AI
AI-generated reporting: Lessons learned from Cisco Talos Incident Response
When given raw notes and asked to create technical reports, large language models (LLMs) such as ChatGPT, Claude, and Gemini generated polished-looking results that often contained significant inaccuracies, unusual conclusions, and inconsistent writing styles.
Mitigations:
- Prompt specialization: Replacing large, unified prompts with granular, single-task instructions.
- Specified source constraints: Mandating exactly where the LLM should retrieve information.
- Model selection: As of late 2025, Claude Sonnet 4.5 emerged as the most effective model.
- LLM over-reliance: Report authors retain accountability for the quality of the final product.--they must edit, understand, and take ownership of every word of the final report.
Hadrian OpenHack
Open-source source code security review tool
VeilGate
Open-source deception proxy to raise the cost of automated security probing
Anthropic’s Code with Claude showed off coding’s future—whether you like it or not
As tools like Claude Code get better, more and more developers are happy to hand off coding tasks to them. The way software gets built has changed for good.
Politics
‘We will not go back to Jim Crow’: thousands rally in Mississippi for voting rights
The Roberts court has opened the door to the biggest destruction of Black political power since the end of Reconstruction. Republicans in Tennessee eliminated the state’s one Black congressional district and Alabama, Louisiana, South Carolina and Georgia are all moving in turn.
First vaccines, now mammograms? RFK Jr.’s latest firings have doctors outraged.
With the new firings, doctors fear that USPSTF will go the way of the Advisory Committee on Immunizations Practices (ACIP) and its vaccine recommendations for the Centers for Disease Control and Prevention—which is to say, that Kennedy will remove expert members, replace them with unqualified allies, and push through fringe or politicized recommendations. Such damage to the task force threatens to imperil access to lifesaving preventive services for millions of Americans. Under the Affordable Care Act, most health insurance plans must cover recommended preventive services that the USPSTF grades as “A” or “B,” which reflect the evidence-based certainty of benefit.
Kash Patel's apparel website is hosting ClickFix malware
Trump Mobile Site Reportedly Exposing Customers' Private Data
TrumpMobile.com apparently contains an exploitable software flaw that can leak data, including emails, physical addresses, and full names. It only has about 10,000 unique customers. Total online phone orders are at about 30,000, far lower than the estimated 600,000 figure some media outlets have cited for the T1 phone.
CISA Enhances Known Exploited Vulnerabilities Catalog to Include New Nomination Form
It enables researchers, vendors, and industry partners to report known exploited vulnerabilities (KEV).
WHO chief says Ebola outbreak in Congo is ‘spreading rapidly’ and upgrades risk assessment
The Ebola outbreak in Congo is “spreading rapidly” and now poses a “very high” risk at the national level.
There are now almost 750 suspected cases and 177 suspected deaths.
Republicans call off vote on Iran war resolution that was on the verge of passing
Republicans struggled Thursday to find the votes to dismiss legislation that would compel President Donald Trump to withdraw from the war with Iran, delaying planned votes on the matter into June.
6,000 refugees entered the U.S. since October. All but 3 are South African.
Inside the stealthy startup that pitched brainless human clones
R3 Bio, in Richmond, California, suddenly shared details about its work last week—saying it had raised money to create nonsentient monkey “organ sacks” as an alternative to animal testing. The stealth startup’s founder John Schloendorn also pitched a startling, medically graphic, and ethically charged vision for what he's called "brainless clones" to serve the role of backup human bodies.
Infosec
Microsoft shares mitigation for YellowKey Windows zero-day
To mitigate YellowKey attacks, Microsoft recommended removing the autofstx.exe entry from the Session Manager's BootExecute REG_MULTI_SZ value, then reestablishing BitLocker trust for WinRE
Microsoft ends SMS MFA for personal accounts
All users will be prompted to add a passkey the next time they log into their accounts.
Megalodon: Mass GitHub Repo Backdooring via CI Workflows
On May 18, 2026, an automated campaign codenamed megalodon pushed 5,718 malicious commits to 5,561 GitHub repositories in a six-hour window. It exfiltrated CI secrets, cloud credentials, SSH keys, OIDC tokens, and source code secrets.
Google publishes exploit code threatening millions of Chromium users
Unfixed for 42 months (and counting). The unfixed vulnerability can be exploited by any website a user visits. The capabilities are limited to the same things a browser can do, such as visit malicious sites, provide anonymous proxy browsing by others, enable proxied DDoS attacks, and monitor user activity.
Google API keys keep working after you delete them
For 23 minutesm as servers slowly update.
|