Mar 27, 2026

Email 1:

Subject: Srsly Risky Biz: FBI Says Why Get a Warrant When You Have Kashs

Sender: risky-biz@ghost.ioD

Summary: FBI Director Kash Patel admitted in a Senate hearing that the FBI is purchasing commercially available location data to track Americans, consistent with the Constitution and Electronic Communications Privacy Act. This data can be as intrusive as cellphone location data but does not require a warrant for purchase, raising concerns about civil liberties and lack of oversight. A bipartisan bill, the Government Surveillance Reform Act, proposes requiring warrants for such data usage. Other topics include the FCC’s ban on importing new consumer routers produced outside the US aiming to reshore manufacturing but lacking a focus on security, and the Trump administration’s cyber strategy to enhance public-private information sharing to disrupt adversary networks. Positive news includes disruption of four DDoS botnets, Japan’s approval of active cyber defense, and Germany’s proactive approach to zero-day vulnerabilities.

Email 2:

Subject: Russia arrests alleged LeakBase admin after global cybercrime forum takedowns

Sender: info@metacurity.comD

Summary: Russian authorities arrested a resident of Taganrog accused of creating and administering LeakBase, a major cybercriminal forum seized by Western law enforcement, hosting data for over 142,000 members. Separately, an Armenian man was extradited to the US for RedLine infostealer malware-related charges. Spain’s Port of Vigo suffered disruption from ransomware, forcing manual operations. An AI-assisted campaign spread over 300 trojanized GitHub packages stealing data. Four vulnerabilities were found in Cisco Catalyst 9300 switches allowing privilege escalation and denial of service. Puerto Rico’s Department of Transportation canceled appointments following a cyberattack but reports no data theft. Researchers also reported active exploitation of a critical Magento vulnerability allowing code execution and skimming attacks. Google accelerated timelines for post-quantum cryptography integration by 2029. UK Apple users now face age verification methods to comply with new safety regulations. India ordered a nationwide CCTV audit after alleged Pakistan-backed surveillance via compromised cameras. Other news: leadership change at Co-op Group following cyberattack losses, Politico reviewing security after leak of private call recordings, Meta and YouTube ordered to pay damages over addictive design impacting a user, and ransomware attack targeting a mental health agency by Russian group Qilin.

Email 3:

Subject: Secure access across humans, AI agents, and machine identities

Sender: news@securityweek.comD

Summary: 1Password® introduces Unified Access, a solution designed for today’s security challenges that involve human users, AI agents, and non-human identities (NHIs). The platform helps organizations discover unmanaged AI agents, securely vault credentials, broker access, and provide audit trails with clear attribution. The solution aims to enable innovation without compromising security. Related resources include blogs on AI agent security challenges, how companies like Canva scaled their security and productivity, and benchmarks teaching AI agents to avoid scams.

Email 4:

Subject: CISA’s acting director warns of long-term impacts of DHS shutdown | The CyberWire 3.26.26s

Sender: editor@newsletter.n2k.comD

Summary: Nick Andersen, acting director of CISA, testified before the House Homeland Security Committee that the Department of Homeland Security shutdown has increased cyber risks and led to staff resignations, with 60% of CISA furloughed. Remaining personnel work unpaid under increasing pressure from nation-state and criminal threats to critical infrastructure. The shutdown impedes operational directives, industry coordination, and incident response capacity, creating opportunities for adversaries. Andersen warns long-term damage to agency hiring and reputation. Additional topics include Rapid7’s report on a stealthy Chinese espionage operation using BPFdoor, a kernel-level Linux backdoor operating stealthily in telecom networks, and Russia’s arrest of the alleged LeakBase administrator. Related reads cover Indian CCTV espionage linked to Pakistan, Iranian ransomware resurgence, and other cybersecurity and legal developments.

Email 5:

Subject: Chinese Hackers Deep in Telecom Backbone Infrastructures

Sender: news@securityweek.comD

Summary: A deep espionage campaign by Chinese hackers has penetrated telecom backbone infrastructure, deploying stealthy Linux backdoors leveraging kernel features like Berkeley Packet Filter (BPF) to avoid detection. Other headlines include a data breach impacting 130,000 at Hightower Holding, critical patches released for BIND and Cisco IOS vulnerabilities, and advancements by Dell and HP in quantum-resistant device security. Onit Security has raised $11M for its exposure management platform. A Russian cybercriminal received a two-year prison sentence in the US, and a RedLine malware administrator was extradited. The newsletter highlights recent cybersecurity conference announcements, ongoing investigation updates, and expert insights on agentic AI governance and social vetting challenges in security.

Stay Well!