The ASTM Group in the US suffered a ransomware attack linked to the threat actor coinbasecartel. Incident disclosed on April 18, 2026. Claims are confirmed as non-AI generated. #RansomwareAttack#BusinessServices#UnitedStates
Framingham City Posts Bot - UNOFFICIAL!@framingham-bot.bsky.social
City of Framingham (via Facebook): Volunteer to serve on a City Board, Committee, or Commission. Deadline to apply is May 15, 2026. FRAMINGHAM - The City of Framingham is seeking volunteers for several Boards, Committees and Commissions. Positions… [Link]#Framingham
White House and Anthropic CEO discuss working together amid rising fear about Mythos model: The White House and Anthropic CEO Dario Amodei met on April 18, 2026, to discuss collaboration and shared approaches to the challenges of scaling AI technology, particularly co… https://ranked.news/668559?u=b
Since Anthropic publish their system prompts we can generate a diff between Claude Opus 4.6 and 4.7 - here are my notes on what's changed simonwillison.net/2026/Apr/18/...
I Generated a Full SaaS UI in 31 Minutes — With One Prompt No Figma. No CSS. No design system. Just natural language. Designing a SaaS interface takes days: wireframes in Figma, a design system t...
NIST’s NVD is scaling back CVE enrichment due to resource limits, prioritizing key vulnerabilities. Cyber teams must rely more on automated tools and faster patching to address gaps in coverage. #NIST#VulnerabilityManagement#USA
What can you do when thoughtfully designed RAG pipelines fail as a result of chunking issues? Priyansh Bhardwaj explores the stakes and tradeoffs around a key step in LLM workflows.
Unlocking iOS Zero-Days: Inside MobileHackingLab’s Exploitation Series That Experts Can’t Solve + Video
Introduction: Most public iOS security content barely scratches the surface—real-world exploit chains like Corona and Darksword reveal a depth of complexity that few trainings address.…
Towards Zero Rotation and Beyond: Architecting Neural Networks for Fast Secure Inference with Homomorphic Encryption (Yifei Cai, Yizhou Feng, Qiao Zhang, Chunsheng Xin, Hongyi Wu) ia.cr/2026/730
Why doesn't Anthropic just align Mythos to never do bad cyber and then release it open source. Do they not believe in alignment. Isn't their whole thing being the alignment lab.
OpenAI loses three executives in one swoop as restructuring reshapes its product lineup
OpenAI announced the departure of three high-profile executives as the company undergoes restructuring. The changes come as OpenAI shifts focus toward coding tools and enterprise customers…
Blending old-school HUMINT with modern cyber! A trusted source still matters, but now AI, metadata, and human-machine teaming help verify leads faster and uncover threats before they reach American streets, airports, or power grids. #CIA#HUMINT#NationalSecurity www.executivegov.com/articles/cia...
Google DeepMind's Raia Hadsell explores the future of AI, highlighting Gemini models, probabilistic weather forecasting with GenCast, and interactive 3D world generation via Genie 3.
Which iPhones should you avoid in 2026? Understanding Apple's vintage list, support timelines, and what it means for your device can save you a headache.
“Verizon's 2024 Data Breach Investigations Report shows that 68% of all breaches in 2023 involved the human element. But organizations have not evolved their approach to addressing human risk, said Masha Sedova, VP, human risk strategy, Mimecast.” www.bankinfosecurity.com/hrm-crisis-8...
Unlocking Azure Security Secrets: How GlobalAzureGr Reveals Next-Gen AI and Cloud Hardening Techniques + Video
Introduction: Global Azure events bring together experts from across the technology spectrum—from AI engineering to cybersecurity forensics. With speakers covering everything from…
“A broad mix of attackers are abusing Microsoft 365 mailbox rules as a stealthy method to quietly manage email flow by deleting, hiding, forwarding or marking messages as read without alerting victims.” www.scworld.com/news/microso...
