First rule of 2026 commencement speech?

The U.S. may be about to require green card applicants who live here to apply from abroad, where they can be rejected with little chance for appeal. Including spouses of U.S. citizens and highly skilled employees of companies that I expect will raise a major stink about this.

Counterpoint: No I will not

Tulsi Gabbard has resigned from the role of US Director of National Intelligence. Gabbard cited her husband's cancer diagnosis as reason. Her resignation is effective June 30 www.bbc.com/news/article...

There seems to be a bot attack on BlueSky right now I'm getting followed by hundreds of accounts with profile images of dogs and cats

Microsoft Defender research details a multi-stage intrusion that began with a compromised internet-facing firewall appliance and pivoted to an internal Linux host, where a vulnerable software-as-a-service (SaaS) app was exploited to run authentication attacks. msft.it/63323vn8ft

It’s going great.

Looking forward to the scam email campaigns claiming people owe Iran money.

For who's not familiar with this, the EPPO (EU prosecutor) caught Greek politicians embezzling EU agricultural funds and their reply was to limit the EPPO's reach rather than punish the politicians This is now a very common trend among all EU states on the Eastern side of the continent

AI can’t even COUNT things correctly. Come on now.

For perverts who also want to help Meta accumulate training data for bombing people.

The FBI issued a Public Service Announcement to warn the public about an emerging Phishing-as-a-Service (PhaaS) platform called Kali365. Read more below: www.ic3.gov/PSA/2026/PSA... #cybersecurity @andyjabbour.bsky.social

-Microsoft ends SMS MFA for personal accounts -GitHub hacked via VS Code extension -CISA to let researchers submit new KEV entries -SMS blaster detained at Eurovision -Grafana hack linked to TanStack incident Newsletter: news.risky.biz/risky-bullet... Podcast: risky.biz/RBNEWS567/

-Armenia faces waves of disinformation -Dems want answers on CISA leak -White House postpones AI security EO -Ukraine detains infostealer operator -Execs plead guilty for tech support scams -Kimwolf admin arrested in Canada -First VPN takedown -Coruna found on npm -Ghost CMS sites are getting hacked

My 1999 self would weep at how totally broken the internet has become. AI slop, social media walled gardens that rot the brain, surveillance pricing and advertising, every single goddamn website has an endless cloudflare captcha loop before you get to read anything. Burn it all down.

Greece 🇬🇷 has witnessed a flurry of corruption and espionage against journalists, but the journalists are relentless and principled and the truth will eventually come out through the courts and through public interest investigations. www.dnews.gr/eidhseis/new...

-Microsoft ends SMS MFA for personal accounts -GitHub hacked via VS Code extension -CISA to let researchers submit new KEV entries -SMS blaster detained at Eurovision -Grafana hack linked to TanStack incident Newsletter: news.risky.biz/risky-bullet... Podcast: risky.biz/RBNEWS567/

Jacob Butler, aka “Dort,” 23, of Ottawa, Canada, was arrested for running the Kimwolf DDoS botnet www.justice.gov/usao-ak/pr/c...

An automated campaign has tried to backdoor more than 5,500 GitHub repositories via malicious commits that deploy a GitHub Action The Action ran a bash script that stole CI secrets, cloud credentials, SSH keys, and other tokens safedep.io/megalodon-ma...

CISA will let third-parties submit reports about actively exploited vulnerabilities so it can add them to the KEV database www.cisa.gov/news-events/...

‼️🚨 BREAKING: Kash Patel's apparel website is reportedly hosting ClickFix malware, according to multiple visitors. A fake Cloudflare verification page is tricking users into pasting "verification" commands that execute an infostealer targeting Keychain, browser data, tokens, and crypto wallets.

After countless rumors that the White House was publishing an executive order on Friday on AI security, officials have postponed it hours before it was set to be signed cyberscoop.com/trump-postpo...

The Dutch consumer protection agency has asked national and EU regulators to take action against Google, Meta, and TikTok for not removing malicious ads from their platforms, and not replying to reports www.consumentenbond.nl/nieuws/2026/... CERT-PL accused Meta of this a year ago too

A hacking campaign is planting FakeCaptcha pages and malware on websites built with the Ghost CMS. The attacks began this month and are exploiting a vulnerability disclosed in February blog.xlab.qianxin.com/ghost-cms-ma...

Group IB looks at the top 5 largest data trading platforms in the Chinese underground—Exchange Market (交易市场, Deepmix), Chang’An Sleepless Night (长安不夜城), Aiqianjin (爱钱进), Yiqun Data (义群数据), and the Phoenix Overseas Resources (凤凰海外资源) www.group-ib.com/blog/lead-da...

