Tootfinder

Metacurity is the independent, non-hype, non-personality-dependent cybersecurity newsletter that delivers a daily dose of critical developments you need to know.
Check out today's issue, which covers
--CISA warns US infrastructure owners following Russian attack on Poland's power grid,
--Russia throttles Telegram accusing it of failing to protect personal data or combat crime,
--N. Korean hackers targeted crypto company with unique malware and multiple scams,…

CISA warns US infrastructure owners following Russian attack on Poland's power grid
Russia throttles Telegram accusing it of failing to protect personal data or combat crime, N. Korean hackers targeted crypto company with unique malware and multiple scams, Israel claims it foiled hundreds of Iranian cyberattacks, Microsoft issued fixes for six zero day flaws, much more

My plans to hike the Tongariro Alpine Crossing were derailed by two days of rain and high winds, so we made a plan B: the Tama lakes track, which has somewhat less exposure but still gets up over 1400m. We’re lucky we didn’t try Tongariro given how tough the conditions were at Tama lakes – driving snow and winds on the ridge. But we were rewarded with good views and improving weather on the return trip. #hiking

In a proposed settlement, the US FTC says crypto bridge Nomad must repay victims of a 2022 cyberattack that led to $186M worth of funds being stolen (Connor Jones/The Register)
https://www.theregister.com/2025/12/17/nomad_ftc_settlement/

Blockchain company Nomad to repay users under FTC deal after $186M cyberattack
: Regulator makes various additional demands over alleged cybersecurity failings

The US, following a directive from President Trump, is withdrawing from several key international cybersecurity and hybrid threat organisations, citing concerns over mismanagement and conflicts with national sovereignty. Experts are worried about the impact on global cybersecurity.
https://www.

US withdraws from international cyber bodies under Trump directive
The US, following a directive from President Trump, is withdrawing from several key international cybersecurity and hybrid threat organisations, citing concerns over mismanagement and conflicts ...

Sources: Bay Area radio station KCBS-AM, which faced MAGA backlash over ICE coverage, scaled back political reporting after Brendan Carr's threats of a probe (Byron Tau/Associated Press)
https://apnews.com/article/trump-media-fcc-kcbs-5dbed5c466771d53e2c7…

How a local radio station weathered Trump's media attacks
Six days into President Donald Trump's new administration, the San Francisco Bay-area radio station KCBS-AM and other outlets reported on local immigration raids. The brief story quickly drew the ire of conservative influencers who attacked KCBS’ report as endangering agents’ lives. Federal Communications Commission Chairman Brendan Carr accused KCBS of failing to operate in the public interest and said he was opening an investigation. Current and former staffers say KCBS began taking steps…

BRICKSTORM Backdoor
"The Cybersecurity and Infrastructure Security Agency (CISA) analyzed eight BRICKSTORM samples obtained from victim organizations. BRICKSTORM is a custom Executable and Linkable Format (ELF) Go-based backdoor. "
MISP standard and STIX files available at the following location:
🔗 https://cti-tra…

Notepad.exe RCE Vulnerability 8.8
Are you shitting me?
#cve202620841

Looks like Plankey lost his nomination to head CISA and we head into 2026 with no real leader at the cyber agency.
Sean Plankey nomination to lead CISA appears to be over after Thursday vote
https://cyberscoop.com/sean-plankey-cisa-nomination-stalled-senate-ho…

Sean Plankey nomination to lead CISA appears to be over after Thursday vote
Sean Plankey’s nomination to lead the Cybersecurity and Infrastructure Security Agency looks to be over following his exclusion from a Senate vote Thursday on a panel of Trump administration picks.

That UPenn breach affected only ten people.
A class action lawsuit against Penn over an October 2025 data breach at the Graduate School of Education will not proceed after a new court filing revealed on Monday that fewer than 10 people were affected by the incident.
https://www.

Penn GSE email hack impacted fewer than 10 individuals, according to new filing
In recent weeks, seven of the 18 Penn graduates in the originally consolidated case have withdrawn their claims.

Memo: WaPo won't send sports staffers to cover the Winter Olympics in Italy, as it assesses financial priorities for 2026, following reports of expected layoffs (Benjamin Lindsay/The Wrap)
https://www.thewrap.com/media-platforms/jo<…

Washington Post Cancels On-Site Winter Olympics Coverage Ahead of Expected Layoffs
Managing Editor Kimi Yoshino says the decision to not send reporters to the Games comes after assessing financial priorities.