salt Typhoon attacks. This rollback has been criticized for weakening national security amid ongoing vulnerabilities.
Category: Newsletter
10. CrowdStrike terminated an employee suspected of leaking comp…
CrowdStrike terminated an employee suspected of leaking company data to the hacking group Scattered Lapsus$ Hunters.
Category: Newsletter
11. Two British teenagers linked to the Scattered Spider hacking…
Two British teenagers linked to the Scattered Spider hacking collective pleaded not guilty to charges related to the August 2024 Transport for London cyberattack that compromised customer data and caused significant damage.
Category: Newsletter
12. iOS 27 focuses on improving software quality and performance…
iOS 27 focuses on improving software quality and performance addressing issues such as overheating, battery drain, and UI glitches seen in iOS 26. It also lays groundwork for foldable iPhones and emphasizes performance and AI features.
Category: Newsletter
13. Google plans to increase AI compute capacity over a thousand…
Google plans to increase AI compute capacity over a thousandfold within five years, requiring doubling infrastructure capacity biannually. The company, along with other major tech giants, is investing heavily in infrastructure upgrades and custom silicon to keep pace.
Category: Newsletter
14. “Evo” is a genomic language model trained on extensive bacte…
“Evo” is a genomic language model trained on extensive bacterial genomes that can generate novel and functional protein-encoding gene sequences based on prompts, demonstrating AI’s potential in synthetic biology.
Category: Newsletter
15. Scientists used focused ultrasound targeting the olfactory b…
Scientists used focused ultrasound targeting the olfactory bulb to generate sensations of smells such as fresh air and burning wood without actual odor molecules, opening new directions in olfactory stimulation technology.
Category: Newsletter