Mastodawn

@dangoodin @cthos It’s a totally valid question. I remember back when the NSA made a big stink about depreciating SHA-1. Not that many years later, public research came out showing the weaknesses in SHA-1. Lots of people back then wondered what the NSA’s internal research came up with that prompted the rapid depreciation.

Dan Goodin 23h ago

Google is dramatically shortening its deadline readiness for the arrival of Q Day, the point at which existing quantum computers can break public-key cryptography algorithms that secure decades’ worth of secrets belonging to militaries, banks, governments, and nearly every individual on earth.

https://arstechnica.com/security/2026/03/google-bumps-up-q-day-estimate-to-2029-far-sooner-than-previously-thought/

Google bumps up Q Day deadline to 2029, far sooner than previously thought

Company warns entire industry to move off RSA and EC more quickly.

Ars Technica

Dan Goodin 1d ago

I was lucky enough to cover Cindy Cohn's trailblazing work BEFORE she joined @eff . Here's one of several stories I wrote about her when she was still an associate attorney in private practice.

Show thread

Dan Goodin 1d ago

For context, please see:

https://arstechnica.com/security/2026/03/self-propagating-malware-poisons-open-source-software-and-wipes-iran-based-machines/

Self-propagating malware poisons open source software and wipes Iran-based machines

Development houses: It's time to check your networks for infections.

Ars Technica

Dan Goodin 1d ago

Wow, TeamPCP is hacking open-source developers faster than we can report on them. The latest (that I'm aware of, anyway) is LiteLLM. They worked with Trivy but didn't bother to change their credentials after Trivy was hacked, despite an ample amount of advice to do so.

Folks, if any of you used LiteLLM, now is the time to change your credentials, in an atomic way. Now, as in immediately.

https://news.ycombinator.com/item?id=47501729

LiteLLM Python package compromised by supply-chain attack | Hacker News

Dan Goodin 6d ago

Zack Whittaker 6d ago

New, by me: A cyberattack on a vehicle breathalyzer company called Intoxalock has left drivers across the United States stranded and unable to start their cars.

https://techcrunch.com/2026/03/20/cyberattack-on-vehicle-breathalyzer-company-leaves-drivers-stranded-across-the-us/

Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US | TechCrunch

A cyberattack on a U.S. car breathalyzer company has left drivers across the United States reportedly stranded and unable to start their vehicles.

TechCrunch

Dan Goodin Mar 18

Does anybody with a STRONG BACKGROUND IN WEBSITE PRIVACY have time to vet this research? Are TikTok and Meta pixels REALLY doing the things claimed? I'm concerned it may be overstating things in an attempt to sell its tag monitoring tools.

https://jscrambler.com/blog/beyond-analytics-tiktok-meta-ad-pixels

The Collection of Commercial Intelligence: TikTok & Meta Ad Pixels

Jscrambler analyzed the TikTok and Meta ad pixels used on websites and found that their default behavior requires immediate attention.

Jscrambler

Dan Goodin Mar 9

Dear readers. If you're not willing to support the families of those you want to read then we regretfully will be preventing you from obtaining our work for free.

https://infosec.exchange/@StefanThinks@beige.party/116199534759633586

https://infosec.exchange/@StefanThinks@beige.party

Dan Goodin Mar 5

Christine Lemmer-Webber Mar 5

I am convinced we are on the verge of the first "AI agent worm". This looks like the closest hint of it, though it isn't it quite itself: an attack on a PR agent that got it to set up to install openclaw with full access on 4k machines https://grith.ai/blog/clinejection-when-your-ai-tool-installs-another

But, the agents installed weren't given instructions to *do* anything yet.

Soon they will be. And when they are, the havoc will be massive. Unlike traditional worms, where you're looking for the typically byte-for-byte identical worm embedded in the system, an agent worm can do different, nondeterministic things on every install, and carry out a global action.

I suspect we're months away from seeing the first agent worm, *if* that. There may already be some happening right now in FOSS projects, undetected.

A GitHub Issue Title Compromised 4,000 Developer Machines

A prompt injection in a GitHub issue triggered a chain reaction that ended with 4,000 developers getting OpenClaw installed without consent. The attack composes well-understood vulnerabilities into something new: one AI tool bootstrapping another.

Dan Goodin Mar 5

If I hear one more person say that Beyonce isn't a real country singer/song writer and should stay in her own RnB/hip-hop lane I'm going to lose it.