A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Censys finds 5,219 devices exposed to attacks by Iranian APTs, majority in U.S. GlassWorm evolves with […]
Ugh. Any angler knows that a fish circling a lure is ready to bite. It is the most important moment in the sequence. It’s not hesitation. It’s the last check before commitment. A better lure doesn’t make fish circle more when they alr…
Palantir has a serious problem. You can tell by the way their CEO Alex Karp just positioned AI as threatening humanities-trained workers and empowering vocational ones. That’s exactly backwards. And it’s political. He’s trying to prev…
Censys researchers found 5,219 exposed Rockwell PLCs online, mostly in the U.S., urging defenders to secure or disconnect them. On April 7, 2026, U.S. agencies, including FBI, CISA, and NSA, warned of Iran-linked APTs exploiting internet-exposed Rockwell Automation PLCs. Threat actors are carrying out cyberattacks targeting internet-connected operational technology (OT) across multiple critical infrastructure sectors. […]
A new paper in American Antiquity has just pushed the origin of dice back 6,000 years further than anyone expected. Robert Madden’s “Probability in the Pleistocene” identifies 659 prehistoric Native American dice across 57 archaeologi…
The GlassWorm campaign uses a Zig-based dropper hidden in a fake IDE extension to infect developer tools and compromise systems. The GlassWorm campaign, active since 2025, has evolved from malicious npm packages to large-scale supply chain attacks across GitHub, npm, and VS Code, even deploying RATs via fake browser extensions. In its latest iteration, threat […]
Signal messages may persist in iPhone notification data, enabling FBI access even after deletion, a court case reveals.
Google adds Device Bound Session Credentials (DBSC) to Chrome 146, using hardware keys to block infostealer use of stolen session cookies on Windows.
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9 […]
The KKK as “tax enforcers” who actually eliminate taxation is the actual story here, which so far nobody is admitting. The ban was part of a law passed during Reconstruction in July 1868, in part to thwart liquor tax evasion, and subjected…