Risky Bulletin
Risky Bulletin: The EU debuts digital sovereignty plan
In other news: American law firm pays a $20m ransom; authorities take down millions of email and social media scam accounts; new HTTP/2 Bomb attack.
Risky Bulletin
Risky Bulletin
Risky Bulletin: A tenth of all new domains last year were malicious
In other news: Hackers hijack Instagram accounts with Meta's own AI; FSB unmasks Western spyware plot; Red Hat npm packages compromised.
Risky Bulletin
Risky Bulletin: Russia greatly expands SORM surveillance requirements
In other news: NIST is looking for new PQC algorithms; ENSOC launches in Europe; new PAN firewall bug exploited in the wild.
Risky Bulletin
Risky Bulletin: Dutch police take down giant botnet of 17 million devices
In other news: US military staff tracked with adtech location data; Google engineer arrested for Polymarket bets; unpatched bugs in Gogs and Casdoor IAM.
Risky Bulletin
Risky Bulletin: BadHost vulnerability bypasses authentication on AI infrastructure
In other news: Hackers breach Lithuania's state registry; security firms take down Glassworm botnet; CERT India releases strict patching guideline.
Risky Bulletin
Risky Bulletin: Mythos found thousands of critical bugs
In other news: Hackers breach Russia's SDA disinfo group; GitHub rolls out new npm security features; bulletproof hosting providers raided in the Netherlands.
Risky Bulletin
Risky Bulletin: Microsoft ends SMS MFA for personal accounts
In other news: GitHub hacked via VS Code extension; CISA to let researchers submit new KEV entries; SMS blaster detained at Eurovision.
Risky Bulletin
Risky Bulletin: Microsoft takes down MSaaS used by ransomware gangs
In other news: CISA contractor leaks GovCloud keys; vulnerability exploitation is now the dominant entry vector; Drupal readies security updates for "highly critical" bug.
Risky Bulletin
Risky Bulletin: Indonesia emerges as a new hub for cyber scams
In other news: Grafana hacked and held for ransom; Fast16 malware targeted nuclear explosion simulation software; a new Exchange zero-day is under attack.
Risky Bulletin
Risky Bulletin: Shai-Hulud goes open-source
In other news: Dream Market admin charged after major OPSEC failure; France investigates Israeli disinfo firm; Composer rushes to fix GitHub token leak.
Risky Bulletin
Risky Bulletin: RubyGems disables sign-ups after attack on staff
In other news: Instructure paid the ransom; The Gentlemen RaaS gets hacked; another major supply chain attack on npm (yawn).
Risky Bulletin
Risky Bulletin: FCC relaxes foreign router ban to allow for security updates
In other news: ShinyHunters disrupts schools across US; 21-year-old RCE found in FreeBSD; and another Linux zero-day LPE.