In this sixth week of war, as Iran has missiles flying all over the place. Oracle announced an outage and now this: Iranian strikes have rendered two Amazon Web Services availability zones “hard down” in Dubai and Bahrain and the company expects them t…
Tesla simply buys battery cells from Panasonic and CATL and calls itself an innovation company. Tesla simply has Siemens build factories for it, assembles parts, and calls itself a manufacturing company. Tesla simply suppresses death, fire and crash da…
Qilin ransomware claims it stole data from Germany’s Die Linke and threatens to leak it; the party confirmed the incident, but not a breach. The Qilin ransomware group claims it stole data from Die Linke, a German political party, and is threatening to release it. Die Linke is a left-wing political party in Germany. Its […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in TrueConf Client to its Known Exploited Vulnerabilities catalog The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a flaw in TrueConf Client, tracked as CVE-2026-3502 (CVSS score of 7.8), to its Known Exploited Vulnerabilities (KEV) catalog. TrueConf is a videoconferencing platform often used in secure, offline […]
North Korean group UNC1069 targets Node.js maintainers using fake LinkedIn and Slack profiles to spread malware and compromise open source packages.
A Quebec maple syrup producer was just caught breaching product integrity. Cane sugar was being injected as an inexpensive substitute. The story ran as a Canada story. The investigation was done by Radio-Canada’s Enquête programme, where the prod…
JD Vance notably served in the United States Marine Corps from 2003 to 2007 as a public affairs specialist, MOS 4341 (e.g. MCO 1510.62A 17 February 2000). That means propaganda. 4341.01.05 “DEVELOP PROCEDURES FOR RELEASE OF INFORMATION TO THE PUB…
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threat group, revealing that data from at least 30 EU entities was exposed. The incident was publicly disclosed on March 27 after inquiries confirmed […]
Please consider supporting the DefSec podcast here.
Here are the links we discuss this week:
https://www.darkreading.com/identity-access-management-security/more-attackers-logging-in-not-breaking-in
https://www.bleepingcomputer.com/news/securit…
A fake Chrome browser extension called ‘ChatGPT Ad Blocker’ was harvesting conversations of ChatGPT users in the name of offering an ad-free experience.