The tech oligarchs are squandering our finite natural resources so I can log on to Instagram and talk with an AI-generated chatbot named “A Literal Horse.”
Recent cases involving LinkedIn paint a portrait of an online data landscape being reshaped by technology, increasingly at speeds that challenge companies to keep up without clear legal guardrails.
Ctrl-Alt-Speech: Have Yourself A Very Meta Christmas
Ctrl-Alt-Speech is a weekly podcast about the latest news in online speech, from Mike Masnick and Everything in Moderation's Ben Whitelaw. Subscribe now on Apple Podcasts, Overcast, Spotify, Pocket Casts, YouTube, or your podcast app of choice —…
1.5 TB of VRAM on Mac Studio – RDMA over Thunderbolt 5
💥 Read this insightful post from Hacker News 📖 📂 Category: ✅ Here’s what you’ll learn: Apple gave me access to this Mac Studio cluster to test RDMA over Thunderbolt, a new feature in macOS 26.2. The easiest way to test it is with Exo 1.0, an…
Whoa, a 110ms keystroke lag blew the cover on a North Korean infiltrator inside Amazon. Not a hack; physics snitched. This is modern cyber risk; nation-states hiding in org charts, exposed by quiet signals we keep ignoring.
Security Bite: This app tells you if your Mac’s webcam or mic was triggered while you were away
セキュリティビット: このアプリは、外出中にMacのウェブカメラまたはマイクがトリガーされたかどうかを教えてくれます
Private Certificate Authority 101: From Setup to Management
Introduction Security has become a primary focus in today’s world, which is dominated by computers and technology. Businesses are always on a quest to find better ways how secure their information and messages. Another i… #hackernews#news
What cybersecurity leaders are reading to stay ahead
If you’re looking for holiday gift ideas, books remain one of the simplest ways to spark curiosity and support someone’s growth. Whether the person on your list is exploring cybersecurity, AI, engineering, or career development… #hackernews#news
The soft underbelly of space isn’t in orbit, it’s on the ground
In this Help Net Security interview, Øystein Thorvaldsen, CISO at KSAT, discusses how adversaries view the ground segment as the practical way to reach space systems and why stations remain a focal point for security… #hackernews#news
If You Add Popehat, That’s Extra@kenwhite.bsky.social
Children are being exploited. Let’s respond by dramatically hindering our ability to point out or criticize children being exploited, using methods we don’t understand because we’re old and incurious.
The #Firefox situation is absolutely infuriating. In the new #Mozillia CEO's announcement, he directly contradicts himself, still emphasizing trust, privacy, & control, but then confessing that the browser will have AI woven inescapably throughout.
1 Latvian, 1 Bulgarian crew member arrested on a ferry in the French port of Sête in a suspected Russian cyber op tasked with infecting the ship’s IT system. Such an op might endeavor to hop to French or other allied transport infrastructure. @johnleicesterap.bsky.social apnews.com/article/fran...
GPT-5's reported ability to detect vulnerabilities in code is a fascinating step. It blurs the line between AI as a creative tool and a critical security layer. The real test will be its integration into real-world dev workflows. #AI #DevSecOps #Innovation
Seeing a "no DMARC record found" error for your domain? Learn what it means, how it exposes you to spoofing and BEC, and how to move safely to p=reject. #hackernews#news
2026 Cyber Predictions: Accelerating AI, Data Sovereignty, and Architecture Rationalization
2026 marks a critical turning point for cybersecurity leaders as AI-driven threats, data sovereignty mandates, and hybrid infrastructure risks reshape the CISO agenda. Discover the strateg… #hackernews#news
Q&A with Sam Altman on OpenAI's "code red" call, enterprise strategy, product ambitions, IPO plans, ChatGPT's personalization plans, and more (Alex Kantrowitz/Big Technology)
CVE-2025-11774 - Malicious Code Execution Vulnerability in the Software Keyboard Function of GENESIS64, ICONICS Suite, Mobile HMI, and MC Works64
CVE ID : CVE-2025-11774
Published : Dec. 19, 2025, 1:16 a.m. | 1 hour, 35 minutes ago
The people who think AI is being helpful or useful in their lives are not likely to suddenly think something that's called by another name is a direct and equivalent substitute. I don't think general-purpose ("AGI") AI is either useful or possible, but they've been sold that rhetoric...
Cybersecurity 2026: Why protecting data in real time will decide who survives Attackers are no longer working manually. They are using artificial intelligence to automate attacks, break into system...
I love how the cybersecurity community consensus on this story is generally that the company deserved getting compromised for being so abusive and intrusive to their workers. www.tomshardware.com/tech-ind...
Monitoring keystroke latency is an ADA complaint waiting to happen.
This is going to become more and more popular because you can use an open source model running on your local computer and you can trust it for perfect privacy.
~Trendmicro~
A new survey finds cyber defenders' top AI-related risks are fraud and impersonation attacks.
