After dissing Anthropic for limiting Mythos, OpenAI restricts access to Cyber, too | TechCrunch - This version of Cyber can perform such tasks as penetration testing, vulnerability identification (and exploitation), and malware reverse engineering, the application implies. It’s intended to be a toolkit to help a company find security holes and test defenses. The fear is that the kit could be misused by the bad guys.
NCSC: Passkeys now good enough to be the default standard • The Register - The UK’s National Cyber Security Centre (NCSC) has officially endorsed passkeys as the default authentication standard, marking the first time the agency has told consumers to move away from passwords entirely.
NCSC’s first gadget blocks malware transfer over HDMI cables • The Register - Very little exists in the research literature about these kinds of attacks. A team based out of Montevideo’s Universidad de la República published findings in 2024 about the potential for highly technical individuals to intercept the electromagnetic radiation emitted from HDMI cables and use deep learning algorithms to reproduce text intended to be displayed on a monitor.
This is part of a new series called,“Allusions for Engineers” which hopes to improve the cultural lexicon of technical or foreign peers who may not share a formal education in “classics” by western definitions. Other parts in this series include Biblical allusions, Norse, Modern/American, and others.
Working with engineers, I often find their lexicon slightly…lacking. Not for complexity or precision, but for the classical references that make allusion and simile the marks of a well-rounded Western education. And that often leads to some well intentioned accusations that working with me is akin to ‘Picard and Dathon at El-Adrel’.
Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant | TechCrunch - Sweden’s minister of civil defense, Carl-Oskar Bohlin, said during a press conference on Wednesday that the attempted attack happened in early 2025 and attributed the incident to hackers with “connections to Russian intelligence and security services.”
Iran intruders disrupting US water, energy facilities • The Register - “These PLCs were deployed across multiple US critical infrastructure sectors within a wide variety of industrial automation processes … Some of the victims experienced operational disruption and financial loss,” it continued. It’s also worth noting that the energy and utilities sector was the fifth-most targeted industry in the US last month, according to Check Point’s cyberattack tracking.
Trump wants to slash $707M from CISA’s budget • The Register - Trump’s 2027 spending plan says it will “refocus” CISA by “removing offices that are duplicative of existing and effective programs at the State and Federal level, such as certain targeted school safety programs.” Overall reduction to CISA budget will be $710M~
1K+ cloud environments infected via Trivy attack • The Register - “That 1,000-plus downstream victims will probably expand into another 500, another 1,000, maybe another 10,000,” he continued. “And we know that these actors are collaborating with a number of other actors right now.”
LiteLLM infected with credential-stealing code via Trivy • The Register - Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.
Japan to allow ‘proactive cyber-defense’ from October 1st • The Register - online the nation faces “the most complicated national security environment” since World War II, and because “society as a whole is proceeding with digitalization.”
Linux Foundation wants to shield FOSS devs from AI bug slop • The Register - “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.”
I am so exhaustively tired of having this conversation. I do not hate anyone. I don’t hate them for who they voted for. I don’t hate them for who they support politically. But I will be very clear about the following.
I hope that if you find yourself worshiping false idols and chasing after the political power that Satan offers; that you and others will be reminded of my posts and that the Holy Spirit uses them to convict you.
Iran plots ‘infrastructure warfare’ against US tech giants • The Register - Iran has reportedly designated Amazon, Google, IBM, Microsoft, Nvidia, Oracle, and Palantir facilities as legitimate targets of retaliatory strikes, according to an Al Jazeera report citing Iran’s state-affiliated Tasnim news agency. 29 locations in Bahrain, Israel, Qatar, and the United Arab Emirates that house offices, datacenters, and research facilities that Iran has set its sights on destroying. This comes a week after Iran said it deliberately targeted three AWS datacenters in the region.