OWASP APTS: The First Global Standard to Cage Rogue AI Pentesters – And How to Build Your Own Autonomous Hacking Bot + Video
Introduction: Autonomous penetration testing leverages artificial intelligence to automatically discover, exploit, and chain vulnerabilities without human intervention.…
Poland's energy grid was hit by a cyberattack using wiper malware, exposing vulnerabilities in critical infrastructure and stressing the urgent need for stronger cyber defenses.
On the All In podcast, a Silicon Valley investor praises Anthropic for not releasing a dangerous model, then uses that as evidence that regulation isn't needed. In the latest @NonZeroNews.bsky.social I examine his logic. www.nonzero.org/p/why-altman...
WEF Warns: Critical Infrastructure Under Siege – Your 5-Step Cyber Hardening Guide Against Nation-State Attacks + Video
Introduction: The World Economic Forum (WEF) has reported a sharp increase in cyber attacks targeting U.S. critical infrastructure sectors, including energy, water, and…
Lately, the Cybersecurity and Infrastructure Security Agency (CISA) has been buried under troubling headlines. Steep workforce reductions. $700 million 2027 budget cut. Leadership uncertainty. Impacts from the months-long partial government shutdown. Canceled 20… #hackernews#news
Proactive EDR Development: How to Stop Ransomware Before It Strikes – The Mindset Shift Every SOC Analyst Needs + Video
Introduction: Traditional cybersecurity operates on a reactive model – wait for an alert, then respond. But in the era of ransomware that encrypts terabytes in minutes, waiting…
The ransomware group coinbasecartel claims to target "Evict them for me," encrypting business data and demanding ransom. No country specified in this April 2026 incident. #RansomwareAttack#DataEncryption#BusinessServices
The meeting comes after tensions have run hot between the Trump administration and the safety-conscious Anthropic, which has sought to put guardrails on the development of AI.
if anthropic knew what was good for them they would:
- stop boris from posting on the internet
- force the claude code team to work in non-anthropic repos with non-internal versions of models, only using those that are GA
- stop boris from posting on the internet
Why Buying a Cisco Switch Without a Rack is a Security Nightmare: The Hidden Risks of Incomplete Infrastructure + Video
Introduction: A popular tech meme shows a child happily receiving a Cisco switch while the punchline demands specificity—because a standalone switch without a proper rack,…
Why having “humans in the loop” in an AI war is an illusion
The legal battle between Anthropic and the Pentagon highlights growing concerns over AI's expanding role in military operations beyond traditional intelligence analysis. In the current conflict with Iran, AI…
According to this post (from David Shapiro), Anthropic's Mythos model has 10 trillion parameters and uses a mixture-of-experts architecture. I don't know about all of you but -- 10 trillion parameters! Holy moly, I had no idea models had gotten that large.
30 Essential AI Cybersecurity Terms: Master the Future of Threat Defense Before Hackers Do + Video
Introduction: Artificial intelligence is revolutionizing cybersecurity, but it also introduces novel attack surfaces and defensive strategies. From adversarial machine learning to LLM prompt…
Sumeru AI CTF 2026 Writeup I recently completed Sumeru AI CTF 2026 , a challenge series focused on practical AI security testing. Unlike traditional web exploitation labs, this CTF revolved around ...
Postman Secret Scanning: A Practical Guide to Finding Exposed APIs One public Postman workspace exposed the full chatbot infrastructure of a government service — endpoints, authentication flo...
