Latest Analysis
Cybersecurity intelligence, threat analysis, and national security reporting.
FCC Expands Foreign Router Ban to Mobile Hotspots
The FCC has expanded its ban on foreign-made routers to include mobile hotspots and home devices that use LTE or 5G connections, affecting U.S. consumers and small businesses. This move now explicitly prohibits the sale of portable Wi-Fi hotspots and home routers manufactured abroad.
CISA Uncovers Firestarter Backdoor in Federal Network
The Firestarter backdoor was a masterfully crafted threat that allowed attackers to maintain secret access to compromised networks even after they'd been updated, essentially giving them a backdoor key to re-enter without having to exploit new vulnerabilities. This sneaky tactic left victims vulnerable to repeat attacks, highlighting the need for robust cybersecurity measures.
NASA Targeted in Chinese Phishing Scheme for U.S. Defense Software
For years, unsuspecting NASA employees and collaborators were duped into sharing sensitive US defense software with a Chinese national masquerading as a colleague, in a brazen phishing scheme that went undetected for years. The scam funneled top-secret aerospace and defense tech to the imposter, violating US export control laws in the process.
Carnival Breach Exposes 7.5M Emails in Alleged ShinyHunters Hack
A massive data breach at Carnival Corporation has exposed a whopping 7.5 million emails, allegedly at the hands of the notorious ShinyHunters hack group, after failed negotiations between the two parties left customers' sensitive information vulnerable. The breach is said to have yielded terabytes of internal corporate data, sparking concerns for customers and the company behind Holland America Line.
DORA Mandates Credential Security as Financial Risk Control
What happens when a threat actor waltzes into your network with a legitimate username and password - can your controls stop them? With DORA now in effect, EU financial institutions must prioritize credential security as a critical risk control, shifting from best practice to binding regulation.
Intel Bets Big on AI Inference to Revitalize CPU Business
Intel CEO Lip-Bu Tan is making a bold bet that AI inference, agentic workloads, and "physical AI" will put CPUs back at the forefront of computing, and position Intel for a major share of the trillion-dollar chip market. He's staking the company's future on the idea that CPUs will be the foundation of the AI era.
US-Indonesia Ties Pivot to High-Stakes Partnership
The US-Indonesia partnership has leveled up, shifting from a focus on shared values to a high-stakes game of mutual benefit, where critical minerals, supply chains, and defense capabilities are on the table. The question is, can this new transactional relationship deliver the real results both countries are counting on?
Windows RPC Exposes New Local Privilege Escalation Technique
A newly discovered technique allows hackers to easily escalate their privileges to SYSTEM level on Windows systems, using a vulnerability in the Remote Procedure Call stack. This alarming exploit relies on clever manipulation of Security Quality of Service parameters and impersonation levels.
Japan Rearms, But Taiwan's Defense Remains Uncertain
As Japan bolsters its defenses, concerns linger about Taiwan's uncertain future - and it's easy to see why, given their precarious locations in a volatile neighbourhood. With its recent fleet expansions, Japan is clearly taking steps to protect itself, but what about its vulnerable neighbour?
Linux Kernel Faces Large-Scale Device Support Cuts
The Linux kernel is set for a major overhaul, with plans to cut support for dozens of outdated devices, including ancient network cards and legacy parallel-port hardware, freeing up thousands of lines of code and reducing the maintenance burden. This could slash nearly 30,000 lines of code, just from Ethernet device removals alone.
Zimbra Servers Targeted in Ongoing XSS Attacks
Beware of sneaky phishing emails that can hijack your Zimbra server with just a glance - no clicks or downloads required. A single malicious email can trigger a cross-site scripting attack, thanks to a recently patched vulnerability, CVE-2025-48700.
UK Biobank Data Surfaces for Sale in China After Breach
A massive data breach has hit UK Biobank, with highly sensitive health information from 500,000 volunteers being sold on Chinese e-commerce platforms, including Alibaba, before being swiftly removed. Fortunately, the UK government believes that no one purchased the leaked data, which included whole-body scans, DNA sequences, and confidential medical records.
