A modest proposal: Reformat everything to make documents more palatable to AI
What's up, DocLang?
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
DOJ seizes CFAKE, SOCFAKE deepfake nude sites under TAKE IT DOWN Act
The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsensual AI-generated nude images and videos …
Cisco SD-WAN make-me-root bug under attack
Second Catalyst SD-WAN Manager flaw exploited as an 0-day this month
Feds freaked over Fable 5 after simple 'fix this code' prompt, not jailbreak, says researcher
According to the one person who actually read the research paper
AI has changed data architecture, but storage hasn't caught up
SPONSORED FEATURE: AI's hunger for data outstrips storage smarts, leaving GPUs famished
DARPA seeks swappable satellites to help with future star wars
Worried that an unexpected strike could take out critical orbital systems, Pentagon researchers want to know how fast the industry thinks it could launch replacements
SimpleHelp bug lets hackers create rogue remote support accounts
A vulnerability in the SimpleHelp remote management software allows unauthenticated attackers to create privileged technician accounts on servers using the OpenID Connect (OIDC) au…
Chinese Hackers Abused Google Workspace Rules to Steal Research and Defense Emails
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense ema…
Anthropic reserves right to check ID for Claude subs
How can I help you today? Present your papers to begin
North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels
Cybersecurity researchers have flagged two malicious cyber campaigns that exhibit similarities with a persistent North Korean threat cluster known as Contagious Interview (aka Famo…
HTTP/2 Bomb Attacks Put Telcos, Healthcare Orgs at Risk
The denial-of-service (DoS) exploit takes advantage of two features in HTTP/2 that were designed to save Internet bandwith, not power massive amplification attacks.
Copilot 'SearchLeak' Attack Allows 1-Click Data Theft
The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.
HPE offers VMware refugees a year off the meter
Free VM Essentials license and cut-price Zerto dangled at customers eyeing a platform escape
NB579: Datadog Unleashes Autonomous Agents; SpaceX Launches IPO
Take a Network Break! Our Red Alert covers critical vulnerabilities in Ivanti Sentry, including OS command injection and authentication bypass, for which patches are now available.…
Council of Europe hacked in ShinyHunters' PeopleSoft heist
Joins the ranks of Nottingham Uni and 100 other unnamed victims
OptinMonster WordPress plugin hacked in CDN supply-chain attack
WordPress plugins OptinMonster, TrustPulse, and PushEngage have been compromised in a supply-chain attack impacting Awesome Motive-s content distribution network (CDN). [...]
Java's Project Valhalla finally lands a preview in JDK 28
Don't hold your breath, though – architect Brian Goetz warns devs it will likely still be preview in next LTS release
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileg…
China-Nexus Actor Spies on US Researchers Undetected for a Year
Google discovered and disrupted the sprawling campaign, which stole RedCAP credentials to breach numerous institutions and exfiltrate sensitive data.
Feds snooze as US datacenter law set to lapse with no replacement in site
Federal Data Center Enhancement Act (FDCEA) of 2023 covers standards including security and sustainability
Most CISOs Report Pressure to Bury Bad Security News
Executive leaders may not be saying it aloud, but business objectives and priorities don't always promote timely disclosures.
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed …
Council of Europe investigates ShinyHunters data breach claims
The Council of Europe, the continent's oldest intergovernmental body, is probing claims of a data breach made by the ShinyHunters extortion group over the weekend. [...]
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the…
The Y2K bug is back! Dutch dev digs up untimely flaw in old BSD build
26 years late and no threat unless you still run a PDP-11/70 and rely on short-wave timekeeping broadcasts
NASA management wants a word and won't say why
A mystery calendar event is certainly one way to find out about being selected for the Artemis III crew
IBM sends signals with its $10 billion quantum pledge
“The quantum era is no longer ahead of us, it has started,” said IBM CEO Arvind Krishna in statement tied to news that the company is committing $10 billion to advancing quantum co…
Red Hat gives Ubuntu a bootc up the backside at Canonical shindig
Bootable containers pitch shows how distro can be managed with familiar OCI tooling
Microsoft site throwing warnings after someone forgot to renew cert
Connectivity checker trips browser alarms thanks to lapsed security paperwork
FBI: Fraudsters use couriers to steal money in crypto scams
The U.S. Federal Bureau of Investigation (FBI) warned that criminals are using couriers to collect money from victims of cryptocurrency investment scams, also known as pig butcheri…