Tootfinder

Hackers are using security reports to translate technical problems into “partial malicious code” as part of the “vibe coding” trend.
https://www.

Do Security Blogs Enable Vibe-Coded Cybercrime? | Trend Micro (US)
Security companies routinely publish detailed analyses of security incidents, making attacker tactics, techniques, and procedures (TTPs) widely known and visible. These reports often provide comprehensive insights into specific vulnerabilities that are or could be exploited, malware delivery mechanisms, and evasion techniques.

from my link log —
Supply chain security for the 0.001% (and why it won’t catch on).
https://blog.viraptor.info/post/supply-chain-security-for-the-0001-and-why-it-wont-catch-on
saved 2025-09-28

NY-based Teleskope, which offers smaller LLMs fine-tuned for specific security problems, raised a $25M Series A led by M13, taking its total funding to $32.2M (Leo Schwartz/Fortune)
https://fortune.com/2025/11/03/former-airbnb-engin…

Former Airbnb engineer raises $25 million for AI security platform Teleskope
M13 led the Series A for the New York-based startup with participation from M13 and Lerer Hippeau.

Executive orders are not treaties, nor are they laws. And if a security guarantee from the United States was worth more than a nickle, Russia would not have invaded Ukraine.
https://www.axios.com/2025/10/01/trump-qatar-security-guarantee-israel-attack

The Speaker of the House and his son monitor each other's porn usage (no, I'm not kidding) which poses a very real cyber threat to national security.
Faith-based content filers mean very real diminished digital security for those who use them.
https://stuff.davidaugust.com/securing

Securing Faith, Sacrificing Safety
Digital Risks of Faith-Based Content Filters Centralized filtering systems often collect user data to function, raising real privacy and security issues as they are often not properly secured or anonymized. It is a one-stop shop to comprise the security and safety of an entire religious community, and each member of

A senior national security prosecutor in the eastern district of Virginia
said in a farewell note taped to his door to colleagues on Friday
that he was apparently fired this week because a January 6 conspiracy theorist denounced him on social media
for having worked for the deputy attorney general in the Biden administration.
The veteran federal prosecutor, Michael Ben’Ary,
was fired on Wednesday,
the same day that Julie Kelly,
a pro-Trump commentato…

Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet:
The three certificates were issued in May but only came to light Wednesday.
🌐 https://arstechnica.com/security/2025/09/mis-issued-certi…

Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
The three certificates were issued in May but only came to light Wednesday.

Bundesnetzagentur verschärft Sicherheitsanforderungen für TK-Anbieter
Der neue Security-Katalog für Betreiber von Telekommunikationssystemen führt "Gefährdungspotenziale" ein. Strenge Regeln gelten bei hoher Gemeinwohlbedeutung.

It's time to have a conversation about Brian Schottenheimer's job security https://www.si.com/nfl/cowboys/onsi/news/it-s-time-to-have-a-conversation-about-brian-schottenheimer-job-security

Demand for Trump's Social Security chief to resign after $30 billion implosion - Alternet.org
https://www.alternet.org/frank-bisignano-social-security/

Election security cutbacks force local officials to go it alone (Sam Sabin/Axios)
https://www.axios.com/2025/11/04/2025-elections-federal-security-support
http://www.memeorandum.com/251104/p88#a251104p88

Prompt Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous
#security #llm
https://arxiv.org/abs/2508.12175

Authentication Security of PRF GNSS Ranging
Jason Anderson
https://arxiv.org/abs/2510.02196 https://arxiv.org/pdf/2510.02196…

Authentication Security of PRF GNSS Ranging
This work derives the authentication security of pseudorandom function (PRF) GNSS ranging under multiple GNSS spoofing models, including the Security Code Estimation and Replay (SCER) spoofer. When GNSS ranging codes derive from a PRF utilizing a secret known only to the broadcaster, the spoofer cannot predict the ranging code before broadcast. Therefore, PRF ranging can be used to establish trust in the GNSS pseudoranges and the resulting receiver position, navigation, and timing (PNT) solutio…

Evaluating Security Properties in the Execution of Quantum Circuits
Paolo Bernardi, Antonio Brogi, Gian-Luigi Ferrari, Giuseppe Bisicchia
https://arxiv.org/abs/2509.03306 https:…

Evaluating Security Properties in the Execution of Quantum Circuits
Quantum computing is a disruptive technology that is expected to offer significant advantages in many critical fields (e.g. drug discovery and cryptography). The security of information processed by such machines is therefore paramount. Currently, modest Noisy Intermediate-Scale Quantum (NISQ) devices are available. The goal of this work is to identify a practical, heuristic methodology to evaluate security properties, such as secrecy and integrity, while using quantum processors owned by poten…

OpenSSL Security Advisory [30th September 2025]
#openssl #vulnerability

ICE raids electric-car battery plant that supplies Hyundai factory near Savannah
https://www.savannahnow.com/picture-gallery/news/2025/09/04/ice-and-homeland-security-officers-serve-warrant-…

Top Ukrainian Security Service official suspected of corruption: https://benborges.xyz/2025/09/02/top-ukrainian-security-service-official.html

