AppGuard Critiques AI Hyped Defenses; Expands Its Insider Release for Its Next-Generation Platform
McLean, Virginia, United States, 15th January 2026, CyberNewsWire The post AppGuard Critiques AI Hyped Defenses; Expands its Insider Release for its Next-Generation Platform appeared first on The Security Ledger with Paul F. Roberts.
Aembit Announces Agenda and Speaker Lineup for NHIcon 2026 on Agentic AI Security
Silver Spring, Maryland, 15th January 2026, CyberNewsWire The post Aembit Announces Agenda and Speaker Lineup for NHIcon 2026 on Agentic AI Security appeared first on The Security Ledger with Paul F. Roberts.
New Vulnerability in N8n
This isn’t good: We discovered a critical vulnerability (CVE-2026-21858, CVSS 10.0) in n8n that enables attackers to take over locally deployed instances, impacting an estimated 100,000 servers globally. No official workarounds are available for this vulnerability. Users should upgrade to version...
How to Build a Stateless, Secure, and Asynchronous MCP-Style Protocol for Scalable Agent Workflows
In this tutorial, we build a clean, advanced demonstration of modern MCP design by focusing on three core ideas: stateless communication, strict SDK-level validation, and asynchronous, long-running operations. We implement a minimal MCP-like protocol using structured envelopes, signed requests, and...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the David R. Cheriton School of Computer Science in Waterloo, Ontario, Canada, on January 27, 2026, at 1:30 PM ET. I’m speaking at the Université...
1980s Hacker Manifesto
Forty years ago, The Mentor—Loyd Blankenship—published “The Conscience of a Hacker” in Phrack. You bet your ass we’re all alike… we’ve been spoon-fed baby food at school when we hungered for steak… the bits of meat that you did let slip...
Who Decides Who Doesn’t Deserve Privacy?
Remember the Ashley Madison data breach? That was now more than a decade ago, yet it arguably remains the single most noteworthy data breach of all time. There are many reasons for this accolade, but chief among them is that...
Hexaware Partners with AccuKnox for Cloud Security Services
Menlo Park, USA, 13th January 2026, CyberNewsWire The post Hexaware Partners with AccuKnox for Cloud Security Services appeared first on The Security Ledger with Paul F. Roberts.
Corrupting LLMs Through Weird Generalizations
Fascinating research: Weird Generalization and Inductive Backdoors: New Ways to Corrupt LLMs. AbstractLLMs are useful because they generalize so well. But can you have too much of a good thing? We show that a small amount of finetuning in narrow contexts can...
Palo Alto Crosswalk Signals Had Default Passwords
Palo Alto’s crosswalk signals were hacked last year. Turns out the city never changed the default passwords.
Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia
Menlo Park, India, 6th January 2026, CyberNewsWire The post Connex IT Partners with AccuKnox for Zero Trust CNAPP Security in Southeast Asia appeared first on The Security Ledger with Paul F. Roberts.
Telegram Hosting World’s Largest Darknet Market
Wired is reporting on Chinese darknet markets on Telegram. The ecosystem of marketplaces for Chinese-speaking crypto scammers hosted on the messaging service Telegram have now grown to be bigger than ever before, according to a new analysis from the crypto tracing...
Overview of Content Published in 2025
Here is an overview of content I published in 2025: Blog posts: Update: strings.py Version 0.0.11 Quickpost: Electrical Power & Mining Update: Python Templates Version 0.0.12 Update: cs-decrypt-metadata.py Version?0.0.5 Update: zoneidentifier.exe Version 0.0.2 Update: oledump.py Version 0.0.79 Update: 1768.py Version...
Friday Squid Blogging: Squid Found in Light Fixture
Probably a college prank. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Blog moderation policy.
NEW TECH Q&A: Why Data Bill of Materials (DBOM) Is Surfacing as a Crucial Tool to Secure AI
Enterprises hustling to embed AI across their operations came to an uncomfortable realization in 2025: they lost track of the data powering those systems. Related: The case for SBOM Few paused to map where sensitive data lived or how it … (more…)...
