Artemis II mission planning:

"We strap you on a rocket, launch around the Moon based on some absurdly complicated mathematical formulas, then guide you back down the atmosphere at insane speeds, trying hard not to burn you alive.

Finally, we have to make sure you don't splash down at these particular areas of our planet, or some angry Earthlican may just shoot you."

Humanity is weird.

@kaoudis Wow, beautiful! After filtered Anthropic-related results from my search I still thought the images were LLM generated...

cpuid has been compromised, most downloads are serving a rat+infostealer as we speak, make sure you didn't get hit

We publish a major Citizen Lab report on Webloc, an ad-based mass surveillance system that monitors the movements and personal characteristics of hundreds of millions people globally based on data obtained from mobile apps and digital advertising.

Customers include ICE, El Salvador and Hungary.

Our research shows that ad-based surveillance is now used by military, intelligence and law enforcement agencies down to local police in several countries.

Full report here:
https://citizenlab.ca/research/analysis-of-penlinks-ad-based-geolocation-surveillance-tech/

This comic needed an update

@timb_machine What kind of information do you hope to extract from this? KEV data is incomplete, CVE data is extremely noisy and incomplete.

@ilmari quite notably different!

Very slightly work adjacent: a "we've updated our privacy policy" email in my inbox reminded me of a thing that $work did, and that I wish every company did: we checked all our ToS and similar documents into a git repo and published it, so that when they change you can just go look at the damn diff and see what changed (https://github.com/tailscale/terms-and-conditions).

If you work someplace and have the authority to do this, I wish this was normalized and expected of corporations that expect us to ingest a short story worth of legalese and keep up with the changes over time.

Thanks to
@jasminecarter.bsky.social
my cumulative complexity calculator for #Ghidra now has a cute logo:

https://github.com/v-p-b/rabbithole

@obivan There is a lot of nuance to consider with these results, incl. feasibility with other models (I'm willing to believe it's doable). But e.g. the FP problem doesn't seem at all that limiting as some suggest and some of the results (with Mythos&others) are very hard to ignore as a vulnerability researcher.

Fair criticism of the latest @Bellingcat piece about leaked .gov.hu credentials (HU, use your favorite translator):

https://kiber.blog.hu/2026/04/09/tobb_szaz_magyar_kormanyzati_jelszo_kerult_ki_az_internetre_ja_de_mikor

There is *a lot* to report about in Hungarian politics/natsec, but digging up old credential dumps just misdirects attention and discredits relevant investigative work.

Unfortunately many skeptical takes on #Mythos / #Glasswing remind me of Gell-Mann amnesia:

https://en.wiktionary.org/wiki/Gell-Mann_Amnesia_effect

Every #LLM company and claim deserves ruthless skepticism, but arguments based on falsehoods and misunderstandings don't lead us forward.

Watching this talk is recommended:

https://www.youtube.com/watch?v=1sd26pWhfmg

Near as I can tell, this is all very good news. More things should take advantage of secure enclaves, and this open standard protects against one of the hardest current defense surfaces.

https://security.googleblog.com/2026/04/protecting-cookies-with-device-bound.html

Former Trenchant exec who stole exploits from his employer and sold them to a Russian broker says he was suffering depression & money troubles when he decided to sell the exploits. Also, new info reveals the nature of the work he did for an Australian intel agency before joining Trenchant. My story is linked below. Please consider becoming a paid subscriber if you like my work on this piece. It's 4,000 words and I'm making it available for free to everyone. But I can only do that because some subscribers have generously become paid subscribers.

https://www.zetter-zeroday.com/trenchant-exec-says-he-had-depression-money-troubles-when-he-decided-to-sell-zero-days-to-russian-buyer-also-new-info-reveals-nature-of-his-work-for-australian-intelligence-agency/?ref=zero-day-newsletter

I came across a reference to #Wazuh in another thread. It looks interesting: an open-source thing that can manage a bunch of compliance requirements.

So I went looking for information about their agent's security. Things I did find:

• Installing it requires root and it appears to run as root.

Things I did not find:

• Any security audit of the agent.
• Any documentation on how they do privilege separation in the agent.
• Any design docs for the agent.
• Any threat model docs for the agent.

Are these things somewhere I missed? Anyone familiar with the project know how they avoid their network-connected-and-highly-privileged thing being an attack vector for client devices? Is it possible to run it sandboxed with read-only access to the system (for reporting violations but not automatically trying to fix them)?

Little Snitch Comes To Linux To Expose What Your Software Is Really Doing https://linux.slashdot.org/story/26/04/09/0617212/little-snitch-comes-to-linux-to-expose-what-your-software-is-really-doing?utm_source=rss1.0mainlinkanon

New, by me at TechCrunch: The developer of the widely popular Wireguard VPN says he is also unable to ship software updates to Windows users after Microsoft locked his account, marking the second high-profile app developer (VeraCrypt) in the past few weeks to face this issue.

https://techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/

"Intelligence agencies of Viktor Orbán’s government have been secretly using Webloc — a mass surveillance tool that tracks hundreds of millions of people via smartphone advertising data — making Hungary the first confirmed EU country to deploy it"

https://vsquare.org/orban-spying-toolkit-cobwebs-webloc-hungary-spyware-citizen-lab/

RE: https://infosec.exchange/@josephcox/116374994792773696

To stop leaking your Signal messages:

Signal > Settings > Notifications > Notification Content > Show > “Name only” or “No name or content”

iOS and Android notifications all go through Apple and Google’s servers respectively and are not end to end encrypted. The feds have known and used this for years now.

Edit: That last bit doesn’t affect Signal, my bad. The settings change does still protect from the on-device notification DB storing message preview. See this reply for more info

https://tech.lgbt/@becomethewaifu/116375432389206118

#privacy #PrivacyMatters #cybersecurity

Adobe Reader Zero-Day Exploited for Months: Researcher

https://www.securityweek.com/adobe-reader-zero-day-exploited-for-months-researcher/