Risky Bulletin

Tom Uren, policy and intelligence editor focused on cybersecurity and conflict tech. He describes how AI models now autonomously uncover serious software vulnerabilities. He explains why multiple top AI systems matter for state cyber work. He also talks about Ubiquiti gear replacing Starlink in the Russia–Ukraine fighting and the supply-chain issues that enabled it.

Cyber attacks tied to real-world strikes and the link between password spraying and missile targets. A major npm package was hijacked to deliver malware and another leaked source code via a map file. Legal fallout from crypto thefts and wash trading charges surfaced alongside long sentences for scam operators. Reports cover new phishing platforms, zero-days pushing malicious updates, and geopolitical threats to tech firms.

They contrast declining hacking risks for everyday users with a booming, industrialized scam economy. They dissect real exploits and why opportunity, not just capability, matters. They describe AI-boosted social engineering, from fake vendor sites to a $1.25M VIP WhatsApp crypto con. They recount personal scam encounters and how cheap tooling scales confidence tricks.

Apple adds a paste-warning to macOS Terminal to block click-to-execute tricks. A high-profile Gmail breach and a massive EU cloud leak raise fresh data security alarms. A major DeFi platform shuts down after a multimillion-dollar hack. Regulators propose banning non-consensual nudify apps across the EU.

Adam Pointon, CEO of Knocknoc, a leader in identity-gated access and just-in-time host protection. He explains how AI is accelerating exploit timelines. He describes hiding services until users authenticate. He outlines deny-by-default controls, limiting exposure, and just-in-time allowances for maintenance.

Discussion of Russia mandating a custom NEA7 crypto algorithm for 5G and plans to boost national firewall capacity. Allegations that spyware targeted Hungarian opposition and a large-scale malware infection hit thousands of Luxembourg government phones. Coverage of data-wiping attacks on Israeli firms, a Dutch police phishing breach, and Google's warning about quantum threats to classical encryption.

Tom Uren, policy and intelligence editor who analyzes cybersecurity policy and national security, breaks down the FBI buying Americans’ location data and why commercially sourced tracking raises privacy and oversight concerns. He unpacks FCC moves to restrict foreign-made routers as reshoring politics, not security. He also outlines plans to tap private-sector telemetry for government use.

Intellexa’s CEO lashes out at Greek authorities over alleged misuse. New U.S. bureau targets emerging cyber and space threats. FCC moves to ban foreign-made routers for national security. Major hacks and a supply-chain compromise hit governments and dev tools. Google unveils a threat disruption unit. German police woke companies to warn about critical software bugs.

The Grugq, a security researcher known for analyses of threat actor tradecraft, breaks down recent iOS exploit kit sightings. He discusses why top-tier exploits stay hidden. He explains resale and abuse of older tools. He explores geofenced targeting and operator tweaks that add crypto-theft. Practical advice on updating iOS and using Lockdown Mode is also covered.

A deep dive into a mass phishing campaign that linked extra devices to thousands of Signal accounts. A supply-chain sabotage tale where a popular scanner was weaponized to steal credentials and seed an NPM worm. Authorities dismantle massive IoT botnets tied to huge DDoS attacks and seize dark websites. Emergency patches, spyware arrests, and high-profile data breaches round out the briefing.