AIs Exploiting Smart Contracts
I have long maintained that smart contracts are a dumb idea: that a human process is actually a security feature.…
Security
2026 API and AI Security Predictions: What Experts Expect in the Year Ahead
This is a predictions blog. We know, we know; everyone does them, and they can get a bit same-y. Chances…
SIM Pharm Cyber crime Escalates in South Africa
Just when you thought there couldn’t be another type of cyber thief, they develop new and devious methods to steal…
FBI Warns of Fake Video Scams
The FBI is warning of AI-assisted fake kidnapping scams: Criminal actors typically will contact their victims through text message claiming…
Three Zero-Days and 57 Fixes: A Critical Year-End Patch Tuesday from Microsoft
This month’s Patch Tuesday delivers a modest-sized update, but with high-impact fixes. Microsoft has patched 57 vulnerabilities, including 3 zero-day…
CVE-2025-55182: Immediate Operationalization of React2Shell by China-Nexus Threat Actors
Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December 3, 2025, security researchers observed active exploitation attempts from…
AI vs. Human Drivers
Two competing arguments are making the rounds. The first is by a neurosurgeon in the New York Times. In an…
Understanding CVE-2025-66516: Critical XXE Exposure in Apache Tika
A maximum severity vulnerability has been identified in Apache Tika, a widely used open-source content analysis toolkit. This vulnerability, designated…
Update on React Server Components RCE Vulnerability (CVE-2025-55182 / CVE-2025-66478)
The attack landscape has been dynamic following the disclosure of the React Server Components RCE vulnerability. New information has emerged…
Substitution Cipher Based on The Voynich Manuscript
Here’s a fun paper: “The Naibbe cipher: a substitution cipher that encrypts Latin and Italian as Voynich Manuscript-like ciphertext“: Abstract:…