A software security review on Uganda's Mobile Money Services: Dr. Jim Spire's tweets sentiment analysis
Nsengiyumva Wilberforce
https://arxiv.org/abs/2509.03545 https://…

A software security review on Uganda's Mobile Money Services: Dr. Jim Spire's tweets sentiment analysis
The proliferation of mobile money in Uganda has been a cornerstone of financial inclusion, yet its security mechanisms remain a critical concern. This study investigates a significant public response to perceived security failures: the #StopAirtelThefty Twitter campaign of August 2025 Sparked by an incident publicized by Dr. Jim Spire Ssentongo where a phone thief accessed a victim's account, withdrew funds, and procured a loan, the campaign revealed deep seated public anxiety over the safety o…

iPhone, Mac & mehr: Jede Menge Sicherheitsupdates – iOS 18 bleibt ungepatcht
Mit iOS 26.1, macOS 26.1 und den anderen neuen Systemen gibt es wieder viele Security-Patches. Eine Entscheidung Apples verwundert aber.

Causality and Decision-making: A Logical Framework for Systems and Security Modelling
Pinaki Chakraborty, Tristan Caulfield, David Pym
https://arxiv.org/abs/2508.01758 https://

Causality and Decision-making: A Logical Framework for Systems and Security Modelling
Causal reasoning is essential for understanding decision-making about the behaviour of complex `ecosystems' of systems that underpin modern society, with security -- including issues around correctness, safety, resilience, etc. -- typically providing critical examples. We present a theory of strategic reasoning about system modelling based on minimal structural assumptions and employing the methods of transition systems, supported by a modal logic of system states in the tradition of van Benthe…

Wow - exactly 6 years between my current Android security update and the latest vendor security update I got.

SoK: Measuring What Matters for Closed-Loop Security Agents
Mudita Khurana, Raunak Jain
https://arxiv.org/abs/2510.01654 https://arxiv.org/pdf/2510.01654…

SoK: Measuring What Matters for Closed-Loop Security Agents
Cybersecurity is a relentless arms race, with AI driven offensive systems evolving faster than traditional defenses can adapt. Research and tooling remain fragmented across isolated defensive functions, creating blind spots that adversaries exploit. Autonomous agents capable of integrating, exploit confirmation, remediation, and validation into a single closed loop offer promise, but the field lacks three essentials: a framework defining the agentic capabilities of security systems across secur…

True multilateralism:
Remove all veto powers in the UN security council.
Remove all permanent memberships to the UN security council. Let all members face election by the general assembly.
Anything other is not true multilateralism, but a mere attempt to replace one imperialism by another.

Enhancing Reliability in LLM-Integrated Robotic Systems: A Unified Approach to Security and Safety
Wenxiao Zhang, Xiangrui Kong, Conan Dewitt, Thomas Br\"aunl, Jin B. Hong
https://arxiv.org/abs/2509.02163

Enhancing Reliability in LLM-Integrated Robotic Systems: A Unified Approach to Security and Safety
Integrating large language models (LLMs) into robotic systems has revolutionised embodied artificial intelligence, enabling advanced decision-making and adaptability. However, ensuring reliability, encompassing both security against adversarial attacks and safety in complex environments, remains a critical challenge. To address this, we propose a unified framework that mitigates prompt injection attacks while enforcing operational safety through robust validation mechanisms. Our approach combin…

US Elections Face Security Test as DHS Cuts Local Cyber Support
https://www.bloomberg.com/news/articles/2025-11-03/us-elections-face-security-test-as-dhs-cuts-local-cyber-support

Dienstag: Blackwell-Chip nur für die USA, EU-Gelder gingen an Spyware-Hersteller
Exportkontrollen für Nvidia-Chips EU-Subventionen in der Kritik Sam Altman gereizt Informationskontrolle in Russland Security-Katalog für TK-Anbieter

Fired national security prosecutor warns colleagues in note on way out | Trump administration | The Guardian
https://www.theguardian.com/us-news/2025/oct/04/fired-national-security-prosecutor-note-warning

Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says https://therecord.media/corruption-case-against-ousted-cyber

US to cut some security funds for countries bordering Russia, sources say (Reuters)
https://www.reuters.com/world/us-cut-some-security-funds-countries-bordering-russia-sources-say-2025-09-04/
http://www.memeorandum.com/250904/p105#a250904p105

A hacking collective calling itself "Scattered LapSus Hunters," has threatened to leak Google databases unless the company sacks two senior employees. Whilst the group has yet to provide any evidence that it holds Google data, Google has recently disclosed a third-party security breach involving Salesforce.

Hackers threaten Google with data leak unless company fires two threat intelligence employees
A hacking collective calling itself "Scattered LapSus Hunters," has threatened to leak Google databases unless the company sacks two senior employees. Whilst the group has ...

