Risky Bulletin: RubyGems disables sign-ups after attack on staff
In other news: Instructure paid the ransom; The Gentlemen RaaS gets hacked; another major supply chain attack on npm (yawn).
Latest
Risky Bulletin: FCC relaxes foreign router ban to allow for security updates
In other news: ShinyHunters disrupts schools across US; 21-year-old RCE found in FreeBSD; and another Linux zero-day LPE.
Risky Bulletin: Google patches Android remote takeover bug
In other news: Palo Alto Networks discloses a firewall zero-day; Ivanti also patches one; leak exposes Russia's spy and hacker school.
Srsly Risky Biz: After Mythos, US Government Weighs AI Model Regulation
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by PortSwigger. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools
In other news: Australia gets its own CSRB; VOIP server hacker arrested after 17 years; Oracle switches to monthly security updates.
Risky Bulletin: DigiCert hacked with a malicious screensaver file
In other news: Ransomware negotiators get four years in prison; Trellix discloses security breach; another Russian hacker arrested while vacationing in the wrong place.
Risky Bulletin: The mysterious hack of Moldova's healthcare database
In other news: Scam compounds raided in Dubai; Copy Fail vulnerability impacts Linux distros going back to 2017; major cPanel bug exploited in the wild.
Srsly Risky Biz: US Vows to Fight Distillation Attacks
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by runZero. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin: UK NCSC blasts SOC metrics
In other news: Vimeo got hacked; Greece wants to ban anonymity on social media; Scatter Spider hacker arrested in Finland.
Risky Bulletin: New fingerprinting technique can track Tor users
In other news: Intellexa had a secret American exploit provider; US accuses China of stealing its AI; US router ban also covers hotspots.
Risky Bulletin: There are now SIM-Farm-as-a-Service providers
In other news: Russians hack the Bundestag President; some randoms accessed Anthropic's coveted Mythos model; Plankey withdraws CISA nomination.
Srsly Risky Biz: Musk Snubs French Authorities
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Nebulock. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin
Risky Bulletin: Former FBI official calls for terrorism designations for ransomware groups that target hospitals and critical infrastructure
In other news: China threatens the EU over new cybersecurity regulations; EU puts up the funds for a sovereign cloud; mysterious data wiper found in Venezuela at the end of last year.
Risky Bulletin
Risky Bulletin: New malware tries to sabotage Israel's water system but fails because it's buggy
In other news: US government wants Mythos access; Supreme Court hacker gets no prison time; ransomware kingpin arrested in Kazakhstan.
Risky Bulletin
Risky Bulletin: NIST gives up enriching most CVEs
In other news: Russia tried to disrupt Swedish power plant; EU releases age verification app; OpenAI announces its own private cyber model.
Seriously Risky Business
Srsly Risky Biz: It Is Time to Ban Sale of Precise Geolocation
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Corelight. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via
Risky Bulletin
Risky Bulletin: Malicious LLM proxy routers found in the wild
In other news: Fake Ledger crypto-wallet stole $9.5m in two weeks; Silent group hit almost 40 law firms in a year; Google cracks down on back button hijacking.
Risky Bulletin
Risky Bulletin: France takes first steps to ditch Windows for Linux
In other news: OpenAI impacted by Axios attack; Rockstar Games hacked again; UK threatens jail time for tech execs.
Risky Bulletin
Risky Bulletin: FBI extracted Signal chats from iPhone notifications logs
In other news: LA cop data leaked online; Meta employee under investigation for downloading private photos; Adobe Reader zero-day spotted in the wild.
Seriously Risky Business
Srsly Risky Biz: American Diplomats to Fight Propaganda… on X
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Airlock Digital. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing
Risky Bulletin
Risky Bulletin: Cybercrime losses passed $20 billion last year
In other news: Authorities disrupt APT28 router botnet that intercepted email logins; Iran hacks PLCs across US; exploitation wave hits ComfyUI and Flowise AI servers.
Risky Bulletin
Risky Bulletin: New Cambodian law will put scam compound operators in prison for life
In other news: Italy's top museum moves high-value items to bank vaults after hack; exploitation wave targets Vite-based apps and sites; supply chain attack at BuddyBoss.
Risky Bulletin
Risky Bulletin: Russia will revoke licenses for unruly ISPs
In other news: Cyberattack disrupts access to newspaper archives across the US; Node.js pauses bug bounty program after funding lapse; and Apple backports DarkSword patches.
Seriously Risky Business
Srsly Risky Biz: America's Next Top (Cyber) Model
Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Knocknoc. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via