Rocky Linux is introducing a new optional Security Repository to help reduce time-to-patch during exceptional security events like CopyFail and Dirty Frag.

Read More: https://forums.rockylinux.org/t/rocky-linux-security-repository-and-dirty-frag-security-update/20435

We are very happy that today Apple issued a patch and a security advisory. This comes following 404 Media reporting that the FBI accessed Signal message notification content via iOS despite the app being deleted.

Apple’s advisory confirmed that the bugs that allowed this to happen have been fixed in the latest iOS release. You can read more here: https://support.apple.com/en-us/127002

From the same author as BlueHammer we now have RedSun.

This works ~100% reliably to go from unprivileged user to SYSTEM against Windows 11 and Windows Server 2019+ with April 2026 updates, as well as Windows 10, as long as you have Windows Defender enabled. Any system that has cldapi.dll should be affected.

As a person who has followed Iranian cyberespionage operations for more than a decade, this story is crazypants and you should read it:

https://www.theatlantic.com/magazine/2026/01/mohammad-tajik-iran-cyber-intelligence/684954/?gift=kPTlqn0J1iP9IBZcsdI5IUTLJcsVKq12m0EyVlSYJBQ&utm_source=copy-link&utm_medium=social&utm_campaign=share

my workplace is hiring! if this sounds like it could fit you (or someone you know), please shoot your shot or pass it on!

key points:
- network engineer
- beginning to mid level
- US citizen or legal res
- shouldn’t hate women or diversity (this one’s mainly for twitter)
- you’d have to work with me. a lot

link: https://blueorigin.wd5.myworkdayjobs.com/BlueOrigin/job/Seattle-WA/Avionics-Network-Integration-Engineer-III---New-Glenn_R53158

Best quote I've seen all day so far, from an Ars piece by @dangoodin on skepticism around OpenAI's breathless claim that a Chinese hacking group used Claude code to automate 90 percent of their attack:

“I continue to refuse to believe that attackers are somehow able to get these models to jump through hoops that nobody else can,” Dan Tentler, executive founder of Phobos Group and a researcher with expertise in complex security breaches, told Ars. “Why do the models give these attackers what they want 90% of the time but the rest of us have to deal with ass-kissing, stonewalling, and acid trips?”

https://arstechnica.com/security/2025/11/researchers-question-anthropic-claim-that-ai-assisted-attack-was-90-autonomous/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

NEW: Peter Williams, the former head of Western zero-day and spyware maker Trenchant, pleaded guilty to selling eight exploits to a Russian broker that resells to the Russian government.

The DOJ said Williams was promised millions of dollars in exchange for "national-security focused software."

https://techcrunch.com/2025/10/29/former-l3harris-trenchant-boss-pleads-guilty-to-selling-zero-day-exploits-to-russian-broker/

There’s a bunch of new Netscaler vulns being exploited as zero days. Patches just out now.

Preauth RCE being used to drop webshells to backdoor orgs. CVE-2025-7775 is the main problem.

Orgs will need to do IR afterwards as technical details emerge of backdoor.

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424