Way to go.
"The Python Software Foundation (PSF) has walked away from a $1.5 million government grant and you can blame the Trump administration's war on woke for effectively weakening some open source security."
https://www.theregister.com/2025/10/27/pyt

Israeli cybersecurity company Cato Networks acquires Aim Security, sources say for ~$350M, its first acquisition, says it passed $300M in ARR, and raised $50M (Steven Scheer/Reuters)
https://www.reuters.com/world/middle-east/

student_cooperation: Student cooperation (2012)
Network of cooperation among students in the "Computer and Network Security" course at Ben-Gurion University, in 2012. Nodes are students, and edges denote cooperation between students while doing their homework. The graph contains three types of links: Time, Computer, Partners.
This network has 185 nodes and 360 edges.
Tags: Social, Offline, Multigraph, Unweighted

A Survey: Towards Privacy and Security in Mobile Large Language Models
Honghui Xu, Kaiyang Li, Wei Chen, Danyang Zheng, Zhiyuan Li, Zhipeng Cai
https://arxiv.org/abs/2509.02411 …

A Survey: Towards Privacy and Security in Mobile Large Language Models
Mobile Large Language Models (LLMs) are revolutionizing diverse fields such as healthcare, finance, and education with their ability to perform advanced natural language processing tasks on-the-go. However, the deployment of these models in mobile and edge environments introduces significant challenges related to privacy and security due to their resource-intensive nature and the sensitivity of the data they process. This survey provides a comprehensive overview of privacy and security issues a…

EU Protective Security Advisors
#EUPSA
https://home-affairs.ec.europa.eu/policies/int…

A missile strike in the Caribbean and National Guard deployments are pushing the armed forces beyond their traditional mission.
https://www.theatlantic.com/national-security/archive/2025/09/the-military-wasnt-built-to-fight-crime/6…

The Military Wasn’t Built to Fight Crime
A missile strike in the Caribbean and National Guard deployments are pushing the armed forces beyond their traditional mission.

Könnt hr euch sparen - Warum teure Antiviren-Abos überflüssig sind!
https://winfuture.de/faq/304

"Donald Trump's clampdown on the U.S. Consumer Financial Protection Bureau earlier this year has compounded IT security lapses at the agency through the cancellation of contracts"
US CFPB data security 'not effective' after Trump clampdown, watchdog report says

PSA: Use the "accounturi" feature of Let's Encrypt CAA!
If you're hosting a safety/security-critical service, there's a way too unknown feature called "accounturi", that allows you to restrict TLS certificate issuance to a single Let's Encrypt account (and account private key).
You simply create a CAA record on your domain and put your LE account ID into it.
This means that attackers cannot issue TLS certificates and pull man-in-the-middle…

Certificate Authority Authorization (CAA)
CAA is a type of DNS record that allows site owners to specify which Certificate Authorities (CAs) are allowed to issue certificates containing their domain names. It was first standardized in 2013, and the version we use today was standardized in 2019 by RFC 8659 and RFC 8657. By default, every public CA is allowed to issue certificates for any domain name in the public DNS, provided they validate control of that domain name. That means that if there’s a bug in any one of the many public CAs…

Ugh, listening to Kathryn Ryan on RNZ NineToNoon interviewing Sonny Taite(?) about an 'AI' scribe to take hospital staff clinical notes. Why - oh why - doesn't she ask the important question: where does the data go?! Which jurisdiction? Who's storing it? Who has access? Who cares for it and maintains its security & integrity? Her producers miss it every bloody time. Very disappointing.

In a world of AI-driven deception, speed is our enemy. 🚨
Panic, urgency, excitement are emotional triggers attackers exploit to bypass our logic.
How do we resist? By training our #digitalmindfulness
Join behavioural science expert Anna Collard in our upcoming #GEANTCybersecurity

The EU is pushing to scan ALL private messages, even encrypted ones, endangering privacy, security, and fundamental freedoms across 450 million people.
This is mass surveillance disguised as child protection, and it breaks encryption, risks false accusations, and threatens democracy worldwide.
Learn more & act NOW: https://fightchatcontrol…

I've benefited from a lot of these programs before getting into security. It turns out that trying to support a partner and a kid on $40k/yr, even in the early 2000's, is basically impossible. My parents were divorced, and my dad is a disabled vet.
Food security has always been important, long before organizing with comrades who also occasionally needed support. So if you have money, donate.
Eventually benefits will come back. Hopefully we can bridge the gap... But we won't be able to for everyone. When things come back, don't just feel relieved and move on. The system is collapsing. If it doesn't completely fall apart now, it will eventually. If you aren't affected now, you will be. Organize now around food security.
The disaster is now. The best time to prepare was years ago. The second best time is now.

Flights halted at Reagan National Airport due to security issue (Josephine Walker/Axios)
https://www.axios.com/2025/11/04/dc-reagan-airport-security-flights-halted
http://www.memeorandum.com/251104/p87#a251104p87

Oneleet, an integrated compliance service combining penetration testing, code scanning, and more, raised a $33M Series A led by Dawn Capital and hits $3M ARR (Dominic-Madori Davis/TechCrunch)
https://techcrunch.com/2025/10/02/oneleet-raises-…

Oneleet raises $33M to shake up the world of security compliance | TechCrunch
Founder Bryan Onel says too many companies are doing the bare minimum to meet their security compliance obligations, and raised $33 million to help his customers get both compliant and secure.

