The Blue Fairy Penguin (Eudyptula minor), also known as the Little Blue Penguin or Kororā, is officially the world's smallest penguin species, standing only 25–35 cm (10–13 inches) tall.

It's native to the coastlines of New Zealand and Australia.

Liebe Kolleginnen und Kollegen:

Der Irankrieg hat nicht „die Energiepreise“ erhöht, sondern die für Öl und Gas.

Es werden nicht „die Autofahrer entlastet“, es werden Kosten für den Teil der Bevölkerung reduziert, der einen Verbrenner fährt. Auf Kosten aller anderen.

Russia's military intelligence 🇷🇺 the GRU, was caught using between 18,000 and 40,000 home and small office routers to harvest credentials. Most of these were MikroTik and TP-Link devices, spread across 120 countries. The attackers didn't use any advanced tools or unknown exploits. Instead, they exploited known, unpatched vulnerabilities on outdated hardware that people had not replaced.

This is a nation-state espionage campaign that may be operating through the router right next to your cable box.

🪤 Even with multi-factor authentication, users weren't protected. APT28 set up adversary-in-the-middle servers that waited for people to finish logging in, then intercepted the OAuth token. People followed all the recommended steps, but the attackers still managed to get in.

📡 The only warning was a browser certificate alert. Millions of people see these self-signed certificate pop-ups every day and click through them without thinking. That simple action gave Russian intelligence access to authenticated sessions.

🔁 When Britain's NCSC published an alert about part of this campaign in August, APT28 did not slow down. Instead, they increased their activity. In just four weeks, 290,000 unique IP addresses connected to their malicious DNS resolver.

This group has been hijacking routers since at least 2018. They were caught using VPNFilter to infect 500,000 devices. The DOJ caught them again in 2024. Now, in 2026, we are still dealing with the same problem.

The solution is simple, but not exciting: replace outdated routers, check your DNS settings for unfamiliar servers, and avoid clicking through certificate warnings. It is not glamorous or powered by AI; it is just basic steps that are often ignored.

APT28 is not succeeding because they are smarter. They are succeeding because we keep leaving easy ways for them to get in.

https://arstechnica.com/security/2026/04/russias-military-hacks-thousands-of-consumer-routers-to-steal-credentials/
#Cybersecurity #InfoSec #Leadership #security #privacy #cloud

Any government that isn't right now accelerating plans to transition to 100% clean, renewable energy is either:

a. Incompetent
b. In the pockets of people who'd rather they didn't
c. a & b