This is from a 2024 company presentation: Officers can also tap into data showing a car’s decals, bumper stickers, back and top racks—along with temporary and unique state tags. Flock calls it a...
An inside look at the active Armored Likho APT campaign. The attackers are using spear-phishing, AI-generated loaders, and a new Python-based tool, BusySnake Stealer, to target organizations in...
Maybe they were looking for Private Data
“It is a direct attack on the rule of law,” says one European Parliament member of the new findings from Citizen Lab.
Stelios Kouloglou, formerly a member of the European Parliament's committee investigation abuses of commercial spyware, was twice infected with Pegasus while serving, researchers said.
Citizen Lab says the phone of a member of Europe’s PEGA Committee was infected twice with Pegasus, the NSO Group spyware that gave the panel its name. The post Someone infected a spyware probe...
Left hand, meet right hand
MeetingTV wants to see the evidence
Google has significantly degraded NetNut, one of the biggest networks that turns home devices into rented relays for other people's traffic. Working with the FBI, Lumen, and others, Google's...
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ...
A look inside the reverse-engineering journey of building the first RDP client outside of Windows to support WebAuthn redirection. The post How We Added WebAuthn to a Browser-Based RDP Client...
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone...
Don't count on the LLM to return your data - even if you pay up
AL26-016 - Vulnerability impacting Citrix NetScaler CVE-2026-8451
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this...
What do board games and cybersecurity have in common? Pattern recognition. Strategy. Adaptation. In this week’s Threat Source Bill explores why curiosity may be a defender’s most valuable skill.
Google Chrome security advisory (AV26-648)
Adobe security advisory (AV26-647)
Researchers scoured logs, finding opsec fail for at least one person who was working with INC and Lynx simultaneously
Cisco security advisory (AV26-646)
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As autonomous principals proliferate across...
Attackers need little more than a valid SharePoint account to execute code on vulnerable on-prem servers
The same technology protecting online activity is concealing malware, C2 traffic, and data exfiltration. Here’s the fix.
AL26-015 - Critical vulnerability impacting Microsoft SharePoint Server – CVE-2026-45659
Peter Stokes boasted on social media about the luxurious globetrotting life he enjoyed while he was still a child. The post Alleged longstanding member of Scattered Spider extradited to US...
Company that also makes insulin pumps and other devices tells users what was exposed months after ShinyHunters attack
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a...
Over the past two weeks, LevelBlue SpiderLabs has been tracking an active phishing campaign distributing malicious spreadsheet attachments. What initially appeared to be a limited phishing attempt...
Background Today, in coordination with the FBI, Lumen, and others, Google took action against the NetNut residential proxy network, also known as Popa. This action builds on our disruption of the...
Government of the messenger's largest market demands a pause while Meta explains how it plans to stop impersonators