Ukraine's Security Service visits Kyiv Independent CEO’s home, says it’s in unrelated investigation: https://benborges.xyz/2025/10/01/ukraines-security-service-visits-kyiv.html

Wednesday’s discovery exposes a key weakness of the public key infrastructure that’s responsible for ensuring trust of the entire Internet.
Despite being the only thing ensuring that gmail.com, bankofamerica.com or any other website is controlled by the entity claiming ownership,
the entire system can collapse with a single point of failure.
The Certificate Authority ecosystem is a castle with many doors:
the failure of one CA can cause the security of the whole cast…

Mis-issued certificates for 1.1.1.1 DNS service pose a threat to the Internet
The three certificates were issued in May but only came to light Wednesday.

Security Analysis of MDI-QKD in Turbulent Free-Space Polarization Channels-A Composite Channel Framework
Heyang Peng, Seid Koudia, Symeon Chatzinotas
https://arxiv.org/abs/2509.02087

Security Analysis of MDI-QKD in Turbulent Free-Space Polarization Channels-A Composite Channel Framework
Atmospheric turbulence poses a significant challenge to free-space measurement-device-independent quantum key distribution (FSO MDI-QKD) by inducing polarization decoherence and depolarization, which degrade the secret key rate (SKR). In this paper, we propose a unified depolarizing-dephasing channel model for turbulence-induced polarization decoherence in FSO MDI-QKD. This model consolidates phase perturbations, Gaussian beam spreading, beam drift, aperture truncation, and scintillation into c…

TraceLLM: Security Diagnosis Through Traces and Smart Contracts in Ethereum
Shuzheng Wang, Yue Huang, Zhuoer Xu, Yuming Huang, Jing Tang
https://arxiv.org/abs/2509.03037 https:/…

TraceLLM: Security Diagnosis Through Traces and Smart Contracts in Ethereum
Ethereum smart contracts hold tens of billions of USD in DeFi and NFTs, yet comprehensive security analysis remains difficult due to unverified code, proxy-based architectures, and the reliance on manual inspection of complex execution traces. Existing approaches fall into two main categories: anomaly transaction detection, which flags suspicious transactions but offers limited insight into specific attack strategies hidden in execution traces inside transactions, and code vulnerability detecti…

Turns out the greatest threat to Americans is American federal security forces.
#USpol

SaaS giant Workiva discloses data breach after Salesforce attack
https://www.bleepingcomputer.com/news/security/saas-giant-workiva-discloses-data-breach-after-salesforce-attack/?mid=1#cid=3061643

SaaS giant Workiva discloses data breach after Salesforce attack
Workiva, a leading cloud-based SaaS (Software as a Service) provider, notified its customers that attackers who gained access to a third-party customer relationship management (CRM) system stole some of their data.

Microsoft launches a Security Store with SaaS tools and AI agents from Darktrace and others, and now lets Security Copilot users build their own AI agents (Tom Warren/The Verge)
https://www.theverge.com/news/788195/microsoft-security-store-launch-copilo…

Microsoft’s new Security Store is like an app store for cybersecurity
Cybersecurity workers can also start creating their own Security Copilot AI agents.

Signal Protocol and Post-Quantum Ratchets
[…] The @… Protocol is a set of cryptographic specifications that provides end-to-end encryption for private communications exchanged daily by billions of people around the world. […]
🗨️ ht…

Signal Protocol and Post-Quantum Ratchets
We are excited to announce a significant advancement in the security of the Signal Protocol: the introduction of the Sparse Post Quantum Ratchet (SPQR). This new ratchet enhances the Signal Protocol’s resilience against future quantum computing threats while maintaining our existing security guar...

Supporting a Sustainable and Inclusive Urban Agriculture Federation using Dashboarding
Klervie Tocz\'e, Iffat Fatima, Patricia Lago, Lia van Wesenbeeck
https://arxiv.org/abs/2509.00595

Supporting a Sustainable and Inclusive Urban Agriculture Federation using Dashboarding
Reliable access to food is a basic requirement in any sustainable society. However, achieving food security for all is still a challenge, especially for poor populations in urban environments. The project Feed4Food aims to use a federation of Living Labs of urban agriculture in different countries as a way to increase urban food security for vulnerable populations. Since different Living Labs have different characteristics and ways of working, the vision is that the knowledge obtained in indi…

A woman was shot by U.S. Border Patrol agents Saturday morning
on Chicago’s South Side,
marking the second shooting since the Trump administration launched an aggressive immigration enforcement operation in the area last month.
Tricia McLaughlin, a spokeswoman for the Department of Homeland Security, said the shooting erupted after patrolling agents were
“rammed by 10 cars” and “boxed in.”
Agents then fired “defensive shots” when they discovered the woman “was a…

Federal agents shoot woman they say 'boxed in' authorities in Brighton Park
Authorities were on patrol when they were "rammed by 10 cars," according to a statement from the Department of Homeland Security. One of the drivers "was armed with a semi-automatic weapon," prompting officers to open fire, DHS said.

Scoop: Social Security starts customer wait time audit (Stephen Neukam/Axios)
https://www.axios.com/2025/09/03/social-security-wait-time-audit-senate-democrats-elizabeth-warren-bisignano
http://www.memeorandum.com/250903/p28#a250903p28

State-aligned hacking groups have sharply escalated their cyber operations against the EU over the past year, says European Union Agency for Cybersecurity (ENISA) Threat Landscape Report
https://www.computing.co.uk/news/2025/security/state-aligned-th…

State-aligned cyber threats against EU intensify, ENISA warns
State-aligned hacking groups have sharply escalated their cyber operations against the EU over the past year, says European Union Agency for Cybersecurity (ENISA) Threat Landscape ...

