Lazarus Group uses fake firms to spread malware to the crypto industry The FBI has seized the Blocknovas website, which was part of a campaign to spread malware to crypto developers, linked to North Korean hackers. dig.watch/updates/lazaru… #dwobservatory #dwnews #digwatch

In-memory attention: Accelerating LLMs with analog hardware Large language models (like GPT) generate text one word at a time. To decide the next word, they compare the new input with many past words stored in a short-term “cache.” On today’s GPUs, that cache has to be

Crypto’s biggest risk isn’t exploits—it’s phishing & malware. Old defenses (AV, EDR, MTD, and on-chain analysis) don’t stand a chance. A new security paradigm is needed.

Samsung device users urged to update software due to critical security flaw! Vulnerability – CVE-2025-21043 – could be exploited by an attacker to remotely gain access to devices and install malicious code without the users knowing it. If left unfixed, cyber criminals could

Which feature matters most in a wallet?

Passkey wallets claim superior security, but recent exploits show they’re not immune. What’s really needed are wallet designs compliant with passkey standards by design resilient to these attacks — not just bolted-on patches

Authentication fits Keith Rabois’s formula: fragmented, low NPS, and billions lost to AI-driven fraud. What’s overdue is vertical integration — and a new era of frictionless strong authentication

The paradox of strong authentication: the more secure it is, the more friction it adds. Breaking that tradeoff defines the next standard of trust.

WhatsApp 0-Click Vulnerability Exploited Using Malicious DNG File! The exploit, demonstrated in a proof-of-concept (PoC) shared by the DarkNavyOrg researchers, is initiated by sending a specially crafted malicious (DNG) image file to a victim’s WhatsApp account. As a

🚨 A new Android banking trojan is here: Datzbro. It doesn’t just steal logins—it recreates your screen in real time for full device takeover. Victims? Seniors lured via fake “active trip” groups on Facebook. Details → thehackernews.com/2025/09/new-an…

NEW: 🇰🇵DPRK has begun hiding malware on blockchain. Result, decentralized, immutable malware. Nearly impossible to remove. Research by Mandiant (part of Google Cloud)

LinkedIn post by Gadi Evron about an ongoing attack campaign targeting AI coding agents such as Cursor and Windsurf, through extensions in the Open VSX marketplace linkedin.com/posts/gadievro…

The next step in security isn’t proving identity — it’s cryptographically proving human intent at the moment of action.

🚨 CISA Warns of Android 0-Day Vulnerability Exploited in Attacks Source: cybersecuritynews.com/android-0-day-… CISA has added two critical Android Framework vulnerabilities to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The vulnerabilities

x.com/i/article/1997…

⚠️ ALERT — A critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform. CVE-2025-68613 lets authenticated users execute arbitrary code, enabling full instance takeover, data access, and system-level actions. More than 103k exposed instances are observed

The last thing you see before you leak state secrets to the Kremlin

A provocative claim is circulating in the agent world. A new paper argues that AI agents face a fundamental mathematical barrier that makes reliable performance impossible at scale. Unsurprisingly, much of the industry disagrees, pointing to rapid practical progress and “good

Work with hardcore people on hardcore things.