Espresso

Sign in Subscribe

Cybersecurity

Billion-iPhone Backdoor: One Image File Hijacks Every iOS Device Ever Sold

Billion-iPhone Backdoor: One Image File Hijacks Every iOS Device Ever Sold

TL;DR * Apple Patch CVE-2026-20700 to Fix Memory Corruption Zero-Day Exploited Since December 2025 * Lazarus Group Poisons npm and PyPI with Malicious Packages Targeting Blockchain Exchanges 🍏 CVE-2026-20700: Apple’s dyld 0-day left 58% of U.S. iPhones open for 2-month spy fest 42% of iPhones patched in 24h—wow, Apple

Zero-Byte PNG Steals 1TB of Secrets — While 37 Governments Still Use WinRAR: A Global Cyber Farce

Zero-Byte PNG Steals 1TB of Secrets — While 37 Governments Still Use WinRAR: A Global Cyber Farce

TL;DR * State-Sponsored Threat Group 'Shadow Campaigns' Compromised 70+ Government Entities Across 37 Countries * Google Complies with ICE Subpoena Demanding Data on Student Activist Amandla Thomas-Johnson 🤯 1TB Stolen via Zero-Byte PNG: Shadow Campaigns Breaches 37 Nations Using CVEs Even Patched in 2019 200+ malicious IPs. 1TB of diplomatic

45,000 Developers Pwned — Notepad++ Update Server Hijacked by APT28 to Drop Rust Backdoors

45,000 Developers Pwned — Notepad++ Update Server Hijacked by APT28 to Drop Rust Backdoors

TL;DR * Notepad++ Supply Chain Attack Delivers Malware via Malicious Update * Prometei Russian Botnet Infects Windows Servers via Default RDP Credentials * Flipper Zero Security Tool Misuse Leads to Legal Consequences 🤯 45,000 Devices Targeted: APT28 Hijacks Notepad++ Update Server to Deploy Rust Backdoors 45,000 DEVELOPERS JUST GOT PWNED BY

OpenClaw Exposed, Substack Leaked, FBI Outsmarted — Your Security Is a Performance Art Piece

OpenClaw Exposed, Substack Leaked, FBI Outsmarted — Your Security Is a Performance Art Piece

TL;DR * OpenClaw AI Agent Exposed with CVE-2026-25253 Allowing One-Click RCE and API Takeover * Substack Data Breach Compromises 697,313 User Records * FBI Unable to Access Seized iPhone Due to Lockdown Mode 🚨 OpenClaw RCE Exploit Steals 1.5M API Keys, Exposes 300K+ Public Admin Ports, Forces Global Token Rotation OpenClaw’

China 8B Leak, FPGA Kyber Shield, xAI vs OpenAI

China 8B Leak, FPGA Kyber Shield, xAI vs OpenAI

TL;DR * 8.7 Billion Records of Chinese Individuals and Businesses Leaked via Exposed Elasticsearch Cluster * NTT Architecture Demonstrates Fault Mitigation for Post-Quantum Cryptography on FPGA * OpenAI Accuses xAI of Systematic Evidence Destruction in Antitrust Case * CrowdStrike CRWD Faces Investor Scrutiny Amid AI-Driven Cybersecurity Market Shifts 8.7 Billion Records