New GlassWorm malware wave targets Macs with trojanized crypto wallets

The GlassWorm malware has launched a new wave targeting macOS developers by distributing trojanized crypto wallets through malicious VSCode extensions on the OpenVSX registry. This campaign, which now also targets Keychain passwords, attempts to replace legitimate hardware wallet applications with malicious versions, though this specific functionality is currently failing.


Hackers claim to hack Resecurity, firm says it was a honeypot

Hackers claiming to be the “Scattered Lapsus$ Hunters” allege they breached Resecurity and stole sensitive data, but Resecurity states the accessed systems were a honeypot containing fake information designed to monitor the attackers. The cybersecurity firm claims it collected extensive intelligence on the threat actor’s tactics and infrastructure, which has been shared with law enforcement.


US Action in Venezuela Provokes Cyberattack Speculation

The United States launched an armed attack on Venezuela, involving explosions in Caracas and the removal of its president, with Cyber Command involvement. While a grid outage occurred, it remains unclear if a cyberattack was the cause, though the US has previously used cyber warfare and may have crippled Venezuela’s oil infrastructure with a cyberattack weeks prior.


GitHub - fabriziosalmi/nis2-public: Automated NIS2 Directive compliance scanning and reporting tool

The nis2-public GitHub repository provides an automated NIS2 Directive compliance scanning and reporting tool. It features comprehensive security checks, multiple report formats (HTML, JSON, Markdown), and easy Docker deployment, with options for Prometheus and Grafana integration.


Thousands of ColdFusion exploit attempts spotted during Christmas holiday

During the Christmas 2025 holiday, thousands of exploit attempts were detected targeting Adobe ColdFusion vulnerabilities. A single threat actor, operating from Japan-based infrastructure, was responsible for approximately 98% of the observed attack traffic, exploiting over 10 ColdFusion CVEs from 2023-2024.


Remote work option ending for thousands of workers in 2026

Starting in 2026, thousands of workers will see their remote work options end, requiring them to return to the office full-time. This shift impacts provincial employees who will be expected to work five days a week in person.


The State of Blocking: A Guide to Ad Blockers on iOS & iPadOS

For years, “system-wide” ad blocking on iPhone typically meant a trade-off: the most aggressive options relied on a local, device-level tunnel (often presented as a VPN). It worked, but it could add operational friction — especially for anyone who also needs a corporate VPN.

In 2026, the platform story is materially better, but it is not magical.

Two Apple capabilities matter most:

  • Encrypted DNS (DoH/DoT) configured at the OS level: mature, stable, and broadly useful for cutting tracking across the device — with important precedence rules when a full VPN is active.
  • iOS 26 URL filtering (NEURLFilter): a meaningful architectural shift, but best viewed as an emerging foundation that is not yet universally available to consumer-grade ad blockers.

If you want the simplest answer: use a Safari content blocker for Safari, and use DNS filtering for cross-app tracking reduction. Treat “VPN-style” blockers as a power option when you explicitly need their added capabilities.

Read More →


The "10 Per Cent" Myth: Why AI Capability Does Not Equal a Pink Slip

The headlines are everywhere, and they are designed to stop your scroll: “AI to Replace 1/10 of the Workforce.”

It is a terrifying number. It represents millions of livelihoods reduced to a statistic. But as a chief information security officer, I do not deal in headlines. I deal in risk, audits and rigorous data analysis.

When you strip away the hype and audit the primary sources released in late 2025—specifically from Project Iceberg (MIT), Yale and McKinsey—a completely different reality emerges.

We are confusing technical exposure with actual displacement.

Here is the fact-based reality of the AI labour market as we enter 2026.

Read More →


The Hydra of Knowledge: Anna’s Archive in 2025

Ethics Statement & Disclaimer

This article is for educational, research and cybersecurity awareness purposes only. It analyzes the operational security, infrastructure and legal implications of shadow libraries. It does not endorse copyright infringement, piracy or the circumvention of digital rights management (DRM). Readers are advised to comply with all applicable intellectual property laws and organizational acceptable-use policies.

Intro

In the post-platform era of digital knowledge, Anna’s Archive has emerged as the most resilient and comprehensive shadow library initiative yet observed. Since its launch in November 2022—immediately following coordinated U.S. and European domain seizures targeting Z-Library—Anna’s Archive has surpassed predecessors such as Sci-Hub and Library Genesis in scale, architectural decentralization and operational durability.

For cybersecurity leaders, policymakers and digital preservation researchers, the archive provides a living case study in the collision between intellectual property law, infrastructure resilience and the long-term preservation of human knowledge.

Read More →


True North Strong and Carried: A Celebration of Canadian Gear Makers

If you spend time in the “Everyday Carry” (EDC) or tactical communities, you are fighting a losing battle against the algorithm. The YouTube reviews and “Best Of” lists are relentlessly American, convincing us that “Mil-Spec” means made in the USA and that shipping should be free.

For Canadian collectors, this is a trap. We pay the exchange rate, we swallow the FedEx brokerage fees, and we often end up with gear designed for a sunny Californian office park rather than a damp November in the Ottawa Valley.

But the reality is that Canada is a sleeping giant of soft-goods manufacturing.

From the humid summers of Ontario to the sub-zero wind tunnels of the Prairies, our landscape forces designers to be better. We do not just stitch nylon here; we engineer survival.

Whether you are a CISO managing a field team, a backcountry explorer, or a collector of fine tools, here is your guide to the world-class gear being built in your own backyard—no brokerage fees required.