Western nations making progress on post-ceasefire security for Ukraine - Finnish President - Euromaidan Press
https://euromaidanpress.com/2025/09/02/western-nations-making-progress-on-post-ceasefire-security-for-ukraine-finnish-president/

"The Department of Homeland Security is directing border-patrol agents to screen all foreign travelers with facial recognition tools as they enter and leave the U.S., seeking to identify immigrants who entered the country illegally or overstayed visas, the agency said"
http…

Hybrid AI-Driven Intrusion Detection: Framework Leveraging Novel Feature Selection for Enhanced Network Security
Maryam Mahdi Alhusseini, Mohammad Reza Feizi Derakhshi
https://arxiv.org/abs/2509.00896 …

Hybrid AI-Driven Intrusion Detection: Framework Leveraging Novel Feature Selection for Enhanced Network Security
In today's rapidly evolving digital landscape, safeguarding network infrastructures against cyberattacks has become a critical priority. This research presents an innovative AI-driven real-time intrusion detection framework designed to enhance network security, particularly in Wireless Sensor Networks (WSNs) and Cloud Computing (CC) environments. The system employs classical machine learning models, Logistic Regression, Decision Tree, and K-Nearest Neighbors, optimized through the novel Energy …

Scoop: U.S. seeks UN approval for Gaza security force with broad two-year mandate (Barak Ravid/Axios)
https://www.axios.com/2025/11/03/gaza-security-force-board-of-peace-un-resolution
http://www.memeorandum.com/251104/p1#a251104p1

Looks like a threat actor got massive and wide-scale access to UPenn systems.
The threat actor behind the attack contacted BleepingComputer, claiming the intrusion was far broader and that they had gained access to multiple university systems.
https://www.

Penn hacker claims to have stolen 1.2 million donor records in data breach
A hacker has taken responsibility for last week's University of Pennsylvania "We got hacked" email incident, saying it was a far more extensive breach that exposed data on 1.2 million donors and internal documents.

German security services launch campaign to warn about Russian recruitment of 'disposable agents': https://benborges.xyz/2025/08/30/german-security-services-launch-campaign.html

"The highly competitive Cybersecurity Startup Accelerator, now in its third year, is accepting applications from early-stage startups through November 15. Last year, hundreds applied and just 23 made the cut."
AWS, Nvidia, Crowdstrike seek security startups to enter the arena
https://www.

AWS, Nvidia, CrowdStrike seek security startups to enter the arena
: Last year's winner scored a $65M funding round on a $300M valuation

Pentagon considers leasing part of Camp Pendleton to help fund Golden Dome missile defense system (NBC News)
https://www.nbcnews.com/politics/national-security/pentagon-considers-leasing-part-camp-pendleton-help-fund-golden-dome-m-rcna228813
http://www.memeorandum.com/250903/p185#a250903p185

Xi Jinping joked about security backdoors when presenting South Korean President Lee Jae Myung with Xiaomi smartphones at APEC, amid US concerns about Huawei (Bloomberg)
https://www.bloomberg.com/news/articles/2025-11-03/xi-…

It's been a crazy week, so don't leave for the weekend until you check out today's Metacurity for the crucial cyber developments you should know, including
--Oracle confirms customer extortion emails, urges patch updates,
--Red Hat confirms security incident and begins remediation,
--Apple drops ICEBlock ICE tracking tool under pressure from DOJ,
--Japan to run out of Asahi beer after cyberattack,
--Air Force probes possible SharePoint breach,
-…

Oracle confirms customer extortion emails, urges patch updates
Red Hat confirms security incident and begins remediation, Apple drops ICEBlock ICE tracking tool under pressure from DOJ, Japan to run out of Asahi beer after cyberattack, Air Force probes possible SharePoint breach, Israeli medical center targeted in suspected Iran attack on Yom Kippur, much more

Replaced article(s) found for cs.CR. https://arxiv.org/list/cs.CR/new
[1/1]:
- A Quantitative Security Analysis of S-boxes in the NIST Lightweight Cryptography Finalists
Mahnoor Naseer, Sundas Tariq, Naveed Riaz, Naveed Ahmed, Mureed Hussain

Trump has decreed that the United States is in “armed conflict” with the drug cartels,
a status that aims to provide legal cover to the administration for using deadly force.

In a notice to Congress reviewed by The Washington Post,
the White House indicated that
Trump directed the attacks
pursuant to the "law of armed conflict"
after he “determined that the United States is in a non-international armed conflict with these designated terrorist orga…

U.S. kills 4 alleged drug smugglers near Venezuela, Hegseth says
The U.S. strike near Venezuela is the latest in the Trump administration’s legally nebulous campaign targeting Latin American drug cartels.

