FBI Extracts Deleted Signal Messages from iPhone Notification Database
404 Media reports (alternate site): The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s…
Security
Attacking the MCP Trust Boundary
Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even…
ICE Uses Graphite Spyware
ICE has admitted that it uses spyware from the Israeli company Graphite.
Weekly Update 500
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Why API Discovery Is the First Step to Securing AI
TL;DR AI risk doesn’t live in the model. It lives in the APIs behind it. Every AI interaction triggers a…
Mexican Surveillance Company
Grupo Seguritech is a Mexican surveillance company that is expanding into the US.
Inside Nexcorium: How CVE-2024-3721 Fuels a New Wave of Mirai-Based DDoS Botnets
Researchers have uncovered an active IoT botnet campaign exploiting two known command-injection vulnerabilities to recruit surveillance cameras and home routers…
Is “Satoshi Nakamoto” Really Adam Back?
The New York Times has a long article where the author lays out an impressive array of circumstantial evidence that…
Friday Squid Blogging: New Giant Squid Video
Pretty fantastic video from Japan of a giant squid eating another squid. As usual, you can also use this squid…
Mythos and Cybersecurity
Last week, Anthropic pulled back the curtain on Claude Mythos Preview, an AI model so capable at finding and exploiting…