Picking a CRC
You send a file, but how do you know it arrived intact? In other words, how do you know that it didn’t get cut off, garbled, or changed somehow? Simplistically, …read more Continue reading Picking a CRC
PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
Google says the intruders were on the hunt for everything from drone tech to pathogens Continue reading PRC-linked spies hid inside medical and military networks for more than a year, snooping through Gmail and stealing data
⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod.
This week is the same lesson in a new form: phishing kits are easier to rent, AI names are useful bai… Continue reading ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More
Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women
Both CFAKE and SOCFAKE (CFAKE.com and SOCFAKE.com) were seized after prosecutors said they hosted nonconsensual nude digital forgeries of famous women. Continue reading Feds Seize CFAKE and SOCFAKE Over Explicit Deepfakes of Famous Women
I was jealous of these 4 iOS 27 features – then I realized my Android phone already has them
These upcoming iPhone features are highly useful, and Android users can already get in on the action. Continue reading I was jealous of these 4 iOS 27 features – then I realized my Android phone already has them
Arch Linux locks down AUR signups amid wave of malicious commits
Community repo freezes new accounts after attackers swamp it with poisoned package updates Continue reading Arch Linux locks down AUR signups amid wave of malicious commits
Maine forced to take down data breach portal after fake notices filed with authorities
The US state of Maine has taken its public data breach notification portal offline after someone submitted fraudulent breach disclosures impersonating two well-known technology companies.
Read more in my article on the Hot for Security blog. Continue reading Maine forced to take down data breach portal after fake notices filed with authorities
Windows Subsystem for Linux 3 gives developers a compelling reason to stick with Microsoft – here’s why
WSL 3 makes staying on Windows easier, especially for developers building or running Linux-based AI, container, or dev workloads. Continue reading Windows Subsystem for Linux 3 gives developers a compelling reason to stick with Microsoft – here’s why
1Password Credential Broker reduces secret sprawl through identity-based credential delivery
1Password has announced 1Password Credential Broker, a new product that securely brokers credentials, tokens, and federated access from 1Password to trusted requesters. The 1Password Credential Broker is available in private beta today, with support fo… Continue reading 1Password Credential Broker reduces secret sprawl through identity-based credential delivery
Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption
Trust3 AI has announced AgentDOS, an enterprise control plane that provides visibility into AI agents, including real-time token consumption monitoring across platforms such as Databricks Agent Bricks and Microsoft Copilot Studio. As enterprises rapidl… Continue reading Trust3 AI’s AgentDOS monitors AI agent activity, data access, and token consumption