Author Archives: John Leyden

GreyNoise’s Glenn Thorpe counts the cost of missed opportunities On 59 occasions throughout 2025, the US Cybersecurity and Infrastructure Security Agency (CISA) silently tweaked vulnerability notices to reflect their use by ransomware crooks. Experts s… Continue reading CISA updated ransomware intel on 59 bugs last year without telling defenders→

Algorithmic bias probe continues, CEO and former boss summoned to defend the platform’s corner French police raided Elon Musk’s X offices in Paris this morning as part of a criminal investigation into alleged algorithmic manipulation by foreign powers.… Continue reading X marks the raid: French cops swoop on Musk’s Paris ops→

Azure Storage now requires version 1.2 or newer for encrypted connections Today is the day Azure Storage stops supporting versions 1.0 and 1.1 of Transport Layer Security (TLS). TLS 1.2 is the new minimum.… Continue reading Microsoft finally sends TLS 1.0 and 1.1 to the cloud retirement home→

DDoSer of ‘strategically important’ websites admitted to most charges Polish authorities have cuffed a 20-year-old man on suspicion of carrying out DDoS attacks.… Continue reading Polish cops bail 20-year-old bedroom botnet operator→

Your own personal Jarvis. A bot to hear your prayers. A bot that cares. Just not about keeping you safe OpenClaw, the AI-powered personal assistant users interact with via messaging apps and sometimes entrust with their credentials to various online se… Continue reading DIY AI bot farm OpenClaw is a security ‘dumpster fire’→

Armed Forces Bill would let troops take action against unmanned threats around defense sites Britain’s defense personnel will be given the authority to neutralize drones threatening military bases under measures being introduced in the Armed Forces Bil… Continue reading British military to get legal OK to swat drones near bases→

The group targets telecoms, critical infrastructure – all the usual high-value orgs Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which… Continue reading Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor→

The ICE-tracking service says it doesn’t store usernames or addresses ICE-reporting service StopICE has blamed a US Customs and Border Protection (CBP) agent for attacking its app and website and sending users text messages warning them that their info… Continue reading StopICE hacked to send alarming text messages, admins accuse border patrol agent of sabotage→

Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already exploiting Microsoft’s latest Office zero-day, with Ukraine’s national cyber defense team warning that the same bug is being used to tar… Continue reading Russia-linked APT28 attackers already abusing new Microsoft Office zero-day→

Your favorite menu item might be easy to remember but it will not secure your account Change Your Password Day took place over the weekend, and in case you doubt the need to improve this most basic element of cybersecurity hygiene, even McDonald’s – ye… Continue reading McDonald’s is not lovin’ your bigmac, happymeal, and mcnuggets passwords→