More 🇺🇸 ICE contracts for mass surveillance systems surfacing 👇

Microsoft drops its second-largest monthly batch of defects on record The vendor disclosed one actively exploited zero-day vulnerability in Microsoft Office SharePoint that allows attackers to view information and make changes to disclosed information.

I was out sick for a few days last week so missed this until now... cyberscoop.com/microsoft-pa...

The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad Years before the figure skater became an Olympic superstar, a Chinese operative tried to stalk her father and monitored other US residents deemed dissidents against China. And that’s just the beginnin...

NEW: Absolutely bonkers tale for @wired.com by @timmclaughlin3.bsky.social about Beijing spying on Chinese dissidents in the US, including Alysa Liu's father (and Alysa as a result): www.wired.com/story/the-we...

The surveillance law Congress can't quit — and can't explain Congress is debating whether to extend Section 702 surveillance powers, but two years after major reforms, there's little agreement on what they've achieved.

Congress overhauled Section 702 in 2024 with 56 changes. Now, as the law nears expiration, supporters and critics can’t even agree on what the numbers show. @timstarks.bsky.social on the (now fast-moving) Section 702 issues cyberscoop.com/section-702-...

I do think that we discount the "lots of people have noticed how many crypto and NFT and Metaverse shills effortlessly transitioned into becoming AI hype beasts within a matter of weeks" effect

NIST narrows scope of CVE analysis to keep up with rising tide of vulnerabilities The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation.

The National Vulnerability Database will now only analyze vulnerabilities in critical software, systems used in the federal government and those under active exploitation. via @mattkapko.com cyberscoop.com/nist-narrows...

Executive orders likely ahead in next steps for national cyber strategy National Cyber Director Sean Cairncross said execution of the strategy is “rolling forward actively.”

National Cyber Director Sean Cairncross said execution of the strategy is “rolling forward actively.” via @timstarks.bsky.social cyberscoop.com/executive-or...

CISA cancels summer internships for cyber scholarship students amid DHS funding lapse CISA has informed participants of the federal government’s Scholarship for Service program that it has canceled this year’s summer internship programs due to the current funding issues at the Departme...

The move adds to mounting pressure on a scholarship program already strained by hiring freezes, proposed budget cuts and a growing backlog of unplaced graduates. via @gregotto.bsky.social cyberscoop.com/cisa-cancels...

So we've all read about Trump's devastating FY 2027 budget cuts to CISA.

But the admin is also going to cut cyber spending across the civilian side of the government by $227m , with some agencies gaining funds to spend on cyber ad some losing quite a bit. 1/3
www.csoonline.com/article/4156...

NEW REPORT: “Uncovering Webloc: An Analysis of Penlink’s Ad-based Geolocation Surveillance Tech”

Our research confirms that ad-based surveillance tech Webloc is used by military, intelligence, and law enforcement agencies across the globe.

citizenlab.ca/research/ana...

Treasury Launches Cybersecurity Information Sharing Initiative for the Digital Asset Industry
home.treasury.gov/news/press-r...

Iranian ‘hacktivist’ group Handala calling a cyber ceasefire on their Telegram now. Not against Israel though. Also interesting to see the language as it really spells out that these are not volunteer hackers acting alone. They are not hiding their links to the regime very well…

Trenchant Exec Says He Had Depression, Money Troubles When He Decided to Sell Zero Days to Russian Buyer; Also, New Info Reveals Nature of His Work for Australian Intelligence Agency Peter Joseph Williams, a former L3 Trenchant executive recently convicted of secretly selling zero-day exploits to a Russian broker, says he was suffering anxiety, burnout, years of depression, and financial difficulties when he decided to steal exploits from his US employer and sell them to the Russian buyer. Williams, who

Former Trenchant exec who stole exploits from his employer and sold them to a Russian broker says he was suffering depression & money troubles when he decided to sell the exploits. New info also reveals the nature of the work he did for an Australian intel agency before joining Trenchant. My story:

Al Gore is a name with a really disturbing amount of foreshadowing if you believe he really invented the internet

Inside the FBI’s router takedown that cut off APT28’s ‘tremendous access’: FBI cyber chief Brett Leatherman told CyberScoop the Russian GRU campaign was unique in how it could propagate from routers to beyond. cyberscoop.com/fbi-operatio...