The government of the US territory of the Northern Mariana Islands was hit by a cyberattack that impacted email services dysruptionhub.com/cnmi-email-c...

Authorities in France and the Netherlands have seized the servers of a VPN service used by cybercrime gangs: www.europol.europa.eu/media-press/... FBI has also released a list of IPs used by the service: www.ic3.gov/CSA/2026/260...

Grafana links hack to TanStack supply chain attack (same as GitHub)

Rakesh Krishnan has published an analysis of some of the leaked GitHub repo code theravenfile.com/2026/05/20/g...

Russia has hacked BlueSky accounts to post pro-Kremlin and anti-Ukraine propaganda. The hacks have been going on since April. BlueSky has been suspending accounts until owners could step in and resecure them It's a Matryoshka op www.nytimes.com/2026/05/21/b...

After we had the NGINX Rift vulnerability disclosed last week, there's now another RCE in the NGINX server, this one named NGINX-PoolSlip. Details will be published 30 days after a patch is released, to prevent exploitation, which is now happening against NGINX Rift x.com/nebusecurity...

Around a third of Russian companies are using Western software acquired before 2022, before Russia's invasion of Ukraine. Most of the software doesn't receive technical support and security updates www.kommersant.ru/doc/8673186

"Bluesky Says Kremlin Is Hacking Its Platform to Spread Propaganda The company said it was fighting Russian efforts to hijack real users’ accounts to post fake content, an apparently novel tactic." 🎁 article

The Nx Dev Tools CEO confirms that his company's Nx Console VS Code extension served as the initial entry point for the GitHub repo hack: x.com/jeffbcross/s... Nx incident: github.com/nrwl/nx-cons... Step Security report: www.stepsecurity.io/blog/nx-cons...

Microsoft has open-sourced RAMPART, an agent test framework for encoding adversarial and benign scenarios as repeatable tests that can run in a CI/CD www.microsoft.com/en-us/securi...

I see his point. Zero times two is still zero.

Breaking News: James Murdoch is buying New York magazine, Vox Media’s podcast network and the Vox website for more than $300 million, a dramatic expansion in U.S. media for the younger son of the media mogul Rupert Murdoch.

Fresh new American dystopia headline just dropped www.thegamer.com/grammacracke...

Chinese SMS Blaster Scammer Attacks Eurovision in Vienna commsrisk.com/chinese-sms-...

Oh.... they already did it to Google Docs... where copy-pasting text is now a chore thanks to their stupid AI trying to hijack everything

A malicious npm package is delivering the Coruna iOS exploit kit Yes, that Coruna exploit kit! From Operation Triangulation safedep.io/art-template...

The Drupal security update is out It's an SQLi that apparently impacts 5% of all Drupal sites out there Most Drupal sites are also impacted by other security issues from Symfony and Twig, which Drupal also uses www.drupal.org/sa-core-2026...

The Drupal patches for that security bug will soon be out: x.com/drupalsecuri... They are apparently related to Symfony issues: github.com/symfony/symf...

-Microsoft takes down MSaaS used by ransomware gangs -CISA contractor leaks GovCloud keys -Vulnerability exploitation is now the dominant entry vector -Drupal readies security updates for "highly critical" bug Podcast: risky.biz/RBNEWS566/ Newsletter: news.risky.biz/risky-bullet...

-Huawei zero-day behind Post Luxembourg hack -ChimeraZ targets France -RXNT breach impacts Congress -7-Eleven confirms breach -Musk loses OpenAI lawsuit -Twitter limits visibility for non-paying users -Discord rolls out E2EE -Red Hat releases Hardened Images -Firefox 151 is out -Telcos form new ISAC

LOL GITHUB BREACH

Demo of a Chinese 🇨🇳 video surveillance system that purports to track all foreign visitors, including journalists, integrating video feeds with other data (e.g., pictures from ski passes) to conduct mass surveillance and social network analysis 👇 The new normal... open.substack.com/pub/netaskar...

-Microsoft takes down MSaaS used by ransomware gangs -CISA contractor leaks GovCloud keys -Vulnerability exploitation is now the dominant entry vector -Drupal readies security updates for "highly critical" bug Podcast: risky.biz/RBNEWS566/ Newsletter: news.risky.biz/risky-bullet...

SGLang fails to patch another set of security flaws after it also failed to patch bugs at the end of April kb.cert.org/vuls/id/777338

People should start treating Google Search as IE ...as a useless product and stop using it