Frontpage

Ad-free streaming is a luxury now

No more breaks from ad breaks.

Your Kids' School Bus Is About to Become a Roaming Surveillance Vehicle

A company that sells cameras to catch drivers illegally passing stopped school buses wants to turn them into license plate readers.

Why Drawing Tablet Brands Won't Collaborate on Linux FLOSS Drivers

Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds

Researchers warn many AI coding assistants now execute commands from project configurations

ATF cancels phone tracking contract after lawmakers raise concerns

The Bureau of Alcohol, Tobacco, Firearms and Explosives has canceled its contract for a surveillance tool that allows warrantless tracking of mobile devices

2 Linux kernel flaw PoCs published, enabling local privilege escalation

One of the flaws, DirtyClone, is a variant of the DirtyFrag vulnerability class.

The road that cannot be taken

The roadmap to nowhere on Earth

Miasma Malware Targets npm Packages and GitHub Actions in Supply Chain Attack

Mini Shai-Hulud-linked malware compromises 23 npm packages and a Verana Go module to steal developer credentials.

CISA Adds Exploited PTC Windchill RCE Flaw to KEV as Web Shell Attacks Continue

CISA added CVE-2026-12569 to its KEV catalog as attackers exploit the PTC Windchill flaw to deploy JSP web shells.

The Kitchen's on Fire

So is the entire house.

CL-STA-1062 Targets Southeast Asian Governments and Critical Infrastructure

Government entities and critical infrastructure were targeted for espionage in SE Asia by attackers using a hybrid toolkit, including custom TinyRCT backdoor.

The Latest Addition to Turla’s Intelligence Gathering Apparatus | Google Cloud Blog

Analysis of a backdoor, STOCKSTAY, that has been continually developed and deployed by the Russia-linked threat actor Turla.