Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant | TechCrunch - Sweden’s minister of civil defense, Carl-Oskar Bohlin, said during a press conference on Wednesday that the attempted attack happened in early 2025 and attributed the incident to hackers with “connections to Russian intelligence and security services.”
Iran intruders disrupting US water, energy facilities • The Register - “These PLCs were deployed across multiple US critical infrastructure sectors within a wide variety of industrial automation processes … Some of the victims experienced operational disruption and financial loss,” it continued. It’s also worth noting that the energy and utilities sector was the fifth-most targeted industry in the US last month, according to Check Point’s cyberattack tracking.
Trump wants to slash $707M from CISA’s budget • The Register - Trump’s 2027 spending plan says it will “refocus” CISA by “removing offices that are duplicative of existing and effective programs at the State and Federal level, such as certain targeted school safety programs.” Overall reduction to CISA budget will be $710M~
1K+ cloud environments infected via Trivy attack • The Register - “That 1,000-plus downstream victims will probably expand into another 500, another 1,000, maybe another 10,000,” he continued. “And we know that these actors are collaborating with a number of other actors right now.”
LiteLLM infected with credential-stealing code via Trivy • The Register - Two versions of LiteLLM, an open source interface for accessing multiple large language models, have been removed from the Python Package Index (PyPI) following a supply chain attack that injected them with malicious credential-stealing code.
Japan to allow ‘proactive cyber-defense’ from October 1st • The Register - online the nation faces “the most complicated national security environment” since World War II, and because “society as a whole is proceeding with digitalization.”
Linux Foundation wants to shield FOSS devs from AI bug slop • The Register - “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.”
I am so exhaustively tired of having this conversation. I do not hate anyone. I don’t hate them for who they voted for. I don’t hate them for who they support politically. But I will be very clear about the following.
I hope that if you find yourself worshiping false idols and chasing after the political power that Satan offers; that you and others will be reminded of my posts and that the Holy Spirit uses them to convict you.
Iran plots ‘infrastructure warfare’ against US tech giants • The Register - Iran has reportedly designated Amazon, Google, IBM, Microsoft, Nvidia, Oracle, and Palantir facilities as legitimate targets of retaliatory strikes, according to an Al Jazeera report citing Iran’s state-affiliated Tasnim news agency. 29 locations in Bahrain, Israel, Qatar, and the United Arab Emirates that house offices, datacenters, and research facilities that Iran has set its sights on destroying. This comes a week after Iran said it deliberately targeted three AWS datacenters in the region.
Iran intelligence backdoored US bank, airport networks • The Register - Iranian Ministry of Intelligence and Security (MOIS) has been embedded in multiple US companies’ networks - including a bank, software firm, and airport, among others - since the beginning of February, with more activity in the days following the US and Israeli military strikes, according to security researchers. Plus, the compromised software company supplies its tech to defense and aerospace industries among others, and has a presence in Israel.
OpenAI: Chinese agent used ChatGPT for smear ops • The Register - Chinese Gov Agent using ChatGPT to plan smear campaigns, write situation reports. Interesting look into how bad guys are bad guying.
Perplexity Comet browser hole was exploitable via cal invite • The Register - The second thing is that we show that once the 1Password extension is installed in the Comet browser and is unlocked, we can actually instruct Comet to go to the extension URL and then hijack your 1Password account – full takeover of your 1Password account, which is the worst thing that can happen," said Bargury.
China remains embedded in US energy networks ‘for the purpose of taking it down’ - Three new threat groups began targeting critical infrastructure last year, while a well-known Beijing-backed crew - Volt Typhoon - continued to compromise cellular gateways and routers, and then break into US electric, oil, and gas companies in 2025. “Nothing that they were taking was useful for intellectual property,” Lee said. “Everything they were doing and learning was only useful for disrupting or causing destruction at those sites. Voltzite was embedded in that infrastructure for the purpose of taking it down.”