We found that Wi-Fi client isolation can often be bypassed. This allows an attacker who can connect to a network, either as a malicious insider or by connecting to a co-located open network, to attack others.

NDSS'26 paper: https://www.ndss-symposium.org/wp-content/uploads/2026-f1282-paper.pdf
GitHub: https://github.com/vanhoefm/airsnitch

High-level article on the work by Dan Goodin: https://arstechnica.com/security/2026/02/new-airsnitch-attack-breaks-wi-fi-encryption-in-homes-offices-and-enterprises/ I'd say we bypass Wi-Fi encryption though, in the sense that we can bypass client isolation. We don't break Wi-Fi authentication or encryption. Crypto is often bypassed instead of broken. And we bypass it ;) If you don't rely on client/network isolation, you are safe: we can't just break any Wi-Fi network.

It’s no secret that adversaries love (ab)using security tooling . So..

Rad just shipped our latest Canarytoken to exploit this: a CrowdStrike API Key Canarytoken!

Attackers who find it, have to use it - and when they do, they expose themselves.

https://blog.thinkst.com/2026/02/introducing-the-crowdstrike-api-key-canarytoken.html

i built an entire x86 CPU emulator in CSS (no javascript)

you can write programs in C, compile them to x86 machine code with GCC, and run them inside CSS

https://lyra.horse/x86css/

Matplotlib maintainer Scott Shambaugh has blogged about the AI agent blog shaming experience now.

https://theshamblog.com/an-ai-agent-published-a-hit-piece-on-me/

RE: https://swecyb.com/@anderseknert/116057458568451906

Wow 🤖🔥

https://github.com/matplotlib/matplotlib/pull/31132