Critical Infrastructure Alert: Patch Cisco IMC and SSM On-Prem Now!
A pair of critical vulnerabilities in Cisco server and license-management technologies, CVE-2026-20093 and CVE-2026-20160. These flaws allow attackers to bypass…
Security
Company that Secretly Records and Publishes Zoom Meetings
WebinarTV searches the internet for public Zoom invites, joins the meetings, secretly records them, and publishes (alternate link) the recordings.…
US Bans All Foreign-Made Consumer Routers
This is for new routers; you don’t have to throw away your existing ones: The Executive Branch determination noted that…
Why Your Wildcard SSL Certificate isn’t Working on Some Subdomains (And How to Fix It)
You install a wildcard SSL certificate, everything looks right and then one subdomain throws a domain mismatch error. The browser…
UNC1069 and the Axios npm Attack: Google Reveals North Korean Attribution
Cybercriminal and nation-state threat actors are increasingly shifting toward developer-ecosystem compromise and software supply chain abuse as a reliable avenue…
Possible US Government iPhone Hacking Tool Leaked
Wired writes (alternate source): Security researchers at Google on Tuesday released a report describing what they’re calling “Coruna,” a highly…
Is “Hackback” Official US Cybersecurity Strategy?
The 2026 US “Cyber Strategy for America” document is mostly the same thing we’ve seen out of the White House…
Critical Security Vulnerability in Google Chrome: Technical Analysis and Mitigation
The discovery of CVE-2026-5281 reveals critical vulnerability highlights a serious weakness in modern web browsers that can be leveraged by…
A Taxonomy of Cognitive Security
Last week, I listened to a fascinating talk by K. Melton on cognitive security, cognitive hacking, and reality pentesting. The…
FortiClient EMS Under Fire: Critical CVE-2026-21643 Exploited in Real-World Attacks
A critical SQL injection vulnerability, CVE-2026-21643, has been identified in FortiClient Endpoint Management Server (EMS), a centralized management platform for…