Google Sues to Disrupt Chinese SMS Phishing Triad – A Bitter Dram for a Bitter Newsletter
What happened Google has taken to the courts to sic civil complaints on dozens of unnamed individuals behind a China-based SMS phishing service. The scam allegedly impersonates hundreds of trusted brands, blasts out text message lure after lure, and converts phished card data into mobile wallets from Apple and Google. In other words, a very […]
Sweet Security’s 75 Million Bet: Cloud, AI, and the Unending Vendor Mirage
Pour yourself a dram of bourbon and settle in, because this is the kind of news that reminds you why your day job feels like sprinting through a maze while someone keeps moving the walls. Sweet Security’s latest funding round—75 million dollars to “accelerate global expansion and product innovation”—is the kind of headline that makes […]
Tenzai’s AI-Powered Pentesting Platform: A $75 Million Toast to the Next Vendor Gimmick
Overview wrapped in a whiskey-fueled hyperbole Pour yourself a dram of whiskey, because the latest from the vendor hype machine reads like a marketing whitepaper dressed in velvet AI robes. Tel Aviv, Israel based Tenzai has built an AI-driven platform that claims to continuously identify and address vulnerabilities through pentesting magic. They’ve just slapped a […]
Forbes AI 50 Secrets on GitHub: A Security Story Worth a Whisky Toast
Pour yourself a drink, this breach is dumber than last week’s. Here is the one story we should be talking about without pretending the rest of the newsletter matters. Wiz reportedly found secrets belonging to Forbes AI 50 companies sitting in GitHub repos and training data, with the usual plausible deniability baked in. The kind […]
Drilling Down on Uncle Sam’s TP-Link Ban: Security Theatre for the Bar Stool Set
Pour yourself a drink, this breach is dumber than last week’s hype cycle. The TP-Link ban story is not a sudden revelation in how the internet works or why devices get pwned in the wild. It is the security industry performing on a stage built by policy wonks, pundits, and people who confuse a press […]
GlassWorm Returns to OpenVSX with 3 New VSCode Extensions
Pour yourself a dram of something dark and let the hype fade away. GlassWorm is back, threading its way through OpenVSX with three new VSCode extensions that look perfectly innocent until you realize they might be weaponized. The same campaign that tainted the OpenVSX and Visual Studio Code marketplaces last month has resurfaced, offering a […]
Data Exposure in Keras CVE-2025-12058: Patch Day in the AI Basement
Another day, another AI framework vulnerability that makes you question why you still trust a bunch of knobs in a notebook with a keyboard shortcut. The CVE-2025-12058 story in Keras is exactly the kind of reminder you pretend you don’t need at 3 a.m. while you’re sipping bourbon and scrolling through a dozen vendor advisories […]
Top Story: Researchers Hack ChatGPT Memories and Web Search Features
One Story, a Hundred Wictions — and a Glass of Whiskey to Soothe the Pain Pour yourself a glass of your favorite whiskey and listen up, because this is the kind of story that makes compliance spreadsheets look exciting. Tenable researchers reportedly found seven vulnerabilities in the latest ChatGPT memory and web search features, a […]
Cloudflare Scrubs Aisuru Botnet from Top Domains List — a brutal reminder the DNS circus never ends
Another zero-day patched just in time for no one to notice. Cloudflare puts on a show by redacting Aisuru botnet domains from its so-called top domains list, and somehow that fixes everything in the eyes of the vendors and the press. Pull yourself a glass of bourbon or rye and try not to spit when […]
Zscaler acquires SPLX: more AI buzz, less real security, and a nice glass of bourbon to cope
Pour yourself a glass of bourbon, because the latest security acquisition reads like another glossy demo reel dressed up as a strategic milestone. Zscaler is snapping up SPLX, a company that supposedly brings red teaming, asset management, and threat inspection to the party, all to expand the Zero Trust Exchange. In plain terms: more marketing […]
