1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. Detailed analysis of DNS rebinding attacks in Chrome and Saf…
Detailed analysis of DNS rebinding attacks in Chrome and Safari browsers explains how attackers exploit DNS prioritization and delay mechanisms to switch victim connections from public to private IP addresses, enabling data leaks via rebinding.
Category: Newsletter
4. Mandiant exposed a critical authentication bypass in Triofox…
Mandiant exposed a critical authentication bypass in Triofox (CVE-2025-12480) allowing attackers to manipulate the Host header to gain admin page access, create accounts, and execute arbitrary high-privilege scripts. Organizations are urged to patch and audit configurations immed
Category: Newsletter
5. The EU’s leaked “Digital Omnibus” proposal aims to shift coo…
The EU’s leaked “Digital Omnibus” proposal aims to shift cookie tracking from opt-in to opt-out, permit AI training on personal data under “legitimate interest” without consent, and narrow sensitive data protections, raising privacy concerns among advocates.
Category: Newsletter
6. North Korean APT37 actors target South Korean users via Kaka…
North Korean APT37 actors target South Korean users via KakaoTalk spear-phishing with digitally-signed MSI files to deploy RATs, steal credentials, access Find Hub for GPS tracking, and remotely wipe Android devices via factory resets, preventing recovery.
Category: Newsletter
7. Critical vulnerabilities discovered in Ollama and NVIDIA Tri…
Critical vulnerabilities discovered in Ollama and NVIDIA Triton Inference Server could allow remote code execution, exposing AI infrastructures to attack. These flaws are now fixed, highlighting a shift from model attacks to infrastructure-level security research.
Category: Newsletter
8. A computational Turing test analyzes affective language patt…
A computational Turing test analyzes affective language patterns to identify AI-generated social media content with 70-80% accuracy.
Category: Newsletter
9. The OWASP Top 10 list has been updated, featuring two new ca…
The OWASP Top 10 list has been updated, featuring two new categories, consolidation of SSRF into Broken Access Control, and expanded scope on supply chain security.
Category: Newsletter
10. Synology has urgently patched CVE-2025-12686 in BeeStation OS 1
Synology has urgently patched CVE-2025-12686 in BeeStation OS 1.3.2-65648, with immediate upgrades recommended due to lack of alternative mitigations.
Category: Newsletter
11. Datadog achieved $100 million ARR by embedding deep customer…
Datadog achieved $100 million ARR by embedding deep customer focus from inception, including extensive user interviews before coding, month-to-month sales to detect churn early, and a culture prioritizing early identification and fixing of issues.
Category: Newsletter
12. Over 150 entrepreneurs and investors have criticized the pro…
Over 150 entrepreneurs and investors have criticized the proposed UK government 20% exit tax on founders relocating abroad, warning it will harm competitiveness and drive talent away amid existing capital gains tax increases.
Category: Newsletter
13. Insights from Sam Gerstenzang’s experience at Stripe highlig…
Insights from Sam Gerstenzang’s experience at Stripe highlight that operating well is a continuous process involving decisions, communications, and iteration to achieve peak performance.
Category: Newsletter
14. The founder letter remains a uniquely human marketing tool t…
The founder letter remains a uniquely human marketing tool that builds trust through storytelling and emotional resonance, differentiating it from formulaic or AI-generated content.
Category: Newsletter
15. A founder’s detailed account of a 14-month fundraising journ…
A founder’s detailed account of a 14-month fundraising journey reveals the messy, non-linear nature of raising $45 million from 12 investors by pitching repeatedly and addressing objections.
Category: Newsletter