PLUS: Navy spy sent to brig for 200 months in brig; Black Axe busted again; Bill aims to crimp ICE apps; and more
Infosec In Brief PLUS: Google’s security outfit Mandiant last week released tools that can crack credentials in 12 hours, in the hope that doing …
Infosec In Brief PLUS: Googles security outfit Mandiant last week released tools that can crack credentials in 12 hours, in the hope that doing so will accelerate the death of an ancient Microsoft se… [+4170 chars]
Activists hacked Iran ’s Badr satellite, briefly broadcasting Reza Pahlavi’s anti-regime protest messages on state TV channels. Anti-regime activists briefly took control of Iran ’s Badr satellite, hijacking state TV to broadcast Crown Prince Reza Pahlavi’s c…
Hacktivists hijacked Iran s state TV to air anti-regime messages and an appeal to protest from Reza Pahlavi
Anti-regime activists briefly took control of Iran s Badr satellite, hijacking state TV to… [+2214 chars]
DEMOCRATS IN FULL PANIC MODE! New DEVASTATING poll drops: Americans TRUST Republicans MORE than Dems on: • Economy & Inflation: +6 points • Tariffs: +2 points • Immigration: +11 points • Border Security: +28 POINTS
Skip to comments.
DEMOCRATS IN FULL PANIC MODE! X ^
| 01/18/2026
| Gunther Eagleman
Posted on 01/18/2026 12:27:11 PM PST by SmokingJoe
DEMOCRATS IN FULL PANIC MODE!
New DEVASTATING poll dro… [+7354 chars]
GootLoader malware uses malformed ZIP files made of hundreds of concatenated archives to evade detection. GootLoader is used by ransomware actors for initial access, then handed off to others. Built to evade detection, it accounted for 11% of bypassing malwar…
GootLoader uses malformed ZIP files to bypass security controls
GootLoader is used by ransomware actors for initial access, then handed off to others. Built to evade detection, it accounted for 11% … [+4491 chars]
2026 got off to a disastrous start for one crypto user, who fell victim to one of the largest social engineering attacks in digital asset history, losing over $282 million in Bitcoin and Litecoin. How Crypto User Fell Victim To $282M Theft According to promi…
2026 got off to a disastrous start for one crypto user, who fell victim to one of the largest social engineering attacks in digital asset history, losing over $282 million in Bitcoin and Litecoin.
H… [+2845 chars]
Explore how major events between were captured on The Independent’s front pages
Your support helps us to tell the story
From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financia… [+5819 chars]
This week's edition of Speed Read kicks off with a stonking supercharged Suzuki GSX-R / GSX 1100 hybrid from Finland, built for flat track racing of all things. We shift gears to profile a svelte Honda CB750 café racer from an award-winning Japanese workshop,…
This week's edition of Speed Read kicks off with a stonking supercharged Suzuki GSX-R / GSX 1100 hybrid from Finland, built for flat track racing of all things. We shift gears to profile a svelte Hon… [+7049 chars]
Three years ago, the Indiana Hoosiers made NCAA history as the first program to clock 700 losses. Today, that very underdog is winning millions of hearts, pulling off the best Cinderella story college football has ever seen.
Three years ago, the Indiana Hoosiers made NCAA history as the first program to clock 700 losses. Today, that very underdog is winning millions of hearts, pulling off the best Cinderella story colleg… [+1863 chars]
Many left-leaning states and cities are trying to protect their residents’ personal information.
By Shalina Chatlani, Stateline.org
As part of its deportation efforts, the Trump administration has ordered states to hand over personal data from voter rolls, drivers license records and programs s… [+7280 chars]
ETH staking absorbs 46.6% of supply, reducing sell pressure as validator exits define volatility risk.
As a result, deposits climbed gradually, with brief accelerations during strong price phases rather than abrupt surges.
Source: Santiment/X
This level of staking removes nearly half of Ethereum [ET… [+1632 chars]
Zack Whittaker reports: On Tuesday, U.K.-based Iranian activist Nariman Gharib tweeted redacted screenshots of a phishing link sent to him via a WhatsApp message. “Do not click on suspicious links,” Gharib warned. The activist, who is following the digital si…
On Tuesday, U.K.-based Iranian activist Nariman Gharib tweeted redacted screenshots of a phishing link sent to him via a WhatsApp message.
Do not click on suspicious links, Gharib warned. The activi… [+694 chars]
Jefferies Global Head of Equity Strategy Christopher Wood said that quantum computing could break Bitcoin sooner rather than later, and that the debate between crypto developers and quantum computing will only be a "long-term positive for gold."