Anker paid users of its Eufy security cameras $2 per video of staged or real package and car thefts to train its AI systems from December 2024 to February 2025 (Lorenzo Franceschi-Bicchierai/TechCrunch)
https://techcrunch.com/2025/10/04/anke

Anker offered Eufy camera owners $2 per video for AI training | TechCrunch
Hundreds of Eufy customers have donated hundreds of thousands of videos to train the company’s AI systems.

Security and Privacy Analysis of Tile's Location Tracking Protocol
Akshaya Kumar, Anna Raymaker, Michael Specter
https://arxiv.org/abs/2510.00350 https://

Security and Privacy Analysis of Tile's Location Tracking Protocol
We conduct the first comprehensive security analysis of Tile, the second most popular crowd-sourced location-tracking service behind Apple's AirTags. We identify several exploitable vulnerabilities and design flaws, disproving many of the platform's claimed security and privacy guarantees: Tile's servers can persistently learn the location of all users and tags, unprivileged adversaries can track users through Bluetooth advertisements emitted by Tile's devices, and Tile's anti-theft mode is eas…

DOJ fires top national security prosecutor after he's questionably linked to Comey pushback (NBC News)
https://www.nbcnews.com/politics/justice-department/doj-fires-top-national-security-prosecutor-comey-indictment-rcna235161
http://www.memeorandum.com/251002/p107#a251002p107

U.S. kills 11 in strike on alleged drug vessel from Venezuela, Trump says https://www.washingtonpost.com/national-security/2025/09/02/trump-drug-strike-venezuela/

U.S. kills 11 in strike on alleged drug vessel from Venezuela, Trump says
The attack is a dramatic escalation that coincides with the administration’s growing counternarcotics focus and its intensifying feud with the Venezuelan leader, Nicolas Maduro.

DeFi protocol Balancer says its V2 Composable Stable Pools suffered an exploit, which security experts estimate resulted in total losses worth about $128M (Ryan S. Gladwin/Decrypt)
https://decrypt.co/347173/balancer-exploited-128-million-across…

Balancer Exploited for $128 Million Across Ethereum Chains as Berachain Halts Network
Some $128 million in crypto was stolen from Balancer liquidity pools on Ethereum and beyond, with Berachain halting its chain as a result.

Ukraine Pursues a Weapons Buildup More Potent Than Any Security Guarantee (Constant Méheut/New York Times)
https://www.nytimes.com/2025/09/02/world/europe/ukraine-weapons-security.html
http://www.memeorandum.com/250902/p23#a250902p23

From CVE Entries to Verifiable Exploits: An Automated Multi-Agent Framework for Reproducing CVEs
Saad Ullah, Praneeth Balasubramanian, Wenbo Guo, Amanda Burnett, Hammond Pearce, Christopher Kruegel, Giovanni Vigna, Gianluca Stringhini
https://arxiv.org/abs/2509.01835

From CVE Entries to Verifiable Exploits: An Automated Multi-Agent Framework for Reproducing CVEs
High-quality datasets of real-world vulnerabilities and their corresponding verifiable exploits are crucial resources in software security research. Yet such resources remain scarce, as their creation demands intensive manual effort and deep security expertise. In this paper, we present CVE-GENIE, an automated, large language model (LLM)-based multi-agent framework designed to reproduce real-world vulnerabilities, provided in Common Vulnerabilities and Exposures (CVE) format, to enable creation…

Varonis Systems agrees to acquire email security company SlashNext for up to $150M, including retention awards, after buying database company Cyral for ~$25M (Emily Forgash/Bloomberg)
https://www.bloomberg.com/news/articles/2025…

There is more the U.N. could do to stop the genocide in Gaza.
The General Assembly has the ability to circumvent the Security Council with a
“United for Peace” resolution
that could force “concrete action” in Gaza.
https://www.democracynow.org/2025/9/4/un_palestine

“Uniting for Peace”: How U.N. Could Override U.S. Veto, Send Peacekeepers to Gaza, Block Arms & More
The Trump administration is facing growing criticism for suspending visas for Palestinian passport holders, including for Palestinian officials set to attend the annual U.N. General Assembly this month. When the U.S. denied a visa to Yasser Arafat to address the U.N. in 1988, the General Assembly was moved to Geneva — the U.N. faces similar calls now. The move by the U.S. is “an indication of the unprecedented degree to which the U.S. government has handed the levers of its foreign policy o…

Trump offers Qatar, which gave him a fancy plane, a NATO-like security guarantee (Steve Benen/MSNBC)
https://www.msnbc.com/rachel-maddow-show/maddowblog/trump-offers-qatar-gave-fancy-plane-nato-security-guarantee-rcna235175
http://www.memeorandum.com/251002/p116#a251002p116

Israeli startup Sola, which develops AI-based low-code cybersecurity tools, raised a $35M Series A led by S32 and says it has ~2,000 customers (Resilience Media)
https://www.resiliencemedia.co/p/sola-raises-35m-to-ramp-up-its-ai

Sola Raises $35M to Ramp Up Its AI-based Cybersecurity Tooling
Building a 'Stripe for security', the Israeli startup aims to plug the many gaps and extra work created by existing cybersecurity apps

Secure Password Generator Based on Secure Pseudo-Random Number Generator
Abel C. H. Chen
https://arxiv.org/abs/2509.02578 https://arxiv.org/pdf/2509.02578

