Supabase Security Flaw: 170+ Apps Exposed by Missing RLS
Thousands of Supabase databases are publicly accessible right now. Security researchers have demonstrated mass exploitation at scale, dumping entire databases with simple curl ...
Google-Palo Alto $10B Deal: Circular Cloud Financing Returns
On December 19, 2025, Google Cloud and Palo Alto Networks announced a “landmark” $10 billion ...
NIST AI Cybersecurity Framework: Defense Against Real Threats
NIST released a preliminary draft of the Cybersecurity Framework Profile for Artificial Intelligence on December ...
Going Dark Targets VPNs After EU Chat Control Loss
After losing the Chat Control 2.0 battle on November 26, 2025, the European Commission didn’t ...
Anna’s Archive Backs Up Spotify: 300TB, 86M Tracks
Anna’s Archive dropped 300TB yesterday – a complete backup of Spotify. 86 million tracks. 256 ...
IDEsaster: 30+ CVEs Hit Cursor, GitHub Copilot, All AI IDEs
Every AI coding tool you’re using right now is vulnerable. Security researcher Ari Marzouk just dropped “IDEsaster”—over 30 CVEs affecting Cursor, GitHub Copilot, ...
NIST NTP Outage: Time Infrastructure Fails in Boulder
NIST Boulder time servers went offline Dec 17 after power failure. Backup generator failed. Atomic ...
NIST Cyber AI Profile: CSF 2.0 Guidance for AI Security
NIST released NISTIR 8596 on Dec 17, 2025—the first CSF 2.0 profile for AI security. ...
Mullvad GotaTun Cuts Android VPN Crashes 97% with Rust
Mullvad VPN announced GotaTun yesterday, a Rust-based WireGuard implementation that slashed Android app crashes by ...
React2Shell: CVSS 10.0 RCE Hits Next.js in 30 Hours
On December 3, 2025, React and Vercel disclosed CVE-2025-55182—a CVSS 10.0 remote code execution vulnerability ...