Senior financial strategist Christopher Wood said in the latest issue of the GREED & Fear newsletter that he’s removing the 10% Bitcoin allocation from his recommended portfolio. He justified thi… [+3072 chars]
LONDON — It has been a familiar sight over the past decade: Prince Harry on the steps of a British courthouse for the latest round of his battle with a tabloid newspaper
LONDON It has been a familiar sight over the past decade: Prince Harry on the steps of a British courthouse for the latest round of his battle with a tabloid newspaper.
But if, as expected, he arriv… [+6373 chars]
Hacking India’s largest automaker: Tata Motors
Key Points / Summary
* 2 exposed AWS keys on public-facing websites revealed 70+ TB of sensitive information and infrastructure across hundreds of buckets.
* Pointless AWS key encryption easily defeated.
…
Hacking India’s largest automaker: Tata MotorsKey Points / Summary
* 2 exposed AWS keys on public-facing websites revealed 70+ TB of sensitive information and infrastructure across hundreds of bucke… [+313 chars]
When combined, they can help predict your longevity and health span.
A landmark paper cited more than 7,000 times in the biomedical literature, "The Hallmarks of Aging1
" identified common denominators of the aging process. In my forthcoming book How Not to Age, I di… [+6750 chars]
I'm a 30-year semiconductor veteran who helped put secure chips into credit cards and bring contactless payments into everyday use.
The first time I handed over my credit card to a security lab, it came back to me broken. Not physically damaged, but compromised. In less than 10 minutes, the engineers had discovered my PIN. This h… [+6484 chars]
Some conspiracy-minded fans think Indiana's rapid rise doesn’t pass the smell test. Here’s why.
Indiana football 'cheating' theories, explained: Why Curt Cignetti's dominance is raising eyebrows originally appeared on The Sporting News. Add The Sporting News as a Preferred Source by clicking he… [+6269 chars]
Justin Bons, the founder and CIO of CyberCapital, has laid out a blunt and unsettling view of where Bitcoin could be headed over the next decade. In a detailed note shared on X, Bons noted that Bitcoin is moving toward total collapse within the next seven to …
Justin Bons, the founder and CIO of CyberCapital, has laid out a blunt and unsettling view of where Bitcoin could be headed over the next decade. In a detailed note shared on X, Bons noted that Bitco… [+3226 chars]
This is the Duke of Sussex's third major court battle accusing newspaper groups of unlawful behaviour.
It might feel as though we're back in familiar territory - the Duke of Sussex about to make claims in a London court alleging that newspapers used unlawful methods to gather information.
But in many… [+8260 chars]
None
<p>Session 9B: DNN Attack Surfaces </p><p></p><center data-preserve-html-node="true"><iframe allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share" referrerpolicy="strict-origin-when-cross-origin" allowfullscreen="" src="https://www.youtube-nocookie.com/embed/Dg4jzCVpu5Y?si=u4Ei961fMNom1yIz" width="560" frameborder="0" data-preserve-html-node="true" title="YouTube video player" height="315"></iframe>
<p></p><center data-preserve-html-node="true">Authors, Creators & Presenters: Yanzuo Chen (The Hong Kong University of Science and Technology), Zhibo Liu (The Hong Kong University of Science and Technology), Yuanyuan Yuan (The Hong Kong University of Science and Technology), Sihang Hu (Huawei Technologies), Tianxiang Li (Huawei Technologies), Shuai Wang (The Hong Kong University of Science and Technology)
<p></p><center data-preserve-html-node="true">PAPER<br>
<center data-preserve-html-node="true">Compiled Models, Built-In Exploits: Uncovering Pervasive Bit-Flip Attack Surfaces in DNN Executables
<p></p><center data-preserve-html-node="true">Recent research has shown that bit-flip attacks (BFAs) can manipulate deep neural networks (DNNs) via DRAM Rowhammer exploitations. For high-level DNN models running on deep learning (DL) frameworks like PyTorch, extensive BFAs have been conducted to flip bits in model weights and shown effective. Defenses have also been proposed to guard model weights. Nevertheless, DNNs are increasingly compiled into DNN executables by DL compilers to leverage hardware primitives. These executables manifest new and distinct computation paradigms; we find existing research failing to accurately capture and expose the attack surface of BFAs on DNN executables. To this end, we launch the first systematic study of BFAs on DNN executables and reveal new attack surfaces neglected or underestimated in previous work. Specifically, prior BFAs in DL frameworks are limited to attacking model weights and assume a strong whitebox attacker with full knowledge of victim model weights, which is unrealistic as weights are often confidential. In contrast, we find that BFAs on DNN executables can achieve high effectiveness by exploiting the model structure (usually stored in the executable code), which only requires knowing the (often public) model structure. Importantly, such structure-based BFAs are pervasive, transferable, and more severe (e.g., single-bit flips lead to successful attacks) in DNN executables; they also slip past existing defenses. To realistically demonstrate the new attack surfaces, we assume a weak and more realistic attacker with no knowledge of victim model weights. We design an automated tool to identify vulnerable bits in victim executables with high confidence (70% compared to the baseline 2%). Launching this tool on DDR4 DRAM, we show that only 1.4 flips on average are needed to fully downgrade the accuracy of victim executables, including quantized models which could require 23× more flips previously, to random guesses. We comprehensively evaluate 16 DNN executables, covering three large-scale DNN models trained on three commonly-used datasets compiled by the two most popular DL compilers. Our finding calls for incorporating security mechanisms in future DNN compilation toolchains.
