Cybersecurity
ODINI Malware Defeats Faraday Cages via CPU Magnetic Fields
A Ben-Gurion University team just showed how CPU workload modulation leaks 40 bits per second through Faraday cage walls. Air-gap assumptions need a rewrite.
ShinyHunters Hits Canvas: 9,000 Universities, 275M Records Claimed
ShinyHunters claims 275 million records from 9,000 universities via a single Canvas teacher account. The blast radius math is the story, not the ransom note.
The Identity Bill Comes Due: Cisco, ServiceNow Bet on Non-Human Auth
Cisco buys Astrix, ServiceNow ships Autonomous Security & Risk, XBOW closes $155M. The non-human identity bill is landing on CFO desks this quarter.
Dirty Frag Zero-Day Hands Root on Every Major Linux Distro
A nine-year-old bug in the Linux kernel's crypto interface just became a one-command root exploit. No patches, no CVE at first, and the embargo is already in pieces.
Palo Alto PAN-OS Zero-Day CVE-2026-0300 Hit by State Hackers
A CVSS 9.3 zero-day in PAN-OS Captive Portal is being exploited by state-backed crews for unauthenticated root RCE. No patch exists. Mitigations only.
cPanel CVE-2026-41940 Hits Gov Servers, Patch Now
A CVSS 9.8 cPanel auth bypass got chained into a cross-border espionage campaign. The platform decision sitting on every CTO's desk just got more expensive.
Vimeo Breach Exposes Anodot Supply Chain Risk
Vimeo's user database was breached through Anodot, an analytics vendor. ShinyHunters used trusted API connections to walk past the perimeter. Here's the engineering read.