AI eyes scanning for bugs create a worrisome Linux security trend
Dirty Frag, Copy Fail, and Fragesia show the new reality
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Laravel-Lang PHP Packages Compromised to Deliver Cross-Platform Credential Stealer
Cybersecurity researchers have flagged a fresh software supply chain attack campaign that has targeted multiple PHP packages belonging to Laravel-Lang to deliver a comprehensive c…
UK MPs slam digital ID rollout as a 'fiasco' after botched launch
Government's 'rushed' plans damaged public confidence before ministers had even explained how the system would work
The Virtual OS Museum opens its doors
A massive compilation of historic OSes and the emulators to run them
LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
A maximum-severity security vulnerability impacting LiteSpeed User-End cPanel Plugin has come under active exploitation in the wild. The flaw, tracked as CVE-2026-48172 (CVSS scor…
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (K…
Feds unwittingly leak pilots' pre-crash conversation
Release of spectrogram of cockpit recorder audio allows conversation recovery with 'emerging' decades-old tech
Minor edits to AI skills can make agents go rogue
Text is the new attack
A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets
Hey, Gemini, how much can we earn from one pump-and-dump cycle?
Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
The South Pacific Regional Fisheries Management Organization (SPRFMO) needs to regulate squid fishing in the South Pacific. As usual, you can also use this squid post to talk about…
Zuck defends monitoring employees to win AI race in purported leaked audio
Limping Llama model needs a crutch made of surveillance tools
Megalodon chums the waters in 5.5K+ GitHub repo poisonings
Will Jason Statham save us?
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups
Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomw…
IBM plans $2B quantum chip foundry; government will pay half
The US government has awarded IBM $1 billion to help establish the first purpose-built quantum chip fabrication unit in the US. The Trump administration’s investment is being match…
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, …
Drupal Vulnerability in Hacker Crosshairs Shortly After Disclosure
Drupal is warning users that it has already seen attempts to exploit CVE-2026-9082 and security firms are seeing attacks against thousands of websites. The post Drupal Vulnerabilit…
Datacenter builders face an impossible quandary: Demand to the left of me, protests to the right
Wood Mackenzie analysts say bit barn operators are in a tough spot
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA …
TNO063: Automating Human-Centric NetOps is Finally Achievable
Scott sits down with Avi Freedman, CEO and co-founder of Kentik, to discuss if AI has advanced enough to automate human-centric NetOps. Together they caution against vendor hype re…
Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware
The Belarus-aligned threat actor known as Ghostwriter (aka UAC-0057 and UNC1151) has been observed using lures related to Prometheus, a Ukrainian online learning platform, to targe…
HN828: How Selector Unifies Cloud and On-Prem Network Observability (Sponsored)
Selector is extending its AI-driven network observability capabilities into public clouds. On today’s sponsored episode, we dig into how Selector gathers and analyzes public cloud …
As memory prices squeeze enterprise buyers, Lenovo laughs all the way to the bank
Switch to premium devices pays off as PC giant post record record, just don't ask about cheap laptops
Akamai Joins Growing Chorus of Vendors Betting Big on Secure Enterprise Browsers
When Akamai announced its LayerX acquisition, the company joined a growing list of vendors adding secure enterprise browsers to their product portfolios.
Former US execs plead guilty to aiding tech support scammers
Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide. [...]
Media giant settles for $930k with FTC over allegations it lied about eavesdropping on conversations through smart devices
Cox Media Group allegedly sold a bogus AI-powered snoopfest service
Cisco: AI traffic is radically reshaping WANs
AI agents generate up to 450% more network traffic than humans can, and they’re beginning to reshape network traffic patterns in measurable ways. Enterprise network traffic wit…
Microsoft lets users exile floating Copilot button after interface rage
Listening to your customers? Who are you, and what have you done with Microsoft?
In Other News: Industrial Router Exploitation, CISA KEV Nomination Form, Gas Station Hacking
Other noteworthy stories that might have slipped under the radar: CISA contractor exposes credentials, Mythos testing and new features, Huawei router flaw triggered telecom blackou…
CISA Security Leak
Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to s…
Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems. [...]