Srsly Risky Biz: Europe Wants To Wean Itself Off US Tech

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by SpectreOps. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via

Risky Bulletin: Meta says NSO violated court order with new campaign targeting WhatsApp

In other news: Security incident at France's Tchap messenger; Putin cuts some Kremlin security cameras; Russia bans foreign login services.

Risky Bulletin: RubyGems adds dependency cooldowns to counter supply chain attacks

In other news: AT&T and IBM accused of hiding foreign hacks; Cisco warns of a new SD-WAN zero-day; Google layoffs hit security teams.

Risky Bulletin: The EU debuts digital sovereignty plan

In other news: American law firm pays a $20m ransom; authorities take down millions of email and social media scam accounts; new HTTP/2 Bomb attack.

Srsly Risky Biz: NATO's Cyber Approach Needs Change

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Truffle Security. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing

Risky Bulletin: A tenth of all new domains last year were malicious

In other news: Hackers hijack Instagram accounts with Meta's own AI; FSB unmasks Western spyware plot; Red Hat npm packages compromised.

Risky Bulletin: Russia greatly expands SORM surveillance requirements

In other news: NIST is looking for new PQC algorithms; ENSOC launches in Europe; new PAN firewall bug exploited in the wild.

Risky Bulletin: Dutch police take down giant botnet of 17 million devices

In other news: US military staff tracked with adtech location data; Google engineer arrested for Polymarket bets; unpatched bugs in Gogs and Casdoor IAM.

Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure

In other news: Hackers breach Lithuania's state registry; security firms take down Glassworm botnet; CERT India releases strict patching guideline.

Risky Bulletin: Mythos found thousands of critical bugs

In other news: Hackers breach Russia's SDA disinfo group; GitHub rolls out new npm security features; bulletproof hosting providers raided in the Netherlands.

Risky Bulletin: Microsoft ends SMS MFA for personal accounts

In other news: GitHub hacked via VS Code extension; CISA to let researchers submit new KEV entries; SMS blaster detained at Eurovision.

Srsly Risky Biz: Politicians to Ditch Signal for Homegrown Apps

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by Push Security. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing

Risky Bulletin

Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs

In other news: CISA contractor leaks GovCloud keys; vulnerability exploitation is now the dominant entry vector; Drupal readies security updates for "highly critical" bug.

Risky Bulletin

Risky Bulletin: Indonesia emerges as a new hub for cyber scams

In other news: Grafana hacked and held for ransom; Fast16 malware targeted nuclear explosion simulation software; a new Exchange zero-day is under attack.

Risky Bulletin

Risky Bulletin: Shai-Hulud goes open-source

In other news: Dream Market admin charged after major OPSEC failure; France investigates Israeli disinfo firm; Composer rushes to fix GitHub token leak.

Seriously Risky Business

Srsly Risky Biz: The AI Regulation Knife Fight

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Patrick Gray. This week's edition is sponsored by Knocknoc. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via

Risky Bulletin

Risky Bulletin: RubyGems disables sign-ups after attack on staff

In other news: Instructure paid the ransom; The Gentlemen RaaS gets hacked; another major supply chain attack on npm (yawn).

Risky Bulletin

Risky Bulletin: FCC relaxes foreign router ban to allow for security updates

In other news: ShinyHunters disrupts schools across US; 21-year-old RCE found in FreeBSD; and another Linux zero-day LPE.

Risky Bulletin

Risky Bulletin: Google patches Android remote takeover bug

In other news: Palo Alto Networks discloses a firewall zero-day; Ivanti also patches one; leak exposes Russia's spy and hacker school.

Seriously Risky Business

Srsly Risky Biz: After Mythos, US Government Weighs AI Model Regulation

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by PortSwigger. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via

Risky Bulletin

Risky Bulletin: Extremely targeted supply chain attack hits DAEMON Tools

In other news: Australia gets its own CSRB; VOIP server hacker arrested after 17 years; Oracle switches to monthly security updates.

Risky Bulletin

Risky Bulletin: DigiCert hacked with a malicious screensaver file

In other news: Ransomware negotiators get four years in prison; Trellix discloses security breach; another Russian hacker arrested while vacationing in the wrong place.

Risky Bulletin

Risky Bulletin: The mysterious hack of Moldova's healthcare database

In other news: Scam compounds raided in Dubai; Copy Fail vulnerability impacts Linux distros going back to 2017; major cPanel bug exploited in the wild.

Seriously Risky Business

Srsly Risky Biz: US Vows to Fight Distillation Attacks

Your weekly dose of Seriously Risky Business news is written by Tom Uren and edited by Amberleigh Jack. This week's edition is sponsored by runZero. You can hear a podcast discussion of this newsletter by searching for "Risky Business News" in your podcatcher or subscribing via