Risky Bulletin

Apple adds a paste-warning to macOS Terminal to block click-to-execute tricks. A high-profile Gmail breach and a massive EU cloud leak raise fresh data security alarms. A major DeFi platform shuts down after a multimillion-dollar hack. Regulators propose banning non-consensual nudify apps across the EU.

Adam Pointon, CEO of Knocknoc, a leader in identity-gated access and just-in-time host protection. He explains how AI is accelerating exploit timelines. He describes hiding services until users authenticate. He outlines deny-by-default controls, limiting exposure, and just-in-time allowances for maintenance.

Discussion of Russia mandating a custom NEA7 crypto algorithm for 5G and plans to boost national firewall capacity. Allegations that spyware targeted Hungarian opposition and a large-scale malware infection hit thousands of Luxembourg government phones. Coverage of data-wiping attacks on Israeli firms, a Dutch police phishing breach, and Google's warning about quantum threats to classical encryption.

Tom Uren, policy and intelligence editor who analyzes cybersecurity policy and national security, breaks down the FBI buying Americans’ location data and why commercially sourced tracking raises privacy and oversight concerns. He unpacks FCC moves to restrict foreign-made routers as reshoring politics, not security. He also outlines plans to tap private-sector telemetry for government use.

Intellexa’s CEO lashes out at Greek authorities over alleged misuse. New U.S. bureau targets emerging cyber and space threats. FCC moves to ban foreign-made routers for national security. Major hacks and a supply-chain compromise hit governments and dev tools. Google unveils a threat disruption unit. German police woke companies to warn about critical software bugs.

The Grugq, a security researcher known for analyses of threat actor tradecraft, breaks down recent iOS exploit kit sightings. He discusses why top-tier exploits stay hidden. He explains resale and abuse of older tools. He explores geofenced targeting and operator tweaks that add crypto-theft. Practical advice on updating iOS and using Lockdown Mode is also covered.

A deep dive into a mass phishing campaign that linked extra devices to thousands of Signal accounts. A supply-chain sabotage tale where a popular scanner was weaponized to steal credentials and seed an NPM worm. Authorities dismantle massive IoT botnets tied to huge DDoS attacks and seize dark websites. Emergency patches, spyware arrests, and high-profile data breaches round out the briefing.

Fletcher Heisler, founder and CEO of open source identity provider Authentik, explains Extended Identity Access Management (XIAM) and why identity must cover humans, agents, and devices. He discusses stateless, multi‑cloud deployments, risks of proprietary cloud IDPs, and how agentic AI needs identity guardrails. He also touches on consolidation, resiliency, and Authentik’s cautious approach to AI features.

A newly discovered iOS hacking framework being used across multiple countries is revealed. Belgium launches a secure government messaging app to replace foreign services. Japan legalises pre-emptive cyber operations with cabinet approval. AWS clamps down on S3 bucketsquatting to stop hijacks. Breathalyser devices and several crypto platforms suffer disruptive cyberattacks.

Tom Uren, policy and intelligence editor focused on cyber and platform safety. He explains how a successful war could push Iran to pivot heavily into cyber power. They discuss how Iran might rapidly scale cyber capabilities. They also cover Meta reversing E2EE on Instagram DMs and when encryption helps or harms safety.