The Definitive 2025 Cyber Rewind & 2026 Roadmap
The Definitive 2025 Cyber Rewind & 2026 Roadmap Back in June 2025, when I stood on the stage at the face-to-face SECON conference, the energy in the room was electric. We shook hands, we debated in the hallways, and we shared...
Unredaction Isn't Hacking
It just wasn't redacted to begin with.
Criminal IP and Palo Alto Networks Cortex XSOAR Integrate to Bring AI-Driven Exposure Intelligence to Automated Incident Response
Torrance, United States / California, 19th December 2025, CyberNewsWire The post Criminal IP and Palo Alto Networks Cortex XSOAR integrate to bring AI-driven exposure intelligence to automated incident response appeared first on The Security Ledger with Paul F. Roberts.
News Alert: INE Expands Partnerships to Scale Hands-On Cyber Training Across Middle East, Asia
CARY, N.C., Dec. 11, 2025, CyberNewswire — INE Security, a global leader in specialized cybersecurity and IT training, today announced continued significant expansion across the Middle East and Asia, capitalizing on major regional learning initiatives. The company’s unique, hands-on … (more…)...
Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation
Securing the Road Ahead: The Intersection of Cybersecurity and Intelligent Transportation Reflecting on the incredible energy from our recent Cybersecurity Seminar at Morgan State University, one thing is clear: the future of transportation is digital, and it must be secure.
SHARED INTEL Q&A: This Is How ‘Edge AI’ Is Forcing a Rethink of Trust, Security and Resilience
A seismic shift in digital systems is underway — and most people are missing it. Related: Edge AI at the chip layer While generative AI demos and LLM hype steal the spotlight, enterprise infrastructure is being quietly re-architected, not from … (more…)...
News Alert: Link11’s Top 5 Cybersecurity Trends Set to Shape European Defense Strategies in 2026
Frankfurt, Dec. 16, 2025, CyberNewswire — Link11, a European provider of web infrastructure security solutions, has released new insights outlining five key cybersecurity developments expected to influence how organizations across Europe prepare for and respond to threats in 2026.… (more…)...
Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026
Frankfurt am Main, Germany, 16th December 2025, CyberNewsWire The post Link11 Identifies Five Cybersecurity Trends Set to Shape European Defense Strategies in 2026 appeared first on The Security Ledger with Paul F. Roberts.
Processing 630 Million More Pwned Passwords, Courtesy of the FBI
The sheer scope of cybercrime can be hard to fathom, even when you live and breathe it every day. It's not just the volume of data, but also the extent to which it replicates across criminal actors seeking to abuse...
We Need a New Type of Cybersecurity Product
I think we in Cybersecurity have largely failed to show its value to the busines over the last decades. And I think we need a completely new type of product to address it. And before you get excited about a...
Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide
Torrance, United States / California, 12th December 2025, CyberNewsWire The post Critical React2Shell Vulnerability (CVE-2025-55182) Analysis: Surge in Attacks Targeting RSC-Enabled Services Worldwide appeared first on The Security Ledger with Paul F. Roberts.
News Alert: INE Sees Surge in Q4 Budget Shifts as Enterprises Embrace Hands-On Training for AI Roles
CARY, N.C., Dec. 11, 2025, CyberNewswire — With 90% of organizations facing critical skills gaps (ISC2) and AI reshaping job roles across cybersecurity, cloud, and IT operations, enterprises are rapidly reallocating L&D budgets toward hands-on training that delivers measurable, real-world...
1inch Named Exclusive Swap Provider at Launch for Ledger Multisig
Road Town, British Virgin Islands, 11th December 2025, CyberNewsWire The post 1inch Named Exclusive Swap Provider at Launch for Ledger Multisig appeared first on The Security Ledger with Paul F. Roberts.