AI
Google Workspace AI 'smart features' are on by default
LLMs can be easily jailbroken using poetry
Human-written malicious prompts only bypassed LLM guardrails 8 percent of the time. But when rewritten as poetry, by humans, the average success of attacks surged to 62 percent. Gemini was once again the worst model, failing 100% of the time to the poems. The malicious acts included generating RCE code, password cracking, and propagating malware.
Grok Insists That Elon Musk Is More Physically Fit Than LeBron James
"Elon's intelligence ranks among the top 10 minds in history, rivaling polymaths like da Vinci or Newton."
“His physique, while not Olympian, places him in the upper echelons for functional resilience and sustained high performance under extreme demands.”
Politics
Marjorie Taylor Greene to resign from office effective January 2026
“No matter which way the political pendulum swings, Republican or Democrat, nothing ever gets better for the common American man or woman,” Greene said. “When the common American people finally realize and understand that the Political Industrial Complex of both parties is ripping this country apart, that not one elected leader like me is able to stop Washington’s machine from gradually destroying our country, and instead the reality is that they, common Americans, The People, possess the real power over Washington, then I’ll be here by their side to rebuild it."
Furious House Republican Warns More ‘Explosive’ Resignations Are Coming After Marjorie Taylor Greene
America’s Polarization Has Become the World's Side Hustle
The 'psyops' revealed by X are entirely the fault of the perverse incentives created by social media monetization programs. Training videos explain how and why this content is generated: American content pays 7x as much per click as Bangladeshi content. Content is scraped from news outlets, run through translation and AI programs, and produces videos with narration targeted to interest Americans.
Many prominent Maga personalities on X are based outside US, new tool reveals
Flock Safety cameras used to monitor protesters, rights group finds
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chinese threat group known as Salt Typhoon. Telecommunication firms found the new framework too cumbersome and taxing for their operations, so the FCC has now deemed the prior rule inflexible, retracting it.
SFMTA to Upgrade Bus Lane Ticketing System, Expects to Raise Number of Fines by 500%
Infosec
Stop Putting Your Passwords Into Random Websites (Yes, Seriously, You Are The Problem)
Secrets found on JSONformatter and CodeBeautify include credentials for AD, code repositories, databases, etc. These come from critical national infrastructure, .GOV, finance, tech, aerospace, etc. Watchtowr spent months working with CERT teams trying to notify these people before publication, to little avail.
We should all be using dependency cooldowns
Waiting a week before updating dependencies prevents most supply-chain attacks.
Microsoft finally admits almost all major Windows 11 core features are broken
The issues are related to XAML (Extensible Application Markup Language) and this impacts all the Shell components like the Start Menu, Taskbar, Explorer, and Windows Settings. The problems started with the July, 2025 update and are still not fixed.
Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised
This outbreak has already outgrown the original Shai-Hulud incident, with more than 800 npm packages confirmed as trojanized and tens of thousands of GitHub repositories affected, spreading rapidly. The malicious versions embed credential-stealing payloads designed to capture developer tokens, leak secrets, and establish persistent footholds across repositories and developer environments.
In this second wave, Sha1-Hulud introduces a far more aggressive fallback mechanism: if the malware fails to authenticate or establish persistence, it attempts to destroy the victim’s entire home directory.
Shai-Hulud Returns: Over 1K NPM Packages and 27K+ Github Repos infected via Fake Bun Runtime Within Hours
On November 24, 2025, HelixGuard detected that over 1,000 components in the NPM registry were poisoned using the same method within a span of a few hours. Upon execution, the malware downloads and runs TruffleHog to scan the local machine, stealing sensitive information such as NPM Tokens, AWS/GCP/Azure credentials, and environment variables.
The malicious code exfiltrates the stolen information by creating a GitHub Action runner named SHA1HULUD, and a GitHub repository description Sha1-Hulud: The Second Coming.. This suggests it may be the same attacker behind the "Shai-Hulud" attack observed in September 2025.
And now, over 27,000 GitHub repositories were infected.
TruffleHog
TruffleHog™ is a secrets scanning tool that digs deep into your
code repositories to find secrets, passwords, and sensitive keys.
CrowdStrike catches insider feeding information to hackers
ShinyHunters agreed to pay the insider $25,000 to provide them with access to CrowdStrike's network. The threat actors claimed they ultimately received SSO authentication cookies from the insider, but by then, the suspected insider had already been detected by CrowdStrike, which had shut down his network access.
AWS introduces new VPC Encryption Controls and further raises the bar on data encryption
VPC Encryption Controls to make it easy to audit and enforce encryption in transit within and across Amazon Virtual Private Clouds (VPC), and demonstrate compliance with encryption standards. You can turn it on your existing VPCs to monitor encryption status of traffic flows and identify VPC resources that are unintentionally allowing plaintext traffic.
Detectives Ask for the Public’s Help Identifying ATM Jackpotting Suspects
On October 3, 2025, at 10:18 p.m., an unknown individual approached the drive-up ATM in the 4200 block of Members Way near Fair Oaks and used a key to open the machine. It remains unclear what actions were taken once it was accessed.
The same individual returned on October 4, 2025, at 12:28 a.m., driving a late-model blue Jeep, and again opened the ATM. Around 1:15 a.m., two suspects, including the original individual, arrived in the same Jeep and accessed the machine for about 15 minutes while appearing to record it with their phones.
At 2:00 a.m., an unmasked suspect in the same Jeep began withdrawing cash without inserting a card or touching the ATM. He held a phone toward the machine while removing cash, left briefly, and returned at 2:09 a.m., remaining until 2:44 a.m. as withdrawals continued.
Microsoft and GitHub Preview New Tool That Identifies, Prioritizes, and Fixes Vulnerabilities With AI
|