Top 10 Remote Job Sites to Land a USD-Paying Tech Role in 2026 (Plus AI Tools to Automate Your Search) + Video
Introduction: The global shift toward remote work has permanently altered the technology employment landscape, with millions of positions now accessible from anywhere in the world. For…
SOC Analyst Blueprint: Master SIEM, Threat Hunting & Purple Teaming in 2026 + Video
Introduction: A Security Operations Center (SOC) Analyst is the first line of defense against cyber threats, requiring mastery of networking, operating systems, SIEM platforms, and incident response frameworks. The…
Claude Opus 4.7 doubles down on coding + agentic tasks, vision, and document reasoning. See benchmark takeaways vs GPT-5.4 / Gemini 3.1 Pro in the article. techglimmer.io/claude-opus-... #Claude#AI#Coding
15,704 Words of System Prompt Exposure: How AI Leakage Unlocked Critical Bug Bounty Vulnerabilities + Video
Introduction: System prompts are the hidden instruction sets that govern large language model (LLM) behavior in AI-powered applications. When these prompts are accidentally exposed—via…
Appfigures: app releases across the App Store and Google Play grew 60% YoY in Q1, with App Store releases alone up 80%, possibly driven by AI coding tools (Sarah Perez/TechCrunch)
Poland's power grid faced a cyberattack impacting 30 facilities, revealing vulnerabilities in critical infrastructure and underscoring the need for greater resilience in our interconnected world.
Rocket.Chat is a secure, self-hosted alternative to Slack/Discord. It offers real-time messaging, video calls, and file sharing with end-to-end encryption and full data control. Perfect for organizations prioritizing security and sovereignty.
AI platform ACSI scores lag airlines, social media and mortgage brokers bit.ly/488gwaa The inaugural American Customer Satisfaction Index (ACSI) scores for AI platforms are decidedly mixed with an overall score of 73 on a scale of 0 to 100. Google's Gemini led AI platforms with a score of 76.
ICS/OT Pentesting Unleashed: The Ultimate 2026 Tool Guide for Critical Infrastructure Hackers
Introduction: Industrial Control Systems (ICS) and Operational Technology (OT) environments are the backbone of critical infrastructure, yet they remain dangerously exposed to cyber threats. Unlike…
Google’s Rust DNS Parser Revolution: Why Memory Safety Just Became Your Phone’s New Bodyguard + Video
Introduction: DNS (Domain Name System) queries are the internet’s phonebook, but traditional parsers written in C/C++ have suffered from memory safety vulnerabilities like buffer overflows for…
Expo, which develops an eponymous React Native framework and provides cloud services for building cross-platform apps, raised a $45M Series B led by Georgian (Maria Deutscher/SiliconANGLE)
JPMorgan’s 10 Cyber Commands: Why Your Legacy Systems Are a Ticking Time Bomb in 2026 + Video
Introduction: As AI-driven threats accelerate from months to milliseconds, technical debt and shadow IT have transformed from operational annoyances into critical vulnerabilities. JPMorgan Chase’s latest…
A look at the AI nonprofit METR, whose time-horizon metrics are used by AI researchers and Wall Street investors to track the rapid development of AI systems (Kevin Roose/New York Times)
Claude Code command injection flaws rated CVSS 9.8 and Opus 4.7s hidden tokenizer costs headline todays AI digest alongside Cerebras IPO plans and new open-weights models.
Stuxnet 20 Is Coming: How a 15-Year-Old Cyber-Weapon Still Defines the Future of OT Warfare + Video
Introduction: The first digital weapon engineered to cross the air gap and physically destroy industrial equipment remains the most significant ICS/SCADA attack ever documented. Stuxnet was a joint…
I didn't coiple it to the outages. But they did mention it was slower and more demanding. I could see product and capacity reasons to not release it and instead hold on to it for a bit and beat the hype drum and "we are very responsible and our model is dangerous" drum.
30-Second Cyber Deployment: How Foldable Security Architectures Revolutionize Incident Response + Video
Introduction: In cybersecurity, the ability to deploy defensive or offensive tools in under 30 seconds can mean the difference between containing a breach and suffering a catastrophic data loss.…
I’ll be honest, I’ve bought Raspberry Pi HATs I barely used. Some looked amazing on paper but didn’t fit my projects at all. With so many boards out there, it’s easy to get distracted, so I decided to focus only on the ones that truly make a... #raspberrypi #linux
IAM isn’t mature if one compromised identity can roam your cloud.