Open Source Models Challenge Dominance in Automated Bug Finding
The impressive performance of Anthropic's Mythos in automated bug finding, which uncovered 271 Firefox flaws, has been called into question by Ari Herbert-Voss, who argues that open-source models can be just as effective. Herbert-Voss suggests that Mythos's success can be attributed to its ability to detect both simple and complex vulnerabilities, thanks to a phenomenon he terms "supralinear scaling".
Malicious Apps Expose Crypto Investors to Seed Phrase Theft on App Store
Beware of malicious apps on the App Store that masquerade as popular cryptocurrency wallets, aiming to steal your crypto seed phrase and drain your funds. These fake apps, uncovered by Kaspersky researchers, can trick you into revealing sensitive information with just a few taps.
Microsoft Update Disrupts Remote Desktop Security Warnings
Microsoft's latest update aimed at boosting Remote Desktop security may have an unintended consequence: a display-scaling bug that makes crucial security warnings hard to read or even unreadable. This glitch comes at a critical time, as the update was designed to protect against phishing attacks that exploit .rdp files.
Governance Gaps Exposed in AI Agent Deployments
To safely deploy AI agents, enterprises must first tighten up governance for the humans, bots, and machine identities that serve as their authority sources, since AI agents aren't independent actors but rather delegated ones. By reframing AI governance as a delegation issue, we can shift the focus from novelty to effective oversight.
Mandiant VP Warns of Resurgent Cybersecurity Risks in AI Deployments
As organizations rush to adopt AI, they're reviving long-standing cybersecurity failures, warns Mandiant VP Jurgen Kutscher, who urges a focus on basic security controls over new AI-specific threats. Neglecting these fundamentals leaves AI-enabled environments vulnerable to measurable operational weaknesses.
Microsoft Unveils Option to Uninstall Copilot on Enterprise Devices
Microsoft just made it easier for IT admins to breathe a sigh of relief: you can now uninstall Copilot from enterprise devices without any disruptions. The new RemoveMicrosoftCopilotApp policy setting is here to give you more control over your organization's devices.
Tropic Trooper Exploits SumatraPDF to Deploy AdaptixC2
Meet Tropic Trooper, a notorious cyber threat group that's been wreaking havoc since 2011, and learn how they've cleverly exploited SumatraPDF to deploy their AdaptixC2 malware. Their latest tactic involves using GitHub as a command-and-control platform to target Chinese-speaking individuals in Taiwan, as well as users in South Korea and Japan.
Greece Eases Biometric Border Rules Amid Airport Delays
Greece has relaxed its biometric border rules for UK travellers, and will no longer collect fingerprints and photos as part of the Entry/Exit System (EES). The move comes as airport delays have mounted, and authorities aim to balance security with smooth traffic flow.
LMDeploy Vulnerability Exploited Within 13 Hours of Disclosure
A critical vulnerability in LMDeploy's vision-language module was exploited in the wild just 13 hours after its disclosure, allowing attackers to access sensitive resources and internal networks. This server-side request forgery flaw, tracked as CVE-2026-33626, affects all versions of the toolkit prior to 0.12.0.
UK Bans Journalists from Digital ID Forum
The UK government is calling on ordinary citizens to share their thoughts on a proposed Digital ID system, and you don't need to be an expert to join the conversation. Around 36,000 people have been invited to participate in the People's Panel on Digital ID, which will involve in-person meetings and online sessions to discuss how a Digital ID system should be designed for the UK.
Malware Targets Developers with Worm-Like Npm Supply Chain Attack
Malware is targeting developers through a sneaky npm supply chain attack, executing malicious code the moment a package is installed, and harvesting sensitive data to spread across ecosystems. Over 6,700 weekly downloads of one affected package show just how widespread the threat could be.
Researchers Uncover Pre-Stuxnet Cyber-Sabotage Malware
Meet fast16, a stealthy cyber-sabotage malware that went undetected until now, marking a new era in covert statecraft. Discovered by SentinelOne researchers, this silent threat has been hiding in plain sight since 2016.