-
IOCs: (None identified)
- #AI#Cybersecurity#ThreatIntel
INE Security Expands Across Middle East and Asia to Accelerate Cybersecurity Upskillin Cary, North Carolina, USA, December 18th, 2025, CyberNewsWire Growth in Egypt, UAE, and Kingdom of Saudi Arabi...
It seems like it has been a long time since we all held hands and got along. The progress of an accepted QKD standard will show us how fall we may have fallen.
Quantum Security Governance: Building a Framework for the Post-Quantum World Quantum security is about creating a structured approach to managing cryptographic risk in an environment where the thre...
⚠️🌐North Korea–linked to threat activity brushing up against Amazon’s ecosystem isn’t just another breach headline—it’s a glimpse into how Cloud infrastructure is becoming contested digital territory ☁️. #CyberSecurity#ThreatIntelligence#CyberLens
The latest update for #Tigera includes "How #Istio Ambient Mode Delivers Real World Solutions" and "Ingress NGINX Controller Is Dead — Should You Move to Gateway API?".
The latest update for #CultureAI includes "CultureAI Joins Microsoft's Agentic Launchpad: What This Means for the Future of #AI Usage Control" and "AI Browsers: A Security Nightmare Flipping the Board on Decades of Security Progress".
The latest update for #Simpplr includes "The enterprise #intranet security checklist: SOC 2, #GDPR, and beyond" and "The IT leader's guide to consolidating employee experience technology".
5 Hidden Costs Most Founders Overlook When Launching an NFT Marketplace
Building an NFT marketplace costs far more than development alone. Audits, security, legal compliance, infrastructure, and marketing often double the initial budget if not planned early. #hackernews#news
The latest update for #Datadog includes "From discovery to defense: Securing #APIs with Datadog App and API Protection" and "Troubleshooting Cilium network policies: Four common pitfalls".
Identity risk is changing faster than most security teams expect Security leaders are starting to see a shift in digital identity risk. Fraud activity is becoming coordinated, automated, and self-i...
The latest update for #CertKit includes "Multi-domain (multi-san) certificates and better error messages" and "How the ACME protocol automates certificate issuance".
The latest update for #WatchGuard includes "What Every Security Leader Must Prepare for in 2026" and "Introducing WatchGuard's Zero Trust Bundle: #ZeroTrust for the Way You Work".
Red Hat Buys an AI Safety Company, Promises to Open Source Its Tech The new addition brings custom AI security and safety tooling to Red Hat. The new addition brings custom AI security and safety tooling to Red Hat.
Here’s the finale of this week’s three-part Better Offline special NVIDIA series. I walk you through why there are millions of Blackwell GPUs sitting in warehouses, and why AI’s lack of any profits makes NVIDIA’s future dependent on debt. podcasts.apple.com/us/podcast/b... Linktr.ee/betteroffline
The latest update for #Teleport includes "2026 #Cybersecurity Predictions by Teleport CEO Ev Kontsevoy" and "Secure AI Agent Infrastructure with Zero-Code MCP".
Group Policy abuse reveals China-aligned espionage group targeting governments
ESET Research has identified a previously undocumented China-aligned advanced persistent threat group that uses Windows Group Policy to deploy malware and move through victim networks. The group, track… #hackernews#news
The latest update for #GitGuardian includes "Building a Multi-Agent Security Pipeline with Google's A2A Protocol and GitGuardian" and "Getting To #AWS IAM Outbound Identity Federation With GitGuardian".
It's refreshing to discover the US government's public services haven't been entirely dismantled and things like waterdata.usgs.gov/monitoring-l... are still available.
(I didn't even know this existed. I searched for it on a whim and sure enough, it's data that's collected and easily available.)
Zero Trust Architecture: Why “Trust No One” Is the Future of Security 🔐 In today’s world of cloud-native apps, remote teams, APIs, and microservices, the old security model just doesn’t ...
APT Hackers Aligned with China Use Windows Group Policy for Malware Deployment ESET researchers have uncovered a previously unknown advanced persistent threat (APT) group, LongNosedGoblin, linked ...
The latest update for #BitSight includes "CVE-2025-55182: First Days of React2Shell Exploitations" and "Practitioner Insight: 4 Best Practices for #SupplyChain Risk Resilience in Finance".
Samsung unveils the Exynos 2600, the world's first smartphone SoC built on a 2nm Gate-All-Around process, expected to power some Galaxy S26 and S26 Plus models (Adamya Sharma/Android Authority)
The latest update for #Graylog includes "Understanding Ransomware Email Threats" and "Understanding the Department of Justice (DOJ) #DataSecurity Program".
The latest update for #Tines includes "The strain of reactive infrastructure reliability" and "The secret to holiday resilience: offload the muckwork with intelligent workflows".
The latest update for #Mendit includes "Why #AppSec and Network #RiskManagement Must Be Unified in the Modern Enterprise" and "NPM User Flooding Registry with Fake Font Packages".
