Independent cybersecurity / privacy / AI risk journal
Tracking the cybersecurity, privacy, and AI risk signals that matter, beyond the headline breaches.
Lead briefing
This fluid pump was inspired by the way squids propel themselves through the water. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
Today’s briefings
Maine has taken its public data breach reporting portal offline after fraudulent breach disclosures were published on the state's website, prompting a review of procedures to prevent abuse in the future.
A Ukrainian national extradited from Ireland to the United States last year has pleaded guilty to conspiracy charges tied to the Conti ransomware operation.
Let no one accuse Bernie Sanders of ducking the big questions. Writing in the New York Times last week, the senator asked: “Will the future of humanity be determined by a handful of billionaires who have promoted and developed AI, with v…
Latest updates
New governance development detected from EDPB News. Brussels, 12 June – As of today, coordinated supervision of the European Union’s asylum and migration database (Eurodac) will be carried out by the Coordinated Supervision Committee (CSC).
Kyushu Electric Power Co., Inc. has disclosed a physical security incident that affects private data of more than 10 million customers.
In an unusual misinformation campaign, fraudulent data breach disclosures were submitted to Maine's official breach portal and publicly posted before their legitimacy could be verified, prompting companies to deny the claims. In an unusu…
Danish pharmaceutical giant Novo Nordisk, the world's largest producer of insulin, disclosed a data breach affecting patient information from some clinical trials.
Oracle is warning about a critical PeopleSoft Suite zero-day vulnerability tracked as CVE-2026-35273 that allows unauthenticated remote code execution, with the flaw actively exploited in ShinyHunter data theft attacks.
The Personal Information Protection Commission (PIPC), South Korea's data protection regulator, has fined e-commerce giant Coupang a record 624.6 billion won (roughly $409 million) following a massive data breach affecting more than 37…
Topics
215 entries
Cybersecurity briefings on breaches, exploited vulnerabilities, ransomware, incident response, and systemic security failures.
38 entries
Privacy briefings on data misuse, tracking changes, surveillance harms, regulator action, and data rights enforcement.
71 entries
AI risk briefings on model misuse, deployment failures, safety regressions, governance gaps, and synthetic-media harms.
22 entries
Governance briefings on enforcement, standards, court action, regulator opinions, institutional accountability, and policy shifts.
7 entries
Infrastructure briefings on cloud, telecoms, public systems, network edge, and critical infrastructure risk developments.
3 entries
Surveillance briefings on biometrics, monitoring systems, identity correlation, tracking technology, and public or private observation systems.