The Chinese Computer Emergency Response Center announced that a U.S. intelligence agency hacked an advanced materials unit and an energy-focused company, stealing important trade secrets and intellectual property via trojans. www.globaltimes.cn/page/202412/...

Daily. Very good for reading!

25m

GitHub - punkpeye/awesome-mcp-servers: A collection of MCP servers. A collection of MCP servers. Contribute to punkpeye/awesome-mcp-servers development by creating an account on GitHub.

Anyone else thinking that the emergence of the MCP server layer on top of Claude signals that LLMs are coming to data engineering for real? Who's interacting with a MCP server & agent framework already? Any hot takes? github.com/punkpeye/awe...

Humble Tech Book Bundle: Hacking 2024 by No Starch Level up your hacking and skills with this tech bundle from No Starch. Learn to protect yourself and others! Pay what you want & support charity!

Check out the Hacking 2024 bundle. You get 18 infosec books (including my book, HACKS: LEAKS, AND REVELATIONS), you pay what you want, and it raises money for charity. It ends in 2 weeks www.humblebundle.com/books/hackin...

Exclusive: The backdoor inserted in v1.95.7 adds an "addToQueue" function which exfiltrates the private key through seemingly-legitimate CloudFlare headers.

Calls to this function are then inserted in various places that (legitimately) access the private key.

AWS' Trainium2 chips for building LLMs are now generally available, with Trainium3 coming in late 2025 | TechCrunch At its re:Invent conference, AWS today announced the general availably of its Trainium2 (T2) chips for training and deploying large language models

The AI chip race heats up as AWS unveils Trainium2 (T2) chips, designed to train and deploy large language models faster than Nvidia GPUs though Blackwell is expected to surpass them.

In a surprising move Apple announced it’s using AWS chips for search and exploring their use for Apple Intelligence

Photonic processor could enable ultrafast AI computations with extreme energy efficiency Researchers developed a fully integrated photonic processor that can perform all the key computations of a deep neural network on a photonic chip, using light. This advance could improve the speed and...

news.mit.edu/2024/photoni...

I think iOS 18.2 RC will likely be released next week 🤔

T-Mobile Engineers Spotted Hackers Running Commands on Routers Suspicious behavior on T-Mobile US Inc.’s network devices tipped off the company to a breach that was potentially part of a sprawling cyber-espionage campaign that has raised urgent questions about th...

Suspicious behavior on T-Mobile US’s network devices tipped off the company to a breach that was potentially part of a sprawling cyber-espionage campaign that has raised urgent questions about the exposure of a critical sector of the economy

I agree it should be transparent. But it’s important that it should be easy to trust big account. It’s one of the tools against misinformation. Impersonating a non famous person vs a famous one is really different!

Exactly trust is everything. This is the reason why the process of verification should be strict and the verifier should be trustable as well!

Verification is all about what’s authority is behind it and what’s the process to be verified.

The blue check will be meaningless only if the process is not strict.

The last sentence is true, except the normal user of this platform may not understand it.

For example, no one can really say this domain really verifies you. Anyone can register a domain.

Domain verification is not bullet proof and will mostly work with well established organizations with known domains. I am not sure it will work for the lambda person. For example, how do you know a certain domain is really associated to a given person?

Great video

Defensible Security Architecture and Engineering: Designing and Building Defenses for the Future 2024 Verizon DBIR shows 180% surge in vulnerability exploits. Learn Zero Trust principles to counter modern threats.

ZT & VPN aren’t mutually exclusive

Zero Trust isn’t just a buzzword—it’s a necessity. Zero Trust Network Access (ZTNA) can replace VPNs, reduce lateral movement, and harden existing devices, making them nearly impossible to exploit.
thehackernews.com/expert-insig...

From authentication to authorisation: Navigating the changes with eIDAS 2.0 Discover how the eIDAS 2.0 regulation is set to transform digital identity and payment processes across the EU, promising seamless authentication, and enhanced security.

By 2026 EU member state is obliged to offer an EU digital identity wallet (EUDIW) tink.com/blog/open-ba...
EUDIW is set to be built on the foundation of eUICC-supported-SAM.
#SecureApplicationForMobile

Secure Application for Mobile (SAM) for mobile operators YouTube video by GlobalPlatform TV

The eUICC-Supported-SAM initiative aims to transform our smartphones into our very own identities, complementing our physical Smartcards. This innovative approach promises to create a safer and more secure internet experience for all users.

youtu.be/gyiMbag0d1Y?...

Cloudflare incident on November 14, 2024, resulting in lost logs On November 14, 2024, Cloudflare experienced a Cloudflare Logs outage, impacting the majority of customers using these products. During the ~3.5 hours that these services were impacted, about 55% of t...

After Microsoft, now Cloudflare discloses an incident where it lost customer logs... for Microsoft this was weeks of logs... for Cloudflare only 3.5 hours

blog.cloudflare.com/cloudflare-i...

iOS 19 is rumored to introduce a ChatGPT-like Siri, designed to handle more complex requests. Other features, apart from the new Siri, are reportedly delayed until iOS 19.4, set to launch in Spring 2026.

According to Mark Gurman

In such a pity that there is no freemium options. I use Wanderlog to keep planning my trips and pay the subscriptions when I am travelling!

Microsoft Outage: Outlook And Teams Restoration Time Unclear As Company Deploys Fix Microsoft said it’s working to fix a Monday morning email and calendar outage but has not said exactly when service will be restored.

Microsoft has deployed a fix to restore email and calendar services to thousands of users who reported outages early Monday, reaching about 98% of customers—but when exactly the programs will completely come back online is still unclear.

Here are my top 3 favorite iPhone gestures! The two-finger select is always a great party trick:

How Siri Controls My 100% Apple Smart Home YouTube video by Stephen Robles

📺 Siri can control way more than just your garage! Inspired after hearing @joannastern.bsky.social and @gruber.foo discuss smart home, here's how I control over 100 HomeKit devices with Siri, including water hoses, ceiling fans, shades, lights, and yes, even the garage: youtu.be/wyFCipx4-14

cool to see other people had the same idea. i hope we see lots of competing takes on this

I don’t see the benefit of this

Presentations — Benedict Evans Every year, I produce a big presentation exploring macro and strategic trends in the tech industry. For 2024, ‘AI, and everything else’.

Benedict Evans writes an annual presentation on the big technology trends for the next year which is always insightful. The theme for 2025 is “AI eats the world”.

Really interesting paper about the future of smartcard and mobile based secure identify
#SAM #eUICC #eSIM #Smartcard #identity #Security
trustedconnectivityalliance.org/wp-content/u...

i’m starting to think labellers might be more powerful than blocklists. When you hit the “report” button, it gives you a workflow to report to any labeller. in fact, bluesky’s moderation service *is* a labeller

here’s a labeller for US politics
bsky.app/profile/uspo...