RECON

Analysis of 175,000 open-source AI hosts across 130 countries reveals a vast compute layer susceptible to resource hijacking and code execution attacks.

Software signatures carry an invisible expiration date. The container image or firmware you sign today might be deployed for 20 years, but the cryptographic signature protecting it may become untrustworthy within 10 years. SHA-1 certificates become worthless, weak RSA keys are banned, and quantum computers may crack today’s elliptic curve cryptography. The question isn’t whether our current signatures will fail, but whether we’re prepared for when they do. Sigstore, an open-source ecosystem f...

On February 13, 2026, alongside the previously announced retirement⁠ of GPT‑5 (Instant, Thinking, and Pro), we will retire GPT‑4o, GPT‑4.1, GPT‑4.1 mini, and OpenAI o4-mini from ChatGPT. In the API, there are no changes at this time.

Taisei Corporation’s HR team is leading the rollout of ChatGPT Enterprise to drive AI-powered talent development across the organization.

This week, Scott sat down with his Lawfare colleagues Alan Rozenshtein, Eric Columbus, and Molly Roberts for a deep dive into two of the week’s big national security news stories: “Slipping Down the Slope.” Last week’s killing of 37-year-old ICU nurse Alex Pretti by Border Patrol agents in Minneapolis, Minnesota, has triggered what increasingly appears to be a national backlash against the Trump administration’s immigration policies and ICE’s violent tactics. Republicans and Democrats alike h...

How OpenAI built an in-house AI data agent that uses GPT-5, Codex, and memory to reason over massive datasets and deliver reliable insights in minutes.

Google AI Ultra subscribers in the U.S. can try out Project Genie, an experimental research prototype that lets you create and explore worlds.

Bitdefender researchers have discovered an Android RAT (remote access trojan) campaign that combines social engineering, the resources of the Hugging Face online platform as staging, and extensive use of Accessibility Services to compromise devices.

This week, we look at how long-standing API security failures are being amplified by automation, AI, and increasingly aggressive exploitation timelines. From agentic AI vulnerabilities in ServiceNow to authentication bypasses actively exploited in SmarterMail and Fortinet infrastructure, this issue highlights how broken authentication and authorization continue to dominate real-world incidents.  We also dive into the 42Crunch [...] Read More... The post Issue 288: State of API Security 2026, ...

An in-depth analysis of an Interlock ransomware intrusion, detailing new malware tooling, defense evasion techniques, and high-ROI detection strategies.

In the past few days Signal groups exploded in the news with revelations that Signal groups are the primary "ICE tracker" channels, may have dispatched Alex Pretti to his fatal encounter with DHS, and are under investigation by the FBI. As groups frequently hit the 1000-member capacity, concern about infiltration is rampant. Key facets of […]

Please check the blog post here: https://ethiack.com/news/blog/one-click-rce-moltbot

漏洞名称：SmarterMail ConnectToHub /api/v1/settings/sysadmin/connect-to-hub 命令执行漏洞（CVE-2026-2...

New Britain ransomware attack disrupts city systems for days, FBI investigating    WFSB

Chinese APTs Hacking Asian Orgs With High-End Malware    Dark Reading

Malware Brief: New wave of botnets driving DDoS chaos    Barracuda Networks Blog