Friday Squid Blogging: Jumbo Flying Squid in the South Pacific
The population needs better conservation. As usual, you can also use this squid post to talk about the security stories…
Security
Proton Mail Shared User Information with the Police
404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to…
Operation GhostMail: Analysis of Russian APT Exploitation of Zimbra XSS
Executive Summary Operation GhostMail is a high-stakes cyber-espionage campaign attributed to the Russian threat actor APT28 (Fancy Bear). By exploiting…
Hacking a Robot Vacuum
Someone tries to remote control his own DJI Romo vacuum, and ends up controlling 7,000 of them from all around…
What is an SSL Stripping Attack and How to Prevent It
For years, people learned to associate HTTPS with a “secure site.” When a browser connects using SSL/TLS, the traffic between…
Meta’s AI Glasses and Privacy
Surprising no one, Meta’s new AI glasses are a privacy disaster. I’m not sure what can be done here. This…
South Korean Police Accidentally Post Cryptocurrency Wallet Password
An expensive mistake: Someone jumped at the opportunity to steal $4.4 million in crypto assets after South Korea’s National Tax…
Weekly Update 495
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Chrome Security Update: Google Fixes Another Actively Exploited Vulnerability
In a race against active threats, Google Chrome has released another emergency update to patch two critical zero-day vulnerabilities, CVE-2026-3909…
Possible New Result in Quantum Factorization
I’m skeptical about—and not qualified to review—this new result in factorization with a quantum computer, but if it’s true it’s…