US POL
Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information | TechCrunch - Hollander said DOGE “never identified or articulated” a reason why it needs access to the “personal and private data of millions of Americans.”
CISA fires then rehires security crew, and puts them on hold • The Register - CISA employees are back, but benched. Placed on paid-leave, Red Teamers and other security staff are still in limbo.
DoD engineer took home top-secret docs, booked a trip to MX • The Register- Printed 100s of pages of Top Secret documents and carried them home in a plastic shopping bag, then the dual citizen headed for Mexico. The FBI didn’t care for that.
Trump officials leak plans for US airstrikes in Signal SNAFU • The Register - On the other hand, they don’t seem to mind if you plan a war on Signal. Jeffrey Goldberg, editor of the Atlantic was added to a group chat on Signal with JD Vance, SecDef Hegseth, SecState Rubio, DNI head Tulsi Gabbard and Homeland’s Miller to plan a bombing campaign of Houthi’s in Yemen.
FCC checks if black-listed Chinese firms didn’t get the memo • The Register - FCC assumes Hauwei, ZTE, and others are still doing business in the US. Albeit, illegally. US Telecom companies have still failed to strip the Chinese kit as US Gov dollars for doing so have dried up.
U.S. Treasury Lifts Tornado Cash Sanctions Amid North Korea Money Laundering Probe - “Based on the Administration’s review of the novel legal and policy issues raised by use of financial sanctions against financial and commercial activity occurring within evolving technology and legal environments, we have exercised our discretion to remove the economic sanctions against Tornado Cash.” Tornado was previously used in the Lazarus Heist to launder around $7bn in crypto assets.
Bugs
IBM urges quick patching of critical AIX bugs • The Register - 10 out of 10 CVS score for AIX, often used in the finance, banking, healthcare, and telecom segments.
Breaches
Infosec pro Troy Hunt HasBeenPwned in Mailchimp phish • The Register - Hunt gets hit with a sophisticated and automated phishing kit. Now, Hunt HazBeenPwned. Hunt gave details of the campaign here: Troy Hunt: A Sneaky Phish Just Grabbed my Mailchimp Mailing List
New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors - Threat actors provide malicious rules files, specifically crafted to provide back doors and intentional security issues. These rules affect all future code-generation sessions, survive project forking, and become supply-chain attacks for downstream users.
Coinbase was primary target of recent GitHub Actions breaches - All in the name of crypto theft, tjactions and reviewdog were used to target downstream commercial entities.
Implicit Trust is Always abused: Microsoft Trusted Signing service abused to code-sign malware
FBI warnings are true—fake file converters do push malware - Don’t put company data in “free conversion” tools.
CEO of AI ad-tech firm pledging “world free of fraud” sentenced for fraud - Ars Technica - Roberts will face prison after creating fake financials to boost the companies IPO (Initial Public Offering) to defraud investors.
Oracle Cloud denies claims of server intrusion • The Register Oracle claims it isn’t breached, but threat actors have shown otherwise.
Privacy
23andMe files for bankruptcy protection • The Register - Chapter 11 would allow the failed genetics company to continue to operate, while selling assets to a new owner. Privacy advocates recommend Users who haven’t done so, export and request the deletion of their genetic data, fearing who the next buyer could be.