Least privilege ≠ containment. PAB is the missing control. medium.com/google-cloud...
How to Authenticate a Non-Deterministic Computation: Shift-Hiding Functions, Compressed LWE Sampling, Broadcast Encryption, and Obfuscation (Damiano Abram, Giulio Malavolta, Lawrence Roy) ia.cr/2026/741
Mastering Network Pentesting: 5 Essential Techniques Every Infosec Pro Should Know + Video
Introduction: Network penetration testing simulates real-world attacks to identify vulnerabilities before malicious actors exploit them. With the rise of remote work and cloud‑native architectures,…
IEC 61850 Digital Substations Under Attack: How to Harden the Process Bus Against Cyber Threats (2026 Guide) + Video
Introduction: The shift from conventional hardwired substations to IEC 61850‑based digital substations introduces immense operational efficiency but also expands the cyber attack…
How to Hack Like a Pro: The One Nmap Command That Reveals Every Hidden Vulnerability on Your Network + Video
Introduction: Network reconnaissance is the first and most critical phase of any penetration test, yet many security professionals overlook the power of advanced port scanning techniques.…
Your Email Gateway is a Lying SOC Sensor Unless You Do THIS – BEC, DLP & SIEM Integration Deep Dive + Video
Introduction: An email gateway is not merely a spam filter; it is the control plane between your organization’s email infrastructure and the internet. When properly configured and integrated…
An awful lot of investment went into making memory moves and copies faster/cheaper in computers. Apple used one of the oldest performance tricks in the book with their Unified memory architecture: to make something much faster, just avoid doing it. eg result ... abacusnoir.com/2026/04/18/z...
- Telegram: ` - Twitter: ` - ` - Full ` The Silent Lock Screen: Mastering Windows Credential Phishing with 14 Stealth Tools Introduction Windows systems are hardened with locks, but their primary vulnerability remains the human behind the screen. By exploiting…
MIT Sea Grant works with the Woodwell Climate Research Center and other collaborators to demonstrate a deep learning-based system for fish monitoring... Read more
I asked Gemini AI: "What is the best way to deal with CharlesVeitch on YouTube?" Charles Veitch is a controversial British YouTuber who creates content by walking through city centres, filming the public, and frequently engaging in confrontations with…
All the researchers we spoke to thought that, in the long run, AI-enabled hacking will probably help defenders more than attackers. To learn why, register to read the full story (it’s free)
Cybersecurity Career Decoded: From Entry-Level Enthusiasm to CISO Baldness – And How to Survive Every Stage + Video
Introduction: The journey from a junior security analyst to a Chief Information Security Officer (CISO) is rarely linear—it’s a transformation marked by increasing responsibility,…
The meeting comes after tensions have run hot between the Trump administration and the safety-conscious Anthropic, which has sought to put guardrails on the development of AI.
Boston Metro Weather Forecast Bot@boston-4castbot.bsky.social
NWS Boston (via Facebook): Widespread rain showers today. Some embedded thunderstorms are also possible this afternoon. Rain should clear by tonight as the front pushes through, replaced by gusty NW winds. Some scattered showers are possible again Monday afternoon. [Link]#MaWX
AI con continues: "Our new model is good, so dangerous, that we can't show it to you. But you have to trust us ... " Corporate media and youtube clickbait hunters going crazy ... What a clown show ...
RCE Hunting: 5 Overlooked Parameters That Could Give Attackers Full Server Control + Video
Introduction: Remote Code Execution (RCE) remains one of the most severe vulnerabilities in web applications, often stemming from seemingly innocent user-supplied parameters that reach system shells.…
frontier agents score about half as well as phds on multi-step scientific work — great at single-prompt tasks, fall apart at anything requiring sustained reasoning
OpenAI and the reinvention of email My view: for a European customer/dev, the top setting is not one switch, it is identity separation first. If you want the strongest practical baseline, I would c...
