AWS racks M3 Ultra Macs that boast specs you can’t currently buy
Manages to get its hands on some Mac Studio machines before the OpenClaw machine grabs them
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a newly disclosed vulnerability impacting Cisco Catalyst SD-WAN Controller to its Known Exploited …
Possible Samsung strike puts even more pressure on memory pricing
As a senior policymaker ponders whether all South Koreans should enjoy an ‘AI dividend’
Taiwan Bullet Train Hack Highlights Cybersecurity Gaps in Rail Systems
A Taiwanese student experimenting with software-defined radio technology shut down three bullet trains for nearly an hour, leading to an anti-terrorism response.
Cerebras risked it all on dinner plate-sized AI accelerators a decade ago. Today it's worth $66B
Here's a look at the tech powering the first big IPO of 2026
TeamPCP hackers advertise Mistral AI code repos for sale
The TeamPCP hacker group is threatening to leak source code from the Mistral AI project unless a buyer is found for the data. [...]
Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data
Other than Instructure execs - maybe?
Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin
Hackers are leveraging a critical authentication bypass vulnerability in the WordPress plugin Burst Statistics to obtain admin-level access to websites. [...]
_Futuristic_overlay_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
SecurityScorecard Snags Driftnet to Level Up Threat Intelligence
The acquisition looks to boost visibility into third-party ecosystems, which are becoming a bigger concern as vectors for supply chain attacks.
Sick and wrong: Ontario auditors find doctors' AI note takers routinely blow basic facts
60% of evaluated AI Scribe systems mixed up prescribed drugs in patient notes, auditors say
Maximum Severity Cisco SD-WAN Bug Exploited in the Wild
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.
Congress Puts Heat on Instructure After Canvas Outage
The House Committee on Homeland Security sent a letter about the Canvas cyberattack, the same day that the edtech company said it reached an "agreement" with the ShinyHunters cyber…
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers…
Anthropic tosses agents into the API billing pool
Limits Claude subscriptions to interactive use
OpenAI confirms security breach in TanStack supply chain attack
OpenAI says two employees' devices were breached in the recent TanStack supply chain attack that impacted hundreds of npm and PyPI packages, causing the company to rotate code-sign…
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. [...]
Network outages, power failures strain data center resiliency
Data center outages are becoming less frequent overall, but resiliency gains are slowing as data center operators face mounting pressure from AI workloads, aging power infrastructu…
IPB200: Yes, IPv6 Is Complicated. IPv8 Won’t Help
Why is IPv6 so much more complicated than IPv4? Could a newer version such as IPv8 be the solution? Guest Brian Carpenter joins our hosts to explain that many of IPv6’s complicatio…
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerabil…
N4N055: A Wired NAC Walkthrough
Today’s topic is Network Access Control (NAC) for a wired network. To help walk us through it all is Jennifer “JJ” Jabbusch, a network security architect, public speaker, book auth…
Grad-to-be turns graduation cap into Rust-powered light show
Eric Park tells us he doesn't plan to wear his modified cap to commencement, but his code's available for anyone with no such qualms and an upcoming ceremony
Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Cybersecurity researchers are sounding the alarm about what has been described as "malicious activity" in newly published versions of node-ipc. According to Socket and StepSecurity…
ThreatsDay Bulletin: PAN-OS RCE, Mythos cURL Bug, AI Tokenizer Attacks, and 10+ Stories
Everything is still on fire. This week feels dumb in the worst way — bad links, weak checks, fake help desks, shady forum posts, and people turning supply chain attacks into some c…
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m giving a virtual talk on “The Security of Trust in the Age of AI,” hosted by the Financial Women’s Associatio…
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remot…
KDE bags €1.3M as Europe realizes it might need an OS of its own
Germany's Sovereign Tech Fund backs the desktop project while public sector interest in homegrown alternatives grows
Cyber-Enabled Cargo Crime: How Cybercrime Tradecraft is Used to Steal Freight
Cargo theft now starts with phishing emails and stolen credentials, not hijackings, to reroute and steal freight from supply chains. NMFTA outlines how cyber-enabled cargo crime is…
Waymo recalls 3,800 robotaxis after one drove itself into a flood
Nothing like a partly submerged self-driving car to dampen public trust in autonomous vehicles
Five takeaways from Cisco’s blowout quarter and what it means to customers
Cisco Systems delivered a blowout Q3 FY2026 performance that surpassed even the most optimistic expectations, posting record revenue of $15.8 billion, up 12% year-over-year, with p…
UK begins antitrust inquiry into Microsoft's business software ecosystem
Brit regulator has 'heard' customers can't always 'effectively combine software from Microsoft with that of other providers'