You will now do the hard things because you must, whether you like them or not. To do otherwise will be seen as—and may actually be—wanton negligence.

good call on adding "Denial-of-service: no" to robots.txt

-Malicious LLM proxy routers found in the wild
-Fake Ledger crypto-wallet stole $9.5m in two weeks
-Silent group hit almost 40 law firms in a year
-Google cracks down on back button hijacking
-Hallmark leak impacts 1.7m

Newsletter: news.risky.biz/risky-bullet...
Podcast: risky.biz/RBNEWS551/

Diesel, jet fuel and fertilizer prices before and after Israel and USA attack on Iran

Impacts of Iran war on Diesel, Jet fuel, and fertiliser prices
www.imf.org/en/news/arti...

Not the silver bullet you think it is, unfortunately. Apps are collecting geolocation and sending it back to base. Where the IP connection originates from is less relevant, which is what your VPN service masks.

heatmaps from the report showing tracking

BREAKING: You checked the weather this morning.

And you just told a surveillance company where you sleep.

Meet #Webloc, used by ICE, cops & foreign govs to track 500m+ phones.

No warrant required.

Our @citizenlab.ca investigation + how to protect yourself 🧵/1
citizenlab.ca/research/ana...

If the Nutella marketing team doesn’t come up with a commercial by end of this week to capitalize on this marketing opportunity they should all be fired. 😂😅

Philippines is about to fast track about that much for the month of April. www.bworldonline.com/the-nation/2...

Press Gazette exposé of parasite SEO firm removed from Google results Press Gazette reporting on parasite SEO company Clickout Media removed from Google search results after anonymous complaint.

A Press Gazette investigation into parasite SEO firm Clickout Media has been removed from Google’s search index after a bogus legal complaint under the US Digital Millennium Copyright Act.

A Search Engine Land follow-up report has also been removed from Google pressgazette.co.uk/news/parasit...

If you use GitHub (especially if you pay for it!!) consider doing this *immediately*

Settings -> Privacy -> Disallow GitHub to train their models on your code.

GitHub opted *everyone* into training. No matter if you pay for the service (like I do). WTH

github.com/settings/cop...

How and Why to Ditch GitHub How much of your code do you feel like entrusting to Microsoft? How about American data centers? Here's an easy way to jump ship and maintain operations.

Another great day to post this for no reason

Wait till they realise no consumer routers are made in the US.

Kharg Island no longer under Iranian control by...? View real-time odds for "Kharg Island no longer under Iranian control by...?" as of March 20, 2026 and trade on The World's Largest Prediction Market™

Watch this prediction market:
polymarket.com/event/kharg-...

When it suddenly jumps WITHOUT a formal announcement you know it is insiders trading and Trump is going to compound his stupidity even more.

Caveat to above - not played with their mesh systems so hopefully someone here can comment on the ease of use/maintenance.

Ubiquiti gives you power and flexibility, and if you combine the setup with one of the gateways you get great telemetry. It does need some feeding and watering though. I don’t have a mesh either - just ethernet direct to multiple access points. If it’s plug and play you are after, shop around.

🤦‍♂️🤷‍♂️ 🙇🏼

Revealed: the world’s worst mega-leaks of methane driving global heating Exclusive: Fixing a leak can be simple and equivalent to closing a coal power station, making lack of action maddening, say analysts The world’s worst mega-leaks of the potent greenhouse gas methane in 2025 have been revealed by an analysis of satellite data. The super-polluting plumes from oil and gas facilities have a colossal heating impact on the climate but often result from poor maintenance and can be simple to fix. The assessment found dozens of mega-leaks, each having the same global heating impact as a coal-fired power station. Continue reading...

Revealed: the world’s worst mega-leaks of methane driving global heating

Nevermind the Oscars, what we all *really* want to know is: Which film is winning this year’s FIFA best picture award.

When you don't require security keys and a dedicated device for your privileged admin roles

We issued an RFP for the same hardware that we ordered in September 2025. The quoted price is 3.5 times higher than the previous price for the exact same hardware. In addition, the offer validity is now limited to only three days.

#memory #aibubble #hardware

Domino meme Small domino: people upset about high food and energy prices Large domino: higher food and energy prices

This is going to get really old

The mystery of a globetrotting iPhone-hacking toolkit Tools used in a series of hacking campaigns by hackers in Russia, Ukraine, and China may have originated inside U.S. government contractor L3Harris, TechCrunch has learned.

SCOOP: The iPhone mass hacking toolkit used by Russian spies was developed at U.S. military contractor L3Harris, former employees said.

The Coruna toolkit was used against Ukrainians and by Chinese cybercriminals, according to Google. But the toolkit was initially developed for Western governments.

We've invented service accounts all over again. MCP servers are quietly becoming the same overprivileged, under-monitored access brokers that have haunted enterprise security for years. Except this time, ...

go.aembit.io/s/mcp-servers-and-the-re...

A handicap blue and white painted sign on the asphalt of a parking space. The symbols are meant to be a pregnant women and a baby stroller, but it doesn't look like that. It looks like pac man being killed with scissors next to a dancer

Twerkers at the barbeque get priority parking 🫡

There is no punk rock Al. To be into Al is to wed yourself to the worst billionaires in the world. And I think this makes the Al people crazy. You just can't be into it and not be a shill for a corporation. You can't be into Al and be cool. And it makes them all bitter weirdos.

This is a failure of imagination

There are open models small enough to run on a home computer

Simple ones will run on Raspberry Pi

You can build cool shit that you own if you want to

A great writeup Adrian, thanks! Must-read for defenders.

Vulnerability management is in some trouble and I have thoughts on how to deal with it.

TL;DR - exploitation is happening too fast for traditional vuln mgmt to be effective.

open.substack.com/pub/defendersi…

Rachel Reeves should scrap the North Sea windfall tax now The UK should optimise North Sea oil and gas production while it transfers to renewables and nuclear developments

Rachel Reeves should scrap the North Sea windfall tax now

Got a Public Amazon Wishlist? Upcoming Change Could Reveal Your Address Effective March 25, you can no longer block third-party sellers from your Amazon Wishlists, which could allow buyers to see your address via delivery updates and tracking information.

Starting March 25, your Amazon wishlist could possibly expose your address due to new Amazon changes

www.pcmag.com/news/got-a-p...

Discworld QOTD, from Eric