Dr J Rogel-Salazar Mastodon:@quantum_tunnel@me.dm@quantumtunnel.bsky.social
Anthropic just shipped Claude Opus 4.7. Same price as 4.6, sharper coding, better vision — and one change that will quietly break your prompt library: it now takes you literally. Here's what actually matters, what's going to cost you more in tokens, and whether it's worth switching today.
Introduction: Networking fundamentals form the backbone of every cybersecurity defense—misconfigured routers, unsecured switches, and poor IP management are how attackers move…
Google DeepMind's Gemini Robotics-ER 1.6 is now reading industrial gauges and navigating physical spaces autonomously. The line between digital AI and physical automation is dissolving -- fast. The question is not whether your workflows will be touched by this. It is whether you will be ready.
Millennium Dental Technologies, a US-based healthcare company known for the PerioLase MVP-7, reported a ransomware attack by the threat actor "termite," involving system encryption and data exfiltration. #Ransomware#Healthcare#UnitedStates
CYBERUK ’26: UK lagging on legal protections for cyber pros | CyberUp Campaign urges the government to keep focus, and proposes a four-pillar framework that would protect cyber professionals from prosecution | Computer Weekly
I found hidden gaps in my Google Account security and fixed them right away Your Google Account might not be as secure as you think I don’t usually think about my Google Account security until a ...
The Government has warned that every business in the UK must step up its cyber defence in the wake of a new generation of potentially dangerous AI models heralded by Anthropic’s superhacker LLM, Mythos.
Here is Toby "helping" me write this week's edition of my cybersecurity newsletter. Sign up before it goes out later this morning! this.weekinsecurity.com
The NIST narrows its National Vulnerability Database priorities to CVEs in CISA's known exploited catalog, to deal with a backlog after its 2024 funding lapse (Matt Kapko/CyberScoop)
The Robotics Apocalypse: How GenAI Is Weaponizing ROS Vulnerabilities & Why Your Factory Floor Is Next + Video
Introduction: Modern industrial and service robots—powered by the Robot Operating System (ROS)—are becoming prime cyber-physical targets as Generative AI lowers the barrier to…
Can all y'all actually make some positive improvements to Gemini please? I asked for an image this morning based upon my own IP, and after 2 hours of your AI hallucinating it gave me the attached screenshot, "declining" to try any further.
I spoke with Punchbowl News about my new bipartisan bill that uses AI to block foreign cyberattacks before they hit while also keeping our digital world safe.
OpenAI study says India is a Top-5 AI nation, but only in big cities – The OpenAI report 2026 is based on usage data from ChatGPT Plus subscribers across India. The study does a good job of where and how deeply AI has actually taken root in India. India ranks... https://tinyurl.com/2y9hk7xt#Openai
OpenAI has launched new models in the GPT-5 family, including GPT-5.4 Mini and Nano, designed to boost performance and accessibility. These updates aim to enhance AI capabilities in a more efficient format.
Anthropic, are you serious? I’ve got 100% session usage left and only 21% used for the week, yet your Windows desktop app says I’ve hit my limit. Come on.
The updated Claude desktop app feels like a step backwards. No wonder Theo’s complaining.
Sashimono Security: Build Attack-Resistant Systems with Zero-Trust Joints and No Nails
Introduction: In cybersecurity, the strongest defenses mimic nature and ancient craftsmanship. The Japanese woodworking technique known as sashimono creates furniture without nails, screws, or glue, relying…
Quick tip for food creators: stop paying agencies for a website. This recipe app has My Recipes, Recipe of the Day, Discover with curated collections. Built in one Emergent.sh session with AI. Vibe coding ships in days now. https://app.emergent.sh/landing/?via=humai
No browser needed. This is in response to "one of the most turbulent times in enterprise software history" -> Salesforce announces Headless 360, an initiative that will give AI agents access to Salesforce's platform capabilities through APIs, MCP tools or CLI commands