<p></p><center data-preserve-html-node="true">ABOUT NDSS<br>
<center data-preserve-html-node="true">The Network and Distributed System Security Symposium (NDSS) fosters information exchange among researchers and practitioners of network and distributed system security. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation. A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technologies.
<hr>
<p>Our thanks to the <a href="https://www.ndss-symposium.org/">Network and Distributed System Security (NDSS) Symposium</a> for publishing their Creators, Authors and Presenter’s superb <a href="https://www.youtube.com/@NDSSSymposium">NDSS Symposium 2025 Conference</a> content on the <a href="https://www.ndss-symposium.org/">Organizations’</a> <a href="https://youtube.com/@ndsssymposium?si=lLtn9sVVEwmZ8J9h3">YouTube Channel</a>. </p>
<p></p></center></center></center></center></center></center></center><p><a href="https://www.infosecurity.us/blog/2026/1/18/ndss-2025-compiled-models-built-in-exploits">Permalink</a></p><p>
</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2026/01/ndss-2025-compiled-models-built-in-exploits/" data-a2a-title="NDSS 2025 – Compiled Models, Built-In Exploits"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-compiled-models-built-in-exploits%2F&linkname=NDSS%202025%20%E2%80%93%20Compiled%20Models%2C%20Built-In%20Exploits" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-compiled-models-built-in-exploits%2F&linkname=NDSS%202025%20%E2%80%93%20Compiled%20Models%2C%20Built-In%20Exploits" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-compiled-models-built-in-exploits%2F&linkname=NDSS%202025%20%E2%80%93%20Compiled%20Models%2C%20Built-In%20Exploits" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-compiled-models-built-in-exploits%2F&linkname=NDSS%202025%20%E2%80%93%20Compiled%20Models%2C%20Built-In%20Exploits" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2026%2F01%2Fndss-2025-compiled-models-built-in-exploits%2F&linkname=NDSS%202025%20%E2%80%93%20Compiled%20Models%2C%20Built-In%20Exploits" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://www.infosecurity.us/">Infosecurity.US</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by Marc Handelman">Marc Handelman</a>. Read the original post at: <a href="https://www.youtube-nocookie.com/embed/Dg4jzCVpu5Y?si=u4Ei961fMNom1yIz">https://www.youtube-nocookie.com/embed/Dg4jzCVpu5Y?si=u4Ei961fMNom1yIz</a> </p>
One of my oldest open-source projects - Bob
- has celebrated 15 a couple of months ago.
Bob is a suite of implementations of the Scheme programming language in Python,
including an interpreter, a compiler and a VM. Back then I was doing some hacking
on CPytho…
One of my oldest open-source projects - Bob
- has celebrated 15 a couple of months ago.
Bob is a suite of implementations of the Scheme programming language in Python,
including an interpreter, a com… [+6973 chars]
Do you think you can teach ?Agentic Tutor for students with a text/voice interactions.Try the demo at : https://school.dwani.aibuilt school - ಶಾಲೆ at Agent Olympics Hackathon.24 hours of non stop experiments alongside at Agent Olympics HackathonBuilt with dwa…
Do you think you can teach ?Agentic Tutor for students with a text/voice interactions.
Try the demo at : https://school.dwani.ai
built school - at Agent Olympics Hackathon.
24 hours of non stop ex… [+237 chars]
Interpolation plugin for Polars
interpolars
interpolars is a small Polars plugin that does N-dimensional linear interpolation from a
source grid (your DataFrame) onto an explicit target DataFrame.
It supports:
<ul><li>1D/2D/3D/… [+4939 chars]
Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainia…
UkraineGermany operation targets Black Basta, Russian leader wanted
Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law… [+3040 chars]
Posted by Tom Beecher via NANOG on Jan 17Mike-
Should we hold the consumers responsible for their lack of tech knowhow
So your position here is : Since corporate security folks can't catch
everything, end users shouldn't be held responsible for doing anythi…
nanog
mailing list archives
From: Tom Beecher via NANOG <nanog () lists nanog org>Date: Sat, 17 Jan 2026 13:09:02 -0500
Mike-
Should we hold the consumers responsible for their lack of tech… [+5158 chars]