Read More →


[Google will finally allow you to change your @gmail.com address](https://www.bleepingcomputer.com/news/google/google-will-finally-allow-you-to-change-your-gmailcom-address/)

Google will soon allow users to change their @gmail.com address, a feature previously unavailable for standard Gmail accounts. This new functionality, which appears to be rolling out gradually and was initially spotted in a Hindi support document, will enable users to switch to a new @gmail.com address while retaining their original one as an alias.


Uber, Lyft set to trial robotaxis in the UK

Uber, Lyft set to trial robotaxis in the UK in partnership with China’s Baidu www.cnbc.com/2025/12/2…

Chinese tech giant Baidu has announced plans to bring robotaxis to London starting next year through its partnerships with Lyft and Uber, as the UK emerges as a growing autonomous vehicle battleground.

The announced collaborations will bring Baidu’s Apollo Go autonomous vehicles to the British capital through the Uber and Lyft platforms, the companies said on their respective social media accounts.

Lyft’s testing of Baidu’s initial fleet of dozens of vehicles will begin in 2026, pending regulatory approval, “with plans to scale to hundreds from there,” Lyft CEO David Risher said in a post on social media platform X on Monday.

Meanwhile, Uber said that its first pilot is expected to start in the first half of 2026. “We’re excited to accelerate Britain’s leadership in the future of mobility, bringing another safe and reliable travel option to Londoners next year,” the company added.


The ‘Delete’ Button Is a Lie: A Canadian’s Guide to AI Data Retention

When you hit “delete” on a conversation with ChatGPT or Gemini, you likely expect it to vanish. In reality, that data often enters a digital limbo—accessible to the provider for 30 days, three years, or even seven years for certain safety-classifier metadata, depending on the fine print you didn’t read.

For paid subscribers, the assumption of privacy is dangerous. While corporate “Team” and “Enterprise” plans typically offer stronger contractual controls (including training restrictions and admin-managed retention), “Pro” and “Plus” users are frequently treated as consumers with slightly better perks, not better privacy.

Read More →


South Korea to require facial recognition for new mobile numbers | The Record from Recorded Future News

South Korea will mandate facial recognition for new mobile numbers starting March 23 to combat scams and identity theft, requiring a real-time comparison between ID photos and users’ faces. This policy aims to prevent the activation of phones registered under false or stolen identities.


Cyber spies use fake New Year concert invites to target Russian military | The Record from Recorded Future News

A cyberespionage group known as Goffee is targeting Russian military personnel and defense organizations with phishing lures, including fake concert invitations and official letters, to deploy a backdoor called EchoGather. While the group is believed to be pro-Ukrainian and has been active since at least 2022, the success and specific objectives of this latest campaign remain unclear.


NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift

NIST tried to pull the pin on NTP servers after blackout caused atomic clock drift www.theregister.com/2025/12/2…

A staffer at the USA’s National Institute of Standards and Technology (NIST) tried to disable backup generators powering some of its Network Time Protocol infrastructure, after a power outage around Boulder, Colorado, led to errors.

As explained in a mailing list post by Jeffrey Sherman, a NIST supervisory physicist who maintains the institute’s atomic clocks, “The atomic ensemble time scale at our Boulder campus has failed due to a prolonged utility power outage.”

Sherman, whose LinkedIn bio proclaims he is “One of the few federal employee actually paid to watch the clocks all day,” says one impact of the incident “is that the Boulder Internet Time Services no longer have an accurate time reference.”

That’s bad because one of the things NIST uses its atomic clocks for is to provide a Network Time Protocol service, the authoritative source of timing information that the computing world relies on so that diverse systems can synchronize events. If NTP isn’t working, outcomes can include difficulties authenticating between systems, meaning applications can become unstable.

At this point, readers might wonder why NIST can’t just turn off the inaccurate service. Sherman said a backup generator kicked in and kept the servers running.

“I will attempt to disable them [the generators] to avoid disseminating incorrect time,” he wrote.

But the storms that caused the outage were so severe, only emergency services personnel are allowed to visit the site.

His post says he has seen “strong evidence one of the crucial generators has failed. In the downstream path is the primary signal distribution chain, including to the Boulder Internet Time Service.”

“Another campus building houses additional clocks backed up by a different power generator; if these survive it will allow us to re-align the primary time scale when site stability returns without making use of external clocks or reference signals,” he added.


China's open AI models are in a dead heat with the West

China’s open AI models are in a dead heat with the West - here’s what happens next www.zdnet.com/article/c…

With the rising technological prowess and greater openness of Chinese models, the world is increasingly turning to the East for efficient and customizable AI, a new report finds.

ZDNET’s key takeaways:

  • Chinese AI models have caught up to US models in power and performance.
  • China is leading in model openness.
  • Much of the world may adopt the freely available Chinese technology.

Coursera to buy Udemy, creating $2.5 billion firm to target AI training | Reuters

Coursera announced an all-stock deal to acquire Udemy, valuing the combined company at $2.5 billion. The merger aims to strengthen their position in corporate workforce training, particularly in AI, data science, and software development. The deal is expected to close in the second half of next year, pending regulatory and shareholder approvals.


FTC: Instacart to refund $60M over deceptive subscription tactics

The FTC has ordered Instacart to refund $60 million to customers due to deceptive subscription tactics, including misleading advertising about free delivery and automatic enrollment in paid memberships without clear disclosure. Instacart will also be required to stop these deceptive practices and clearly disclose subscription terms.


Managing agentic AI risk: Lessons from the OWASP Top 10 | CSO Online

The OWASP Top 10 for Agentic AI provides a framework to address the growing security risks associated with agentic AI adoption, offering practical guidance, threat taxonomies, and mitigation strategies for CISOs. While the list is immediately useful, some areas like detailed mitigation steps and attack likelihood require further development.