Latest
- Congress Turns Up Pressure on DHS Over Palantir’s Role in Immigration Crackdown
Democrats are demanding answers about Palantir and other surveillance firms powering Trump’s hard-line immigration enforcement agenda.
- Congress Turns Up Pressure on DHS Over Palantir’s Role in Immigration Crackdown
Democrats are demanding answers about Palantir and other surveillance firms powering Trump’s hard-line immigration enforcement agenda.
- Open dataset: 100k+ multimodal prompt injection samples with per-category academic sourcing
<!-- SC_OFF --><div class="md"><p>I submitted an earlier version of this dataset and was declined on the basis of missing methodology and unverifiable provenance. The feedback was fair. The documentation has since been rewritten to address it directly, and I would very much appreciate a seco…
- Open dataset: 100k+ multimodal prompt injection samples with per-category academic sourcing
I submitted an earlier version of this dataset and was declined on the basis of missing methodology and unverifiable provenance. The feedback was fair. The documentation has since been rewritten to address it directly, and I would very much appreciate a second look. What the dataset contains 101,032 samples in total, balanced 1:1 attack to benign. Attack samples (50,516) across 27 categories sourced from over 55 published papers and disclosed vulnerabilities. Coverage spans: Classical injection …
- The 10 Best MagSafe Phone Grips for Your Butter Fingers (2026)
Keep your phone firmly in hand and add some personality with these comfortable, durable, and nifty smartphone grips.
- The 10 Best MagSafe Phone Grips for Your Butter Fingers (2026)
Keep your phone firmly in hand and add some personality with these comfortable, durable, and nifty smartphone grips.
- AVEVA Pipeline Simulation
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-04.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training&…
- CISA Adds One Known Exploited Vulnerability to Catalog
<p>CISA has added one new vulnerability to its <a href="https://www.cisa.gov/known-exploited-vulnerabilities-catalog" data-entity-type="node" data-entity-uuid="79453b83-86b9-4e2f-b1ec-abf73c6eb291" data-entity-substitution="canonical" title="Known Exploited Vulnerabilities Catalog">Known Exploited Vulnerabilities (KEV) Catal…
- Horner Automation Cscape and XL4, XL7 PLC
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-02.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and service…
- Delta Electronics ASDA-Soft
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-01.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code.</strong></p> &l…
- Anviz Multiple Products
<p><a href="https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-106-03.json"><strong>View CSAF</strong></a></p> <h2>Summary</h2> <p><strong>Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive&#…
- Smart Plug Guide (2026): When You Should and Shouldn’t Use One
Smart plugs can add controls to any outlet, but they aren’t perfect for everything. Here’s our guide to using one and which ones to buy.
- AVEVA Pipeline Simulation
View CSAF Summary Successful exploitation of this vulnerability could allow an unauthenticated attacker to modify simulation parameters, training configuration and training records. The following versions of AVEVA Pipeline Simulation are affected: Pipeline Simulation <=2025_SP1_build_7.1.9497.6351 CVSS Vendor Equipment Vulnerabilities v3 9.1 AVEVA AVEVA Pipeline Simulation Missing Authorization Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide…
- CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-34197 Apache ActiveMQ Improper Input Validation Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of kno…
- Horner Automation Cscape and XL4, XL7 PLC
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to systems and services. The following versions of Horner Automation Cscape and XL4, XL7 PLC are affected: Cscape v10.0 XL7 PLC v15.60 XL4 PLC v16.32.0 CVSS Vendor Equipment Vulnerabilities v3 9.1 Horner Automation Horner Automation Cscape and XL4, XL7 PLC Weak Password Requirements Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwi…
- Delta Electronics ASDA-Soft
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code. The following versions of Delta Electronics ASDA-Soft are affected: ASDA-Soft <=V7.2.2.0 CVSS Vendor Equipment Vulnerabilities v3 7.8 Delta Electronics Delta Electronics ASDA-Soft Stack-based Buffer Overflow Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Taiwan Vulnerabilities Expand All + CVE-202…
- Anviz Multiple Products
View CSAF Summary Successful exploitation of these vulnerabilities could allow attackers to conduct reconnaissance, capture or decrypt sensitive data, alter device configurations, gain unauthorized administrative or root‑level access, execute arbitrary code, compromise credentials or communications, and ultimately obtain full control over affected devices. The following versions of Anviz Multiple Products are affected: CX2 Lite Firmware vers:all/* (CVE-2026-32648, CVE-2026-40461, CVE-2026-35682,…
- Smart Plug Guide (2026): When You Should and Shouldn’t Use One
Smart plugs can add controls to any outlet, but they aren’t perfect for everything. Here’s our guide to using one and which ones to buy.
- LG Sound Suite Review: Big Sound for Larger Rooms
The Dolby Atmos soundbar setup rivals the best from Samsung and Sonos.
- LG Sound Suite Review: Big Sound for Larger Rooms
The Dolby Atmos soundbar setup rivals the best from Samsung and Sonos.
