1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. Kite declutters Gmail inboxes by automating responses and st…
Kite declutters Gmail inboxes by automating responses and streamlining workflows, boosting user productivity securely and efficiently.
Category: Newsletter
9. Dark LLMs like WormGPT 4 lower the barrier for cybercriminal…
Dark LLMs like WormGPT 4 lower the barrier for cybercriminals to generate malware and phishing content with some human tuning required to evade detection, increasing automation in cyberattacks and social engineering.
Category: Newsletter
10. Threat actors use commercial spyware and RATs delivered via …
Threat actors use commercial spyware and RATs delivered via phishing, fake apps, and malicious QR codes to target high-value WhatsApp and Signal users globally.
Category: Newsletter
11. Tor has upgraded its relay encryption to the Counter Galois …
Tor has upgraded its relay encryption to the Counter Galois Onion (CGO) algorithm to enhance user security and privacy protections.
Category: Newsletter
12. Cyberattacks forced shutdowns of networks and emergency plan…
Cyberattacks forced shutdowns of networks and emergency plan activations in three London councils: Kensington and Chelsea, Westminster, and Hammersmith & Fulham.
Category: Newsletter
13. CVE-2025-12816, a high-severity ASN
CVE-2025-12816, a high-severity ASN.1 validation flaw in node-forge versions 1.3.1 and earlier, has been patched to prevent attackers from exploiting malformed data.
Category: Newsletter
14. The iPhone 17 models have driven double-digit year-over-year…
The iPhone 17 models have driven double-digit year-over-year sales growth in the US and China, with improved trade relations and a weaker dollar aiding expansion in emerging markets, positioning Apple to surpass Samsung in market share.
Category: Newsletter
15. S&P downgraded Tether’s USDT stability rating to ‘weak’ due …
S&P downgraded Tether’s USDT stability rating to ‘weak’ due to increased exposure to high-risk reserve assets, lack of asset segregation, limited transparency, and redemption limitations raising concerns about undercollateralization risks.
Category: Newsletter