1. The US Congressional Budget Office confirmed unauthorized ac…
The US Congressional Budget Office confirmed unauthorized access to its networks in a suspected foreign cyberattack potentially exposing emails with congressional offices.
Category: Newsletter
2. A significant data leak from Chinese cybersecurity firm Know…
A significant data leak from Chinese cybersecurity firm Knownsec exposed cyber weapon specifications, proprietary hacking tool source code, government collaboration details, and a list of 80 compromised overseas surveillance targets.
Category: Newsletter
3. A detailed demonstration shows how an ARM-based IoT device’s…
A detailed demonstration shows how an ARM-based IoT device’s Address Space Layout Randomization (ASLR) can be bypassed using Return-Oriented Programming (ROP), enabling unauthenticated remote code execution via memory manipulation.
Category: Newsletter
4. The article advocates for redesigning systems in which AI en…
The article advocates for redesigning systems in which AI enhances meaningful signals instead of obscuring them, improving overall user experience and information delivery.
Category: Newsletter
5. Qilin ransomware group exfiltrated 300GB of data from Corner…
Qilin ransomware group exfiltrated 300GB of data from Cornerstone Staffing Solutions, including 120,000 resumes, Social Security numbers, salary data, and financial records, with threats of sophisticated phishing campaigns.
Category: Newsletter
6. EchoGram exploits gaps in training data guardrails by inject…
EchoGram exploits gaps in training data guardrails by injecting nonsensical “flip tokens” that cause false positives and bypasses in GPT-5.1, Claude, and Gemini, posing a dual threat of alert fatigue and actual malicious prompt bypasses.
Category: Newsletter
7. The RondoDox botnet leverages a vulnerability in the XWiki S…
The RondoDox botnet leverages a vulnerability in the XWiki SolrSearch endpoint, sending base64-encoded Groovy payloads via HTTP GET requests to download and execute malware. Existing IOC blocklists remain effective against this threat.
Category: Newsletter
8. Kite declutters Gmail inboxes by automating responses and st…
Kite declutters Gmail inboxes by automating responses and streamlining workflows, boosting user productivity securely and efficiently.
Category: Newsletter
9. A comprehensive guide by Google engineer Addy Osmani offers …
A comprehensive guide by Google engineer Addy Osmani offers roughly 30 tips to boost productivity with Gemini CLI, including persistent project contexts and integrations with MCP servers.
Category: Newsletter
10. Fara-7B, released by Microsoft, is a visual agentic AI model…
Fara-7B, released by Microsoft, is a visual agentic AI model that can autonomously operate computers by perceiving UIs and performing actions. It is MIT-licensed and optimized for local deployment.
Category: Newsletter
11. Black Forest Labs released FLUX
Black Forest Labs released FLUX.2, an open-weight 32B parameter model combining text-to-image with multi-reference editing, capable of generating high-quality images and running on a single RTX 4090 GPU.
Category: Newsletter
12. The agentic paper reviewer developed by Andrew Ng achieves h…
The agentic paper reviewer developed by Andrew Ng achieves human-level correlation in academic reviewing, speeding up research evaluation by generating detailed, grounded feedback based on arXiv searches.
Category: Newsletter
13. Google’s async coding agent Jules allows coding tasks withou…
Google’s async coding agent Jules allows coding tasks without requiring a GitHub repository by uploading context directly, enabling experiments and ‘napkin sketch’ style workflows in a sandboxed environment.
Category: Newsletter
14. Jarvis is a privacy-focused AI assistant offering local voic…
Jarvis is a privacy-focused AI assistant offering local voice dictation for macOS, using Deepgram Nova-3 or OpenAI Whisper STT models with API keys stored locally.
Category: Newsletter
15. An open-source, drag-and-drop workflow automation platform t…
An open-source, drag-and-drop workflow automation platform that generates production-ready TypeScript code, featuring integrations for Resend, Linear, Slack, and deployed through Workflow DevKit.
Category: Newsletter