Field notes from the edge.
What our engineers learned this week. Hands-on technical deep-dives, postmortems, and strategy frameworks.

Vidar Infostealer Hammers SMBs via Malvertising Campaign
A financially motivated operation uses lures of cracked or pirated software to deliver a malware two-for-one combo for data theft and cryptomining.

Tool promises to make lazy academics' AI-written papers sound more human
It's bad enough that you used AI to write a research paper instead of composing it yourself. Now, you can take the extra step to hide the evidence of your sloth. A startup has decided academics need a way to hide LLM tells, yet they insist their goal isn’t to support bad habits among boffins. AI humanizers are nothing new - take a cursory look online and you’ll find that compan

New HalluSquatting Attack Could Trick AI Coding Assistants Into Installing Botnet Malware
AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that does not exist. New research, which its authors call HalluSquatting, turns that habit into an attack: work out the fake names an AI reliably invents, register them first, and wait for the assistant to fetch your trap on

Ubiquiti Patches Critical UniFi Flaws Across Connect, Talk, Access, Protect, and OS
Ubiquiti has shipped updates to address multiple critical security flaws impacting UniFi Connect, UniFi Talk, UniFi Access, UniFi Protect, and UniFi OS that could result in privilege escalation and arbitrary command execution. The list of vulnerabilities is as follows - CVE-2026-50746 (CVSS score: 10.0) - An improper access control vulnerability in UniFi Connect Application tha

SCMBANKER Malware Uses ClickFix Lures to Target Mexican Banking Users
A new banking fraudulent operation is targeting customers of Mexican banks, fintech, payment processors, and cryptocurrency exchanges using ClickFix lures. The activity cluster, tracked by Elastic Security Labs under the moniker REF6045, involves infecting victims through fake CAPTCHA verification pages that deceive them into running a malicious command that installs a PowerShe

New Ghost Phishing Wave Is Breaking Traditional Email Security
A recent EvilTokens campaign targeting businesses across the US and Europe is exposing a new email security blind spot. This “ghost phishing” technique keeps the malicious page hidden until it decrypts and comes to life inside the victim’s browser. For security leaders, the risk is clear: traditional URL checks may miss the attack while Microsoft 365 access, sensitive data, and

Introducing Meerkat: an experiment in global consensus
Many internal services at Cloudflare need to read and modify the same control-plane state from across our 330+ global data centers. They need guarantees that different readers never see inconsistent state, and that the system remains available for writes even when some data centers or links fail. But Cloudflare’s network runs across the entire Internet, and the Internet is an u

Felons, Fraudsters Flog Offensive Cybersecurity Startup
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platform they operated under assumed names. The X/Twitter account IRIS C2 (@C2IRIS) has ga

The Verification Step Is the New ATO Battleground in 2026
For years, account takeover (ATO) followed a predictable script. Attackers bought stolen credentials in bulk, ran them through automated tools, and waited for matches. Credential stuffing was cheap, scalable, and for defenders, relatively well understood. That era is ending. Not because attackers gave up, but because the front door finally got harder to kick in. Passkeys are no

GitHub 'Verified' Commits Can Be Rewritten Into New Hashes Without Breaking Signatures
New research shows that a signed Git commit's hash is not the one-of-a-kind name that much of the software world assumes it to be. Given any signed commit, someone without the signing key can mint a second commit with the same files, author, and date, and a valid signature, GitHub still stamps "Verified." Everything a reviewer would check matches. The commit's hash does not. Th
HIPAA Security Rule Update Postponed: More Time Given to Implement Major HIPAA Security Rule Changes
There has been some good news for the HIPAA-regulated entities that feel unprepared for the proposed changes to the HIPAA Security Rule. The Department of Health and Human Services (HHS) had proposed a May 2026 release date for a final rule implementing the proposed changes to the HIPAA Security Rule; however, the U.S. Office of Management and Budget (OMB) website has been upda
Cybersecurity and the Gap Between Skill and Ability
Last week, national security agencies from the Five Eyes—that’s the rich, English-language-speaking countries club—jointly released a statement warning of the increasing cyber risks of AI models: in particular, their ability to autonomously hack into systems and networks. The statement was more measured than some of the breathless headlines about it, and the advice they gave is
Memorial Healthcare Services Settles Pixel Litigation
Memorial Healthcare Services, a nonprofit healthcare provider serving patients in Southern California, has agreed to settle a class action lawsuit over its use of pixels and other tracking, web analytics, and advertising technologies on its website. The tools are alleged to have been added to the website without the knowledge or consent of patients, causing website users’ perso

Home Office's glitchy eVisa rollout lands UK privacy regulator in campaigners' crosshairs
The UK's privacy watchdog is facing calls for parliamentary scrutiny after campaigners accused it of failing to get a grip on the Home Office's glitch-plagued eVisa system. A coalition of 20 immigration, digital rights, and human rights organizations, including the Open Rights Group, has written to the chair of the Science, Innovation and Technology Committee, urging MPs to ope

Another German state heads down the open source sovereignty road
Other regions of Germany are starting to move away from proprietary tools and cloud services from the US in favor of FOSS. The state of Mecklenburg-Vorpommern, in the northeast of Germany, has confirmed it is on the road to digital sovereignty and in the process of moving to Nextcloud in place of Microsoft SharePoint. So far, around 5,000 staff are using their new FOSS tools fo

China-Linked UAT-7810 Expands ORB Network With New LONGLEASH Malware
A Chinese threat actor tracked as UAT-7810 is actively refining its bespoke malware to expand its Operational Relay Box (ORB) network by breaking into internet-facing networking devices. According to findings from Cisco Talos, UAT-7810 is an advanced persistent threat (APT) actor that's responsible for maintaining and proliferating LapDogs, an ORB network that first came to lig
Data Security Incidents Announced by Park Dental Research Corp; Wabi Sabi Behavioral Health Center
Employee data has been compromised in data security incidents at Park Dental Research Corporation in Oklahoma and Wabi Sabi Behavioral Health Center in Nebraska. Park Dental Research Corporation Park Dental Research Corporation, an Ardmore, OK-based dental implant company, has notified individuals about a security incident it experienced on or around April 29, 2026. The investi

Azure IaaS: How to design, build, and optimize cloud infrastructure for long-term cost efficiency
In this article Compute: Matching resources to workload requirements Storage: Balancing performance and lifecycle management Networking: Improving efficiency without compromising resiliency Continuous optimization is where long-term savings happen Continue your Azure IaaS optimization journey Create a resilient infrastructure with Azure This blog post is the third part of a blo

State IDs for AI Agents: Will Estonia Set a Precedent?
The world's digital testing ground plans to help people use AI agents for government purposes.
