Deliberate Internet Shutdowns
For two days in September, Afghanistan had no internet. No satellite failed; no cable was cut. This was a deliberate…
Security
No Credentials Required: FortiGate SAML SSO Exploit Path Explained
Two maximum severity vulnerabilities have been identified in a range of Fortinet products, including the widely deployed FortiGate firewalls. These…
Weekly Update 482
Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. Perhaps it’s just the…
Chinese Surveillance and AI
New report: “The Party’s AI: How China’s New AI Systems are Reshaping Human Rights.” From a summary article: China is…
Against the Federal Moratorium on State-Level Regulation of AI
Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget…
Processing 630 Million More Pwned Passwords, Courtesy of the FBI
Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. The sheer scope of…
Building Trustworthy AI Agents
The promise of personal AI assistants rests on a dangerous assumption: that we can trust systems we haven’t made trustworthy.…
Self-Signed vs CA-Signed SSL Certificates: Which is Right for Your Website?
HTTPS protects data in transit with SSL/TLS encryption and also meets browser security guidelines. Major browsers now flag websites served…
AIs Exploiting Smart Contracts
I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature.…
2026 API and AI Security Predictions: What Experts Expect in the Year Ahead
This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances…