1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. Hackers exploited a zero-day vulnerability in Oracle E-Busin…
Hackers exploited a zero-day vulnerability in Oracle E-Business Suite to access Cox Enterprises’ network, exposing personal data of nearly 9,500 individuals. The breach, linked to Cl0p ransomware, was undetected for weeks with data posted on the dark web.
Category: Newsletter
9. macOS on Apple Silicon employs a hardware-rooted chain of tr…
macOS on Apple Silicon employs a hardware-rooted chain of trust using immutable Boot ROM, cryptographic hardware keys, and Secure Enclave functionality to prevent unauthorized code execution and defend against rollback and tampering throughout the boot process.
Category: Newsletter
10. AWS initial access vectors include service exposure misconfi…
AWS initial access vectors include service exposure misconfigurations and access-by-design pathways. Most organizations still use IAM users extensively. Security recommendations include auditing resource policies, enforcing ExternalId for cross-account roles, and disabling unnece
Category: Newsletter
11. Detection engineering applies software engineering technique…
Detection engineering applies software engineering techniques to proactively hunt threats. Recommendations include choosing specialization domains, mastering security principles, and leveraging curated lists of educational content for career development.
Category: Newsletter
12. Runlayer offers a secure control layer for enterprise AI, mo…
Runlayer offers a secure control layer for enterprise AI, monitoring access and usage while blocking threats in real-time. It supports Model Context Protocol for safe cross-environment AI governance.
Category: Newsletter
13. Prowler performs security assessments, audits, continuous mo…
Prowler performs security assessments, audits, continuous monitoring, and forensics readiness for AWS, Azure, GCP, and Kubernetes, including compliance with major frameworks like CIS, NIST, FedRAMP, PCI-DSS, and GDPR.
Category: Newsletter
14. Magnet offers tools for purple-team operations combining tel…
Magnet offers tools for purple-team operations combining telemetry collection with attack simulations to improve security posture and detection capabilities.
Category: Newsletter
15. Over 300 NPM packages were compromised to deploy a 10MB obfu…
Over 300 NPM packages were compromised to deploy a 10MB obfuscated JavaScript payload stealing cloud credentials and secrets. The malware propagates through stolen tokens and rogue GitHub Action runners. Users are urged to audit dependencies and rotate exposed credentials.
Category: Newsletter