Secure Password Generator Based on Secure Pseudo-Random Number Generator
In recent years, numerous incidents involving the leakage of website accounts and text passwords (referred to as passwords) have raised significant concerns regarding the potential exposure of personal information. These events underscore the critical importance of both information security and password protection. While many of these breaches are attributable to vulnerabilities within website infrastructure, the strength and security of the passwords themselves also play a crucial role. Conseq…

A shocking cybercrime has shaken India’s digital security landscape, with hackers stealing at least 50,000 CCTV clips over nine months from facilities across the country and selling them online, feeding them into an international porn fetish network for profit.
80 CCTV dashboards in seven cities were compromised using 'admin123' default passwords

Inside India’s voyeur web: 80 CCTV dashboards hacked across 20 states; hospitals, schools, homes streamed to porn channels; 50,000 clips sold | Rajkot News - The Times of India
A shocking cyber scandal has exposed widespread CCTV breaches across India, with hackers exploiting a default password, \"admin123,\" to access intimate

Dan Jones is among the residents left at 7500 S. South Shore Drive who are trying to piece together what remains
after an early morning, high-powered federal immigration raid
led to the arrests of dozens of their neighbors at their South Shore apartment building.
🔥Armed federal agents in military fatigues busted down their doors overnight,
🆘 pulling men, women and children from their apartments,
some of them naked, residents and witnesses said.
❌Agents ap…

Massive immigration raid on Chicago apartment building leaves residents reeling: 'I feel defeated'
The Department of Homeland Security said federal agents with Border Patrol, the FBI and the Bureau of Alcohol, Tobacco, Firearms and Explosives arrested 37 people in the raid.

Tel Aviv-based Daylight, whose AI-native platform autonomously identifies and contains cyber threats, raised a $33M Series A, bringing its total funding to $40M (Meir Orbach/CTech)
https://www.calcalistech.com/ctechnews/article/bjgfwuwk11e

Cyber startup Daylight raises $33 million just three months after its Seed round
Backed by Craft Ventures and top Israeli founders, the Tel Aviv-based company is building an AI-driven security platform to modernize detection and response.

Sources: TSMC fires several employees for violating rules related to obtaining sensitive info on 2nm chip tech; TSMC says it detected "unauthorized activities" (Cheng Ting-Fang/Nikkei Asia)
https://asia.nikkei.com/business/techn

TSMC fires workers for breaching data rules on cutting-edge chip tech
Prosecutors are investigating the matter under Taiwan's National Security Act

Metacurity is back after our hiatus, and we're shaking things up. Check out today's issue for a special report and a recap of the top infosec developments of the past two weeks, including
--More on DOGE and that insecure database at SSA…,
--UK's age ID law pushes users to non-compliant sites,
--Noem fires FEMA workers for failing basic security protocols,
--UNC6395 stole mass of authentication tokens from Salesloft,
--A hacker used Anthropic's Cl…

More on DOGE and that insecure database at SSA…
UK's age ID law pushes users to non-compliant sites, Noem fires FEMA workers for failing basic security protocols, UNC6395 stole a mass of authentication tokens from Salesloft, A hacker used Anthropic's Claude in crime spree, Salt Typhoon struck at least 200 organizations and 80 countries, more

Integrated Security Mechanisms for Weight Protection in Memristive Crossbar Arrays
Muhammad Faheemur Rahman, Wayne Burleson
https://arxiv.org/abs/2510.01350 https://

Integrated Security Mechanisms for Weight Protection in Memristive Crossbar Arrays
Memristive crossbar arrays enable in-memory computing by performing parallel analog computations directly within memory, making them well-suited for machine learning, neural networks, and neuromorphic systems. However, despite their advantages, non-volatile memristors are vulnerable to security threats (such as adversarial extraction of stored weights when the hardware is compromised. Protecting these weights is essential since they represent valuable intellectual property resulting from length…

A top Social Security Administration official turned whistleblower
says members of the Trump administration’s Department of Government Efficiency (DOGE)
uploaded hundreds of millions of Social Security records to a vulnerable cloud server,
putting the personal information of most Americans at risk of compromise.
Charles Borges, the Social Security Administration’s chief data officer,
said in a newly released whistleblower complaint published Tuesday
that o…

DOGE uploaded live copy of Social Security database to 'vulnerable' cloud server, says whistleblower | TechCrunch
The Social Security Administration's chief data officer has publicly blown the whistle, alleging DOGE put hundreds of millions of Social Security records at risk of compromise.