The latest update for #Veracode includes "Veracode 2025 Year in Review: Scaling Security for a New Era" and "A Practical Guide to Implementing #DevSecOps in Your Organization".
China-Linked LongNosedGoblin APT Abuses Windows Group Policy for Silent Cyber-Espionage in Asia
Introduction: A Trusted Windows Feature Turned Into a Spy Tool Cyber-espionage campaigns rarely succeed by brute force alone. The most effective operations hide in plain sight, blending into normal…
The latest update for #AlgoSec includes "2025 in review: What innovations and milestones defined AlgoSec's transformative year in 2025?" and "Navigating #Compliance in the #Cloud".
Explore botnets: how hackers turn everyday devices into “zombies,” control them from remote command centers, and the steps organizations can take to detect and stop these attacks.
Yann LeCun is hunting €500M to boost Nabla’s agentic AI push—valued at €3B. Meanwhile Alex LeBrun exits. Could this reshape healthcare and world‑model research? Dive into the details. #YannLeCun#Nabla#AgenticAI
extremely funny how many conversations are people who are being automated out of a job (software engineers) defending ai against people who are not (creatives)
AI isn’t one system, and your threat model shouldn’t be either In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without t...
ESET Research has identified a China-aligned APT group, LongNosedGoblin, targeting Southeast Asian and Japanese government institutions using Windows Group Policy for malware deployment and lateral movement. Detected in 2024, their operations date back to September 2023.
Min Geun Song, Gang Min Kim, Woonmin Kim, Yongsik Kim, Jeonghyun Sim, Sangbeom Park, Huy Kang Kim
Autoencoder-based Denoising Defense against Adversarial Attacks on Object Detection https://arxiv.org/abs/2512.16123
OpenMemory: Local persistent memory store for LLM applications including claude desktop, github copilot, codex, antigravity. github.com/CaviraOSS/Op...
Gabriela Wojak, Ernest G\'orka, Micha{\l} \'Cwi\k{a}ka{\l}a, Dariusz Baran, Dariusz Re\'sko, Monika Wyrzykowska-Antkiewicz, Robert Marczuk, Marcin Agaci\'nski, Daniel Zawadzki, Jan Piwnik
Data Protection and Corporate Reputation Management in the Digital Era https://arxiv.org/abs/2512.15794
NHS England provider, DXS International, confirms a cyber attack as hackers claim data was stolen. Investigations are underway to determine the extent of the breach. #CyberSecurity#NHS#DataBreach
Clop Ransomware Group Exploiting Gladinet CentreStack Servers to Steal Data The Clop ransomware group has launched a new data extortion campaign targeting Internet-facing Gladinet CentreStack file ...
CrowdSec’s Central API (CAPI) is a shared service used by all Security Engines. As usage grows, we’ve introduced rate limiting to keep CAPI reliable and responsive for everyone.
Junchi Lu, Xinke Li, Yuheng Liu, Qi Alfred Chen
Data-Chain Backdoor: Do You Trust Diffusion Models as Generative Data Supplier? https://arxiv.org/abs/2512.15769
Jamal Al-Karaki, Muhammad Al-Zafar Khan, Rand Derar Mohammad Al Athamneh
PHANTOM: Progressive High-fidelity Adversarial Network for Threat Object Modeling https://arxiv.org/abs/2512.15768
Ziyu Chen, Yitong Shen, Jingzhe Zhang, Yao Zheng, Yili Ren, Xuyu Wang, Shiwen Mao, Hanqing Guo
A Survey on Reconfigurable Intelligent Surfaces in Practical Systems: Security and Privacy Perspectives https://arxiv.org/abs/2512.15754
Following pressure from Computer Weekly and forensic investigator, the Post Office has warned subpostmasters about Horizon defect potentially at large for over 20 years....
👉 [read]
Attacker takes over multisig minutes after creation, drains up to $40M slowly
Forensic analysis suggests an attacker took control of a whale’s multisig wallet minutes after creation and has been slowly draining funds since. #crypto#news
INE Security Expands Across Middle East and Asia to Accelerate Cybersecurity Upskilling INE Security is expanding across the Middle East and Asia. The company’s unique, hands-on methodology is pr...
The rise of ultra-realistic AI face-swapping tools like Haotian is both fascinating and disturbing. This deepfake tech is now sophisticated enough to convincingly simulate live video chats - blurring the line between legitimate innovation and malicious exploitation.
Shaohua Wu, Tong Yu, Shenling Wang, Xudong Zhao
Yuan-TecSwin: A text conditioned Diffusion model with Swin-transformer blocks https://arxiv.org/abs/2512.16586
![Media from Michael Georg Speller [THE GREY APE]](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:422uaueaquotbw7ie6th23qv/bafkreialnjypnufnwkm5una4jdqrmbbzqum65b6mdii7g7ahemjletar5y@jpeg)
