GlassWorm Returns to OpenVSX with 3 New VSCode Extensions
Pour yourself a dram of something dark and let the hype fade away. GlassWorm is back, threading its way through OpenVSX with three new VSCode extensions that look perfectly innocent until you realize they might be weaponized. The same campaign that tainted the OpenVSX and Visual Studio Code marketplaces last month has resurfaced, offering a […]
Data Exposure in Keras CVE-2025-12058: Patch Day in the AI Basement
Another day, another AI framework vulnerability that makes you question why you still trust a bunch of knobs in a notebook with a keyboard shortcut. The CVE-2025-12058 story in Keras is exactly the kind of reminder you pretend you don’t need at 3 a.m. while you’re sipping bourbon and scrolling through a dozen vendor advisories […]
Top Story: Researchers Hack ChatGPT Memories and Web Search Features
One Story, a Hundred Wictions — and a Glass of Whiskey to Soothe the Pain Pour yourself a glass of your favorite whiskey and listen up, because this is the kind of story that makes compliance spreadsheets look exciting. Tenable researchers reportedly found seven vulnerabilities in the latest ChatGPT memory and web search features, a […]
Cloudflare Scrubs Aisuru Botnet from Top Domains List — a brutal reminder the DNS circus never ends
Another zero-day patched just in time for no one to notice. Cloudflare puts on a show by redacting Aisuru botnet domains from its so-called top domains list, and somehow that fixes everything in the eyes of the vendors and the press. Pull yourself a glass of bourbon or rye and try not to spit when […]
Zscaler acquires SPLX: more AI buzz, less real security, and a nice glass of bourbon to cope
Pour yourself a glass of bourbon, because the latest security acquisition reads like another glossy demo reel dressed up as a strategic milestone. Zscaler is snapping up SPLX, a company that supposedly brings red teaming, asset management, and threat inspection to the party, all to expand the Zero Trust Exchange. In plain terms: more marketing […]
Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case
Pour yourself a bourbon and buckle in – this is not another vendor brochure dressed as a security post. Yuriy Igorevich Rybtsov, aka MrICQ, has been extradited to the United States to face charges in the Jabber Zeus cybercrime case. If you’ve ignored the last ten warnings about criminal syndicates moving money and data across […]
Alleged Jabber Zeus Coder MrICQ in U.S. Custody
Pour yourself a whiskey and get ready to watch the security theater cycle spin again. This week we’re told that Yuriy Igorevich Rybtsov, the man prosecutors allege developed for the infamous Jabber Zeus crew under the online handle “MrICQ,” has finally been carted from Italy to the United States to face a 13 year old […]
Ads In AI Search Are Here, Now With Extra Glare
Top Story Another day, another reminder that security theater gets an upgrade the moment a vendor opens its marketing funnel. Google confirms that AI search results will carry ads and that those ads may look different. Translation: your search experience is about to become a sponsored buffet, dressed up in fancy AI skin, while the […]
Jamf Goes Private: A Bourbon-Fueled Take on a $2.2B Buyout
Pour yourself a dram of something reliable like bourbon, because this top story reads like a CISO’s tax filing that forgot to pay attention. Jamf is going private in a $2.2 billion, all-cash deal led by Francisco Partners. In plain terms: a company that keeps Apple fleets under control is being handed over to a […]
GPT-5 Distress Handling – OpenAI’s Patch Notes for People Who Ignore the Rest of Security
Top Story Pour yourself a glass of bourbon, because OpenAI has handed us another patch note masquerading as a cure for human emotion in conversations. OpenAI claims GPT-5 is now better at handling mental and emotional distress, shipped on October 5, and marketed as a safety improvement for sensitive chats. In security terms, this is […]
