AI now enables operators in Israel, Iran, and Russia to query video footage in natural language, collapsing the gap between mass collection and actionable surveillance.
Schneier on Security
· 20h ago
· Read full article →
Risky Business episode 844 covers China's AI-assisted vulnerability development narrowing the US lead, cheap token distillation enabling Chinese AI chat harvesting at scale, and an Iranian APT leader's operational security failure abroad.
Risky Business
· 2h ago
· Read full article →
A China-linked threat group breached at least 10 Southeast Asian organizations, including two state-owned entities, deploying a novel backdoor for persistent access. Targeting state enterprises signals intelligence collection against regional governments, not opportunistic cybercrime.
Dark Reading
· 7h ago
· Read full article →
A PLA amphibious assault on Taiwan would demand concurrent breakthroughs in sea control, air superiority, and large-scale cross-strait logistics never achieved in modern warfare.
War on the Rocks
· 1h ago
· Read full article →
๐จ๐ณ PLA ยท China
The Assad regime's fall, PKK's 2025 dissolution, and the 2026 U.S.-Israel-Iran war have simultaneously opened and closed doors for Kurdish political autonomy across Turkey, Syria, and Iraq.
War on the Rocks
· 14h ago
· Read full article →
China's newly enacted Ethnic Unity Law effectively criminalizes Taiwanese identity by classifying Taiwanese as a Chinese ethnic subgroup subject to mainland legal norms. Beijing is prosecuting its campaign against Taiwan through legal instruments, establishing precedent before any kinetic action.
The Diplomat
· 19h ago
· Read full article →
QiAnXin's XLab has tracked RustDuck since February 2026, finding a two-stage Rust-based botnet enslaving home routers, IP cameras, Android boxes, and servers for DDoS operations. Its velocity of evolution, not current scale, is the threat โ Rust rewrites accelerate evasion and complicate signature-based detection.
The Hacker News
· 14h ago
· Read full article →
Beijing's 'Ethnic Unity' Cup reframes Uyghur identity through Han-centric sporting nationalism, part of a documented soft-power campaign running parallel to hard coercive measures in Xinjiang. The tournament functions as international optics management while domestic assimilation policy intensifies.
The Diplomat
· 19h ago
· Read full article →
CIA Director John Ratcliffe publicly characterized AI as equivalent to digital nuclear weapons, signaling a doctrinal shift in how the agency frames AI's strategic weight.
The Record
· 13h ago
· Read full article →
DHS is standing up the Alliance of National Councils for Homeland Operational Resilience to restore government-private sector cybersecurity information sharing, more than a year after the Trump administration dissolved the prior body.
CyberScoop
· 17h ago
· Read full article →
A private aircraft breached restricted airspace over Beijing, raising immediate questions about gaps in China's layered air-defense and surveillance apparatus. For a security state that projects omniscient domestic control, the incident is a public credibility problem as much as an operational one.
Foreign Policy
· 11h ago
· Read full article →
Iranian elites are divided over next steps following the 2026 U.S.-Israeli conflict, with factions disagreeing on ceasefire terms, nuclear posture, and engagement with the West. Washington's failure to account for Tehran's internal politics risks misreading signals and accelerating ceasefire collapse.
Foreign Policy
· 20h ago
· Read full article →
China is deploying $295 billion into AI data center infrastructure while explicitly excluding foreign companies, channeling procurement to domestic champions. The strategy accelerates Chinese AI self-sufficiency while widening the market access asymmetry that U.S. and European tech firms already face.
The Diplomat
· 18h ago
· Read full article →
Threat actors are scanning for and exploiting CVE-2026-33017, a CVSS 9.3 unauthenticated RCE in Langflow, to deploy Monero cryptominers on exposed AI application servers.
The Hacker News
· 16h ago
· Read full article →
CVE-2026-33825, a Microsoft Defender privilege escalation flaw dubbed BlueHammer, was exploited in the wild as a zero-day before Microsoft released patches. Ransomware adoption of Defender-specific privilege escalation is a deliberate irony: the endpoint protection layer itself becomes the attack vector.
SecurityWeek
· 18h ago
· Read full article →
Attackers breached Aflac's Japan subsidiary and exfiltrated personal and bank account information from an undisclosed number of customers. The subsidiary-as-entry-point pattern continues to expose how global insurers' weakest data-security links sit in regional operations.
BleepingComputer
· 21h ago
· Read full article →
Palo Alto Networks' Unit 42 confirmed attackers are registering fabricated domains that LLMs invent and recommend to users, then hosting phishing and malware on them โ a technique dubbed phantom squatting.
The Hacker News
· 1h ago
· Read full article →
Attackers weaponized CVE-2026-48558, a CVSS 10.0 authentication bypass in SimpleHelp's OIDC flow, to deploy two previously unknown malware families, TaskWeaver and Djinn Stealer. A perfect-score RCE in a widely deployed remote support tool signals broad exposure across managed service provider supply chains.
The Hacker News
· 21h ago
· Read full article →
CISA confirmed ransomware groups are actively exploiting BlueHammer, a Microsoft Defender privilege escalation zero-day previously used in targeted attacks before patches were available. Ransomware adoption of a former zero-day accelerates victim exposure across unpatched enterprise Windows environments.
BleepingComputer
· 23h ago
· Read full article →
Decades-old Bash shell techniques bypass safeguards in most open-source AI coding agents, allowing malicious repositories to execute arbitrary code during automated workflows.
SecurityWeek
· 19h ago
· Read full article →
Get this in your inbox
Free daily briefing. No spam. Unsubscribe anytime.
Subscribe Now