Apr 03, 2026 Subject: Srsly Risky Biz: America’s Next Top (Cyber) Models Sender: risky-biz@ghost.ioD Summary: – AI models, especially Anthropic’s Opus 4.6 and Claude Code, have shown remarkable ability to find and exploit software vulnerabilities, including zero-days, in complex, well-audited software. – Opus 4.6 found over 500 high-severity vulnerabilities in
Apr 02, 2026 Subject: Risky Bulletin: Iranian password sprays came first, then came the missiles Sender: risky-biz@ghost.io Chatlink: https://summymonkey.me/wp-json/chatlink/v1/sm-chat?chat=MjAyNjA0MDEwNTUzMjIuNGY3YWExMGM1YmJhZjRiNUBtLmdob3N0LmlvfHxja3NtK2N5YmVyc2VjdXJpdHlAc3VtbXltb25rZXkubWU=4da5ee152e22cf2615fb0efb26ed53fbc Content: – Summary: A suspected Iranian APT group conducted a wide-ranging password spray attack against Microsoft 365 accounts of governments and private sector organizations in the Middle East, particularly Israeli and
Apr 01, 2026 Email 1: Subject: California uses AI contracts to impose safeguards, teeing up clash with Trump Summary: – California Governor Gavin Newsom issued an executive order requiring AI companies seeking state contracts to meet safety, transparency, and civil rights standards. – The order targets preventing bias, discrimination, unlawful
Mar 31, 2026 Email 1 Summary: Apple has introduced a secret security feature in macOS version 26.4 that warns users of possible “ClickFix” attacks. When a user copies and pastes commands from a browser into the Terminal window, a popup appears to alert them to the risk. ClickFix attacks trick
Mar 29, 2026 I recently came across some troubling cybersecurity developments that are worth highlighting. In one case, Israel reportedly repurposed Iran’s extensive network of surveillance cameras, which were initially meant for internal monitoring, turning them into a precise AI-driven targeting system. This situation exposes a critical weakness: millions of
Mar 28, 2026 Email Summaries: Risky Bulletin: Russia to use custom crypto-algorithm for its 5G networks Russian government proposes law mandating all mobile operators to use a domestically-developed encryption algorithm NEA-7 for 5G networks. Foreign algorithms like SNOW, AES, and ZUC permitted only until 2032. Purpose includes impeding Ukrainian drone
Mar 27, 2026 Email 1: Subject: Srsly Risky Biz: FBI Says Why Get a Warrant When You Have Kashs Sender: risky-biz@ghost.ioD Summary: FBI Director Kash Patel admitted in a Senate hearing that the FBI is purchasing commercially available location data to track Americans, consistent with the Constitution and Electronic Communications
Mar 26, 2026 Email 1: Subject: Risky Bulletin: The Intellexa CEO is pissed!!! From: risky-biz@ghost.io Content Summary: – Intellexa CEO Tal Dillian is furious after being sentenced along with his wife and executives to over 126 years for “violating the confidentiality of telephone communications” tied to the Predatorgate spyware scandal
Mar 25, 2026 Subject: Leaked DarkSword iPhone spyware lowers bar for mass exploitations Summary: A newly leaked version of DarkSword iPhone spyware toolkit was published on GitHub, making it accessible to a broad range of cybercriminals. The spyware exploits vulnerabilities in iOS versions older than iOS 26, jeopardizing hundreds of
Mar 24, 2026 Email 1: Subject: Risky Bulletin: GitHub is starting to have a real malware problem Content Summary: – GitHub is increasingly being misused by threat actors to host and distribute malware disguised as legitimate software repositories. – Threat actors clone legitimate repositories, inject malware (e.g., infostealers or remote