- Best MacBook Accessories (2026): Chargers, Covers, Keyboards, and More
From charging adapters to external monitors, I’ve gathered the absolute best peripherals for your MacBook.
- Best MacBook Accessories (2026): Chargers, Covers, Keyboards, and More
From charging adapters to external monitors, I’ve gathered the absolute best peripherals for your MacBook.
- Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8…
- Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution
Cisco has announced patches to address four critical security flaws impacting Identity Services and Webex Services that could result in arbitrary code execution and allow an attacker to impersonate any user within the service. The details of the vulnerabilities are below - CVE-2026-20184 (CVSS score: 9.8) - An improper certificate validation in the integration of single sign-on (SSO)
- Heybike Comfort Ranger 3.0 Pro Electric Bike Review: Tough Little Cargo Ebike
This fully waterproof little folding cargo ebike is tough enough to take on rain and the worst potholes Montana has to offer.
- This Beanie Is Designed to Read Your Thoughts
California-based startup Sabi is developing a thought-to-text wearable that could usher in the cyborg future.
- This Beanie Is Designed to Read Your Thoughts
California-based startup Sabi is developing a thought-to-text wearable that could usher in the cyborg future.
- Heybike Comfort Ranger 3.0 Pro Electric Bike Review: Tough Little Cargo Ebike
This fully waterproof little folding cargo ebike is tough enough to take on rain and the worst potholes Montana has to offer.
- Robot Vacuum Throwdown: Shark Versus Dyson (2026)
I let Shark’s and Dyson’s new AI-powered robot vac-mops loose in my home. One was a clear winner.
- Robot Vacuum Throwdown: Shark Versus Dyson (2026)
I let Shark’s and Dyson’s new AI-powered robot vac-mops loose in my home. One was a clear winner.
- Tempo Prepared Meal Subscription Review (2026): Surprisingly Tasty
After testing 14 meals from Tempo, a spin-off subscription service from Home Chef, a colleague and I were surprised by how much we liked them. But lord, there's lots of chicken
- Tempo Prepared Meal Subscription Review (2026): Surprisingly Tasty
After testing 14 meals from Tempo, a spin-off subscription service from Home Chef, a colleague and I were surprised by how much we liked them. But lord, there's lots of chicken
- The Star Trek Communicator Is Now a High-End Wristwatch
This luxury Swiss watch brand has gone where no one has gone before. Unfortunately, the price is out of this world too.
- Where the DOGE Operatives Are Now
WIRED tracked down some of the most prominent figures of last year’s DOGE invasion. Here's where they are now—in government and beyond.
- Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF…
- Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and cryptocurrency sectors. Dubbed REF6598 by Elastic Security Labs, the activity has been found to leverage
- MAGA Indians Went All In on Trump. Many Right-Wingers Can’t Stand Them
South Asians are a powerful, visible minority in the Trump administration. They’re also facing a racist backlash, fueled in part by the white nationalist Groyper movement.
- Human Trust of AI Agents
<p>Interesting research: “<a href="https://arxiv.org/pdf/2505.11011">Humans expect rationality and cooperation from LLM opponents in strategic games</a>.”</p> <blockquote><p><b>Abstract:</b> As Large Language Models (LLMs) integrate into our social and economic interactions, we …
- Human Trust of AI Agents
Interesting research: “Humans expect rationality and cooperation from LLM opponents in strategic games.” Abstract: As Large Language Models (LLMs) integrate into our social and economic interactions, we need to deepen our understanding of how humans respond to LLMs opponents in strategic settings. We present the results of the first controlled monetarily-incentivised laboratory experiment looking at differences in human behaviour in a multi-player p-beauty contest against other humans and LLMs. …
- UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. Th…
- UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted governments and municipal healthcare institutions, mainly clinics and emergency hospitals, to deliver malware capable of stealing sensitive data from Chromium-based web browsers and WhatsApp. The activity, which was observed between March and April
- 6-Year Ransomware Campaign Targets Turkish Homes & SMBs
While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption.
- 6-Year Ransomware Campaign Targets Turkish Homes & SMBs
While enterprises breaches make more headlines, smaller incidents tend to be under-reported, if at all, allowing campaigns to last longer with less disruption.
- Critical MCP Integration Flaw Puts NGINX at Risk
Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files.
- Critical MCP Integration Flaw Puts NGINX at Risk
Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration files.
- Navigating the Unique Security Risks of Asia's Digital Supply Chain
Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle.
- Navigating the Unique Security Risks of Asia's Digital Supply Chain
Regulatory differences, interconnected digital ecosystems, and the rise of AI have created a complex supply chain Asian organizations must wrangle.
- n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these attackers bypass traditional s…
- n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emails. "By leveraging trusted infrastructure, these attackers bypass traditional security filters, turning productivity tools into delivery
- Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now
Quantum computers are coming and may impact systems in unexpected ways, and it will "take years to be fully quantum-safe, if ever," cryptography expert warns.