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa Access Now, Lookout and SMEX joined research forces to find a campaign involving suspected Indian government-connected group Bitter, ProSpy spyware and more.

Hack-for-hire spyware campaign targets journalists in Middle East, North Africa cyberscoop.com/hack-for-hir...

Men Are Buying Hacking Tools to Use Against Their Wives and Friends In Telegram groups, men are sharing thousands of nonconsensual images of women and girls, buying spyware, and engaging in doxing and sexual abuse.

NEW:

Thousands of men are members of Telegram groups and channels that advertise and sell hacking and surveillance services that can be used to harass friends, wives and girlfriends, and former partners, new research has uncovered.

Tech giants launch AI-powered ‘Project Glasswing’ to identify critical software vulnerabilities YouTube video by FedScoop

The program comes as the tech industry races to secure software before similar AI-powered offensive capabilities become too much for defenders to handle. www.youtube.com/watch?v=BQi7... | cyberscoop.com/project-glas...

Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn U.S. agencies issued an urgent warning that Iran-linked hackers are disrupting PLC, HMI and SCADA systems at U.S. energy and water facilities, causing losses.

NEW from @timstarks.bsky.social: Iranian hackers launching disruptive attacks at U.S. energy, water targets, feds warn cyberscoop.com/iranian-hack...

Cybercrime losses jumped 26% to $20.9 billion in 2025 The FBI’s annual report on digital crimes exposes a worsening environment. Yet, an unknown number of victims still suffer in the shadows never reporting the crimes they endure.

Annual cybercrime losses amounted to almost $20.9 billion last year, reflecting a 26% increase from 2024, the FBI’s Internet Crime Complaint Center (IC3) said in its annual report Tuesday. via @mattkapko.com cyberscoop.com/fbi-internet...

Exclusive: Russia supplies Iran with cyber support, spy imagery to hone attacks, Ukraine says The conclusions, reviewed by Reuters, found Russian and Iranian hackers were collaborating.

Exclusive: Russia supplies Iran with cyber support, spy imagery to hone attacks, Ukraine says - www.reuters.com/world/europe...

I don't know how many times I've thought, "If this doesn't break the spell Trump holds over this party, nothing will," but it's GOTTA be right to think it this time, right? Right?

pcTattleTale stalkerware maker sentence includes fine, supervised release A federal judge has sentenced the maker of stalkerware pcTattleTale, which went out of business after a data breach, to supervised release and a $5,000 fine.

Bryan Fleming won’t face prison time for a count to which he pled guilty in January, in a rare case of a successful U.S. stalkerware prosecution. via @timstarks.bsky.social cyberscoop.com/pctattletale...

Suspect in Hacking of Climate Activists Is Extradited to New York

Private eye Amit Forlit has been extradited to the United States.
www.nytimes.com/2026/04/06/c...

The College Student—and His Cat Meme—Who Hunted the World’s Biggest Cyberweapon A flurry of powerful attacks had internet experts baffled. Benjamin Brundage had a few tricks to help solve the mystery.

Great security story from @bobmcmillan.bsky.social www.wsj.com/tech/kimwolf...

Europe’s cyber agency blames hacking gangs for massive data breach and leak | TechCrunch CERT-EU blamed the cybercrime group TeamPCP for the recent hack on the European Commission, and said the notorious ShinyHunters gang was responsible for leaking the stolen data online.

UPDATE: A member of ShinyHunters told us that they took the stolen European Commission's data directly from TeamPCP. In other words, the hackers are hacking each other now.

techcrunch.com/2026/04/03/e...

Trump budget proposal would cut hundreds of millions more from CISA A top congressional Democrat criticized both the scope and nature of the proposed reduction.

A top congressional Democrat criticized both the scope and nature of the proposed reduction. via @timstarks.bsky.social cyberscoop.com/trump-budget...

That wording is almost identical — and is actually identical in some places — to a passage from last year's budget. (I think it actually is the same as another passage that I can't find rn.)

This is terrific, outstanding, joyous. Working link: falling-anvil.com/cyberthreate...

House Dems decry confirmed ICE usage of Paragon spyware The trio of Democrats weren’t satisfied with Immigration and Customs Enforcement answers, and criticized the spyware’s use.

The trio of Democrats weren’t satisfied with Immigration and Customs Enforcement answers, and criticized the spyware’s use. via @timstarks.bsky.social cyberscoop.com/ice-using-pa...