US to cut some security funds for European countries bordering Russia (Financial Times)
https://www.ft.com/content/0157d5f9-1b27-4d6c-b44e-f0a77da59b5d?accessToken=zwAAAZkWDPZ5kc8BV9X5GydNbNO0TvCnfaWbXQ.MEUCIQChz_gL2_auFLrxDAWVxv3l0N_yF2qMcb-3B6mqBxcNLQIgAwCCWiV0oqYP7g7JiVcOKaujnYRYeVzH98BGinjKSKE&segmentId=e95a9ae7-622c-6235-5f87-51e412b47e97&shareType=enterprise&shareId=14b85f32-06bb-4325-b011-41ff3e542b1e
http://www.memeorandum.com/250904/p153#a250904p153

European law enforcement arrests nine suspects involved in an alleged crypto fraud ring that stole €600M via fake investment platforms promising high returns (Sergiu Gatlan/BleepingComputer)
https://www.bleepingcomputer.com/news/secu

Memory-Augmented Log Analysis with Phi-4-mini: Enhancing Threat Detection in Structured Security Logs
Anbi Guo, Mahfuza Farooque
https://arxiv.org/abs/2510.00529 https://…

Memory-Augmented Log Analysis with Phi-4-mini: Enhancing Threat Detection in Structured Security Logs
Structured security logs are critical for detecting advanced persistent threats (APTs). Large language models (LLMs) struggle in this domain due to limited context and domain mismatch. We propose \textbf{DM-RAG}, a dual-memory retrieval-augmented generation framework for structured log analysis. It integrates a short-term memory buffer for recent summaries and a long-term FAISS-indexed memory for historical patterns. An instruction-tuned Phi-4-mini processes the combined context and outputs str…

So much happened over the weekend, so check out today's Metacurity for the most critical infosec developments you might have missed, including
--Hackers who stole trove of sensitive UPenn data derides 'dog**** elitist institution',
--LLM giants are trying to stop indirect prompt injection attacks,
--Oz government warns of Cisco IOS XE flaws,
--Polish authorities probe cyberattack on online loan platform,
--Chinese President Xi Jinping joked about smar…

Hackers who stole trove of sensitive UPenn data derides 'dog**** elitist institution'
LLM giants are trying to stop indirect prompt injection attacks, Oz government warns of Cisco IOS XE flaws, Polish authorities probe cyberattack on online loan platform, Chinese President Xi Jinping joked about smartphone backdoors, Shiba Inu implements massive security upgrade, much more

Legal Issues Raised by a Lethal U.S. Military Attack in the Caribbean (Brian Finucane/Just Security)
https://www.justsecurity.org/119982/legal-issues-military-attack-carribean/
http://www.memeorandum.com/250903/p163#a250903p163

Dissecting the Trump Administration's Effort to Circumvent the War Powers Resolution for Boat Strikes (Brian Finucane/Just Security)
https://www.justsecurity.org/123844/war-powers-resolution-venezuela-boat-strikes/
http://www.memeorandum.com/251103/p39#a251103p39

An interview with CrowdStrike CEO George Kurtz on the company's M&A strategy as it acquires Madrid-based data observability startup Onum for about $290M (Allie Garfinkle/Fortune)
https://fortune.com/2025/08/27/crowdstrike-ceo-g…

Exclusive: Crowdstrike CEO George Kurtz on $290 million acquisition of startup Onum and security in the AI age
The cybersecurity company, which went public in 2019, is a longtime acquirer, and has acquired data observability startup Onum for about $290 million.

Trump Is Crossing a Line That Dates Back to the Revolution (The Atlantic)
https://www.theatlantic.com/national-security/archive/2025/09/the-military-wasnt-built-to-fight-crime/684101/?gift=HoRfrgrF5SCKopc-hfobxPo-J_rv6KEfCNxW9ZnU7VA
http://www.memeorandum.com/250903/p186#a250903p186

Pentagon approves use of Navy base for Chicago ICE operations (Washington Post)
https://www.washingtonpost.com/national-security/2025/09/04/chicago-navy-base-great-lakes-pritzker-trump-ice/
http://www.memeorandum.com/250904/p67#a250904p67

GOP senators assail Trump Pentagon pick in rare show of disunity (Noah Robertson/Washington Post)
https://www.washingtonpost.com/national-security/2025/11/04/republicans-pentagon-policy-nominee/?pwapi_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJyZWFzb24iOiJnaWZ0IiwibmJmIjoxNzYyMjMyNDAwLCJpc3MiOiJzdWJzY3JpcHRpb25zIiwiZXhwIjoxNzYzNjE0Nzk5LCJpYXQiOjE3NjIyMzI0MDAsImp0aSI6ImI4NzdlM2Q4LWYyOWUtNDUxMi1iM2U3LThjNGIxNzA5ZDUzYiIsInVybCI6Imh0dHBzOi8vd3d3Lndhc2hpbmd0b25wb3N0LmNvbS9uYXRpb25hbC1zZWN1cml0eS8yMDI1LzExLzA0L3JlcHVibGljYW5zLXBlbnRhZ29uLXBvbGljeS1ub21pbmVlLyJ9.pYvopqAunoWWqYJxk2Hv_Lr11tICBv8KSWGcoe8s6dI
http://www.memeorandum.com/251104/p158#a251104p158

Trump administration to help share new HIV drug with impacted nations (Adam Taylor/Washington Post)
https://www.washingtonpost.com/national-security/2025/09/04/trump-hiv-aids-pepfar-lenacapavir-gilead/
http://www.memeorandum.com/250904/p146#a250904p146

Justice Dept. defends Lindsey Halligan against unlawful-appointment criticism (Jeremy Roebuck/Washington Post)
https://www.washingtonpost.com/national-security/2025/11/03/justice-department-bondi-halligan-appointment/
http://www.memeorandum.com/251104/p46#a251104p46