Risky Bulletin: Microsoft ends SMS MFA for personal accounts
In other news: GitHub hacked via VS Code extension; CISA to let researchers submit new KEV entries; SMS blaster detained at Eurovision.
Srsly Risky Biz: Politicians to Ditch Signal for Homegrown Apps
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Push Security. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing
Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs
In other news: CISA contractor leaks GovCloud keys; vulnerability exploitation is now the dominant entry vector; Drupal readies security updates for "highly critical" bug.
Risky Bulletin: Indonesia emerges as a new hub for cyber scams
In other news: Grafana hacked and held for ransom; Fast16 malware targeted nuclear explosion simulation software; a new Exchange zero-day is under attack.
Risky Bulletin: Shai-Hulud goes open-source
In other news: Dream Market admin charged after major OPSEC failure; France investigates Israeli disinfo firm; Composer rushes to fix GitHub token leak.
Srsly Risky Biz: The AI Regulation Knife Fight
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. This week's edition is sponsored by Knocknoc. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin: RubyGems disables sign-ups after attack on staff
In other news: Instructure paid the ransom; The Gentlemen RaaS gets hacked; another major supply chain attack on npm (yawn).
Risky Bulletin: FCC relaxes foreign router ban to allow for security updates
In other news: ShinyHunters disrupts schools across US; 21-year-old RCE found in FreeBSD; and another Linux zero-day LPE.
Risky Bulletin: Google patches Android remote takeover bug
In other news: Palo Alto Networks discloses a firewall zero-day; Ivanti also patches one; leak exposes Russia's spy and hacker school.
Srsly Risky Biz: After Mythos, US Government Weighs AI Model Regulation
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by PortSwigger. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools
In other news: Australia gets its own CSRB; VOIP server hacker arrested after 17 years; Oracle switches to monthly security updates.
Risky Bulletin: DigiCert hacked with a malicious screensaver file
In other news: Ransomware negotiators get four years in prison; Trellix discloses security breach; another Russian hacker arrested while vacationing in the wrong place.