Introducing Google Cloud support in Saner Cloud with CIEM visibility
Cloud adoption rarely happens in a neat straight line. Teams add projects, hand off ownership, build new services, and revisit…
Security
Manipulating AI Summarization Features
Microsoft is reporting: Companies are embedding hidden instructions in “Summarize with AI” buttons that, when clicked, attempt to inject persistence…
Silent Rendering, Stolen Secrets: APT28’s MSHTML Espionage Campaign
A Russia-linked advanced persistent threat group, APT28 (also known as Fancy Bear and Forest Blizzard), has been observed exploiting a…
On Moltbook
The MIT Technology Review has a good article on Moltbook, the supposed AI-only social network: Many people have pointed out…
Ongoing Web Shell Attacks Hit 900+ FreePBX Systems: INJ3CTOR3 Behind EncystPHP Deployment
Cybercriminals continue to exploit misconfigurations and unpatched VoIP infrastructure, with over 900 Sangoma FreePBX systems confirmed compromised following widespread deployment…
Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations,…
LLM-Assisted Deanonymization
Turns out that LLMs are good at de-anonymization: We show that LLM agents can figure out who you are from…
Weekly Update 493
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Who is the Kimwolf Botmaster “Dort”?
In early January 2026, KrebsOnSecurity revealed how a security researcher disclosed a vulnerability that was used to build Kimwolf, the…
Friday Squid Blogging: Squid Fishing in Peru
Peru has increased its squid catch limit. The article says “giant squid,” but they can’t possibly mean that. As usual,…