QuSecure + BINARLY just solved the post-quantum puzzle. This partnership delivers: - Automated CBOMs for any binary - NIST-approved quantum algorithms - Streamlined compliance reporting - Faster PQC migration timelines Quantum computing is making current encryption obsolete.

The show is available on all platforms pod.link/1414525622

Our AI Cyber Challenge asked teams to deliver world-changing cyber defense systems to protect critical infrastructure at speed & scale – and they delivered. Congratulations to Team Atlanta for earning the top prize! Trail of Bits won second place, & Theori won third.

Researchers at Defcon just showed they can crack the Securam ProLogic locks used on high-security safes to protect guns, cash, and narcotics in pharmacies. When they told Securam last year, it sent them legal threats—and didn't fix the flaws. wired.com/story/securam-…

Always a good day when the Three Buddy Problem gives you a shout-out for "still doing creative stuff" in offensive security. Big thanks for the mention at Black Hat, and for always keeping the hacker community entertained.

“We’re going to end up in a place where we’re conducting vulnerability warfare”-Heather Adkins - Ꜻ - Spes consilium non est chatting AI at DARPA’s AIxCC stage at DEF CON #defcon33

There better be 2025 tracksuits

🚨 CVE-2025-8088: WinRAR Zero-Day Used to Deploy RomCom Backdoors ESET has identified spearphishing campaigns leveraging malicious RAR attachments to exploit CVE-2025-8088—a WinRAR zero-day vulnerability. This technique delivers RomCom backdoors, attributed to threat actor

Huge appreciation and shout outs to Dug Song for the support to bring Phrack Zine to a physical form. Legends of our industry giving back to the community in big ways!

Phrack #72 release reveals TTPs, backdoors and targets of a Chinese/North Korean state actor mimicking Kimsuky A copy of his workstation data was done and is now available for all researchers to analyse! Article: drive.proton.me/urls/Z5BX5M7PM… Data dump: drive.proton.me/urls/ZQ1235FY7…

Launching now — a new blog for research from Anthropic’s Frontier Red Team and others. > red.anthropic.com We’ll be covering our internal research on cyber, bio, autonomy, national security and more.

Security Testing & Offensive Research at Microsoft (STORM) 👇🏽

Here’s the source code of our #AIxCC winning team Team Atlanta, enjoy! github.com/Team-Atlanta/a… More things TBA

This Three Buddy Problem podcast episode is one of the best analyses I’ve listened to so far. Their assessment of Predatory Sparrow and the ambiguities of assessing cyber campaigns in a messy conflict is something worth your time: podcasts.apple.com/gb/podcast/thr…

This article is really interesting to me: red.anthropic.com/2025/cyber-too… What if the most pressing security problem to solve with LLMs is how to defend against attackers using them to perform relatively repeatable attacks (e.g. install ransomware on low-to-mid defended environments)?

I'm sorry folks, the spec made it clear

Three Buddy Problem - Episode 57: Brandon Dixon (PassiveTotal/RiskIQ, Microsoft) leads a deep-dive on Google’s “Big Sleep” project, XBOW’s HackerOne AI automation hype, and the tension between big tech ownership of critical security tools and the community’s need for open access.