MX Linux 25.2 provides possible refuge from AI as well as systemd
Plus, Raspberry Pi edition finally catches up
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text mess…
Fired IT worker jailed for 21 months after sabotaging old school district
Iowan’s scheme undone after misplacing trust in former coworker
phpBB forum fixes auth bypass bug lurking for a decade
A 10-year-old authentication bypass vulnerability discovered in the phpBB forum software allows an attacker to log in as any user, including administrators. [...]
China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which t…
Ukrainian national pleads guilty to role in Conti ransomware operation
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation. [...]
Over 400 Arch Linux packages compromised to push rootkit, infostealer
More than 400 packages in the Arch User Repository (AUR) are distributing a Linux rootkit and infostealer malware targeting credentials and access tokens. [...]
In Other News: Google Security Layoffs, AudiA6 Takedown, $400 Million Coupang Fine
Other noteworthy stories that might have slipped under the radar: ICS device exposure remains flat as attack surface widens, Microsoft issues incident response playbook for AI, IBM…
NetBox at 10: Network inventory tool now a full infrastructure intelligence platform
NetBox was not originally designed to manage AI infrastructure. When the project was first released as an open source tool in 2016, the goal was straightforward: Give network teams…
KPMG's AI report becomes an accidental demo of AI hallucinations
GPTZero claims only 5 of the report's 45 citations matched their sources, raising questions about how the Big Four's AI study was assembled
How Jeetu Patel made Cisco unrecognizable
Cisco Live 2026 is in the books, and it was “prove it” time for a promise made 24 months ago. At Cisco’s 2024 event, Chief Product Officer Jeetu Patel said that Cisco would be unre…
Early Warning Signs of Supply-Chain Attacks Live in the Dark Web
GitHub access sales, leaked repositories, and stolen API keys can all become supply-chain attack footholds. Flare explores how underground forums expose early signals tied to softw…
Novo Nordisk reports cyberattack as UK gives Wegovy pill the nod
Clinical trial participant data stolen, but pharma giant says exposed records were pseudonymized
Amazon owns up to using 2.5bn gallons of H2O in its bit barns last year
The West's biggest online shopping mall comes clean about its datacenter water usage
Microsoft has mostly repaired flaw in Surface hardware that allowed unprotected devices to be bricked by a single packet
And it was Microsoft Copilot that unwittingly revealed the longstanding vulnerability
Claude Fable 5 Doesn't Change the Mythos Security Story
Stay cool: Mythos 5 is an upgrade over Mythos Preview while Fable 5 is Mythos "made safe for general use," Anthropic explains.
HN831: The Sum, Not Just the Parts: How and Why to Think Holistically About Your Network
Your network is an interconnected system. A change you make on one device has consequences beyond that device. Therefore, to do your job well, you must think about the network as a…
Industry Reactions to Claude Fable 5: Feedback Friday
Industry professionals comment on various aspects of Fable 5, including dual-use capabilities, safeguards, and tiered access. The post Industry Reactions to Claude Fable 5: Feedbac…
Google fires sueball at alleged Chinese phishers over AI-powered fraud ops
Telegram-based 'Outsider Enterprise' accused of sending millions of scam texts and impersonating trusted brands
Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code
Cybersecurity researchers have described what they say is a new class of attack that can trick artificial intelligence (AI) coding agents into running arbitrary code on developer m…
Microsoft fixes Windows update failures linked to WUSA installer
Microsoft has fixed a known issue that caused Windows updates released since May 2025 to fail when installed via the Windows Update Standalone Installer (WUSA) from a network share…
Elon Musk is now worth more than $1,000,000,000,000
Retail investors lined up to get a handful of Musk's magic beans in SpaceX's debut
Iranian Cyber Group Handala Claims Cal Water Hack
The hackers published 5GB of data, including customer personal information and credentials for the RTKBase platform. The post Iranian Cyber Group Handala Claims Cal Water Hack appe…
Bernie Sanders’ AI Sovereign Wealth Fund Plan
Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful o…
Rethinking MDR as Attackers and Defenders Embrace AI
For most of the past decade, managed detection and response was the answer to a real problem. Security teams couldn't staff around the clock, couldn't hire enough analysts, and nee…
Met Police boss threatens to cut 700 frontline jobs after Palantir deal blocked
Commissioner Mark Rowley says automation savings are now 'at risk'
Plymouth council exposes hundreds in latest local government email gaffe
Authority admits mass message to home-schooling families revealed recipients' addresses, prompting ICO report and apology
UK digital ID gets brain trust to 'challenge' ministers on policy
CEO of Mumsnet among the six-member team
Pharma giant Novo Nordisk discloses breach of clinical trials data
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials. [...]
LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution
Cybersecurity researchers have disclosed details of three now-patched security flaws impacting LangGraph, including a critical vulnerability chain that could result in remote code …