I’m going to make an assumption that a kid was using a parent’s computer but otherwise what is an adult doing on Roblox

Vercel's security breach started with malware disguised as Roblox cheats The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.

"...the seeds of the attack were planted in February when a Context.ai employee’s computer was infected with Lumma Stealer malware after they searched for Roblox game exploits, a common vector for infostealer deployments." cyberscoop.com/vercel-secur...

The surveillance law Congress can't quit — and can't explain Congress is debating whether to extend Section 702 surveillance powers, but two years after major reforms, there's little agreement on what they've achieved.

Congress overhauled Section 702 in 2024 with 56 changes. Now, as the law nears expiration, supporters and critics can’t even agree on what the numbers show. @timstarks.bsky.social on the (now fast-moving) Section 702 issues cyberscoop.com/section-702-...

Completely new sentences never before dreamed of are created every day

Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’: FBI cyber chief Brett Leatherman told CyberScoop the Russian GRU campaign was unique in how it could propagate from routers to beyond. cyberscoop.com/fbi-operatio...

Cool, Good Morning America said the same thing this morning, glad to know the anarchist is now normie-pilled

Quick question: what the hell is he talking about

My Quest to Solve Bitcoin’s Great Mystery

This story rules
www.nytimes.com/2026/04/08/b...

"Mythos Preview is in a different league. For example, Opus turned the vulnerabilities it had found in Mozilla’s JavaScript engine into shell exploits only two times...Mythos Preview developed working exploits 181 times, and achieved register control on 29 more." red.anthropic.com/2026/mythos-...

Had to change the avi since that OG photo was from the first Obama term. Felt like false advertising at this point.

Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities Anthropic unveils Project Glasswing with major tech partners, using an unreleased model to find and fix long-hidden software vulnerabilities.

NEW: Anthropic announced Project Glasswing on Tuesday, a major effort to use advanced artificial intelligence to identify and address security flaws in the world’s most critical software systems cyberscoop.com/project-glas...

Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn U.S. agencies issued an urgent warning that Iran-linked hackers are disrupting PLC, HMI and SCADA systems at U.S. energy and water facilities, causing losses.

NEW from @timstarks.bsky.social: Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn cyberscoop.com/iranian-hack...

‘GrafanaGhost’ bypasses Grafana's AI defenses without leaving a trace Noma Security researchers disclosed GrafanaGhost, a Grafana vulnerability that uses indirect prompt injection to silently exfiltrate sensitive enterprise data — bypassing AI guardrails without a login...

Noma Security researchers used indirect prompt injection to turn Grafana's own AI into an unwitting courier for sensitive corporate data cyberscoop.com/grafanaghost...

lol no, Underhill

He was a history teacher so I guess he got to his goal of having the event stick in our heads even if it was a lie of wild proportions lol

I learned about this incident bc I had a teacher in high school that was in the Air Force, and he used to tell his students he was the reason he stopped this bomb from blowing up. Completely fabricated his role in the ordeal ( cc @hugetinymistake.bsky.social)

"variities" of news, clearly i go a bit smooth-brained when im away from the desk for too long

Your favorite cybersecurity editor is back on the desk, feel free to pummel my inbox with all variities of news

Security leaders say the next two years are going to be 'insane' Top security experts warn AI is discovering vulnerabilities exponentially faster than defenders can respond, creating a "perfect storm" for attackers over the next two years.

NEW: I generally avoid FUD, but when Kevin Mandia, Alex Stamos and Morgan Adamski tell me that thanks to AI capabilities, the next two years are going to be "insane," I listen. And I write about it. My article after an exclusive sit-down at RSAC: cyberscoop.com/ai-cyberatta...

I’m sorry I only stick with ethical, single-origin, 11-leg parlays

Overheard at RSAC part 2: Gang when I die I want to come back as a Russian cybercriminal

Overheard at RSAC part 1: oh my god the show floor is predatory, I felt like I was walking past bars in Tiujana

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack Attackers compromised the open-source security tool and published malicious versions of the software. Mandiant warns the fallout could impact up to 10,000 downstream victims.

Experts warn of a ‘loud and aggressive’ extortion wave following Trivy hack -- cyberscoop.com/trivy-supply...

Critics call FCC router rule a ‘big swing’ that could create more supply chain uncertainty The choice to ban all foreign-made routers instead of targeting known risks could create legal and supply chain disruptions with unclear national security returns.

@derekbjohnson.bsky.social talked to experts about this FCC router ban in order to figure out whats going on and how big of a mess it could end up being cyberscoop.com/fcc-bans-for...

An AI-powered phishing campaign has compromised hundreds of organizations Huntress researchers said it’s likely the victims in Railway’s customer set represent just a fraction of compromised organizations worldwide.

A phishing campaign tied to AI cloud-hosting service Railway has given hackers access to the Microsoft cloud accounts for hundreds of businesses, according to researchers at @huntress.com cyberscoop.com/huntress-rai...

The phone call is the new phishing email Voice-based phishing was at the root of multiple attack sprees Mandiant responded to last year, reflecting a concerning shift in tactics.

The phone call is the new phishing email cyberscoop.com/social-engin...

A Reddit post that says a talk at BSides SF was wildly misogynistic.

Dead serious: If anyone out there witnessed this, slide into my DMs

An announcement that N-able has partnered with Man City. Manchester is red, btw.

Finally, a City partner that can encrypt the financial data faster than the Prem auditors can read it

My powers, as mighty as they are, have limits 😔

Ex-L3Harris executive sentenced to 87 months in prison for selling zero-day exploits to Russian broker Peter Williams was sentenced to seven years in prison Tuesday for selling restricted zero-day exploits to a Russian broker. Prosecutors say the $35M trade secret theft involved the specialized Trencha...

think its more along the lines of this - cyberscoop.com/l3harris-exe...