Patrick C Miller
@patrickcmiller.bsky.social
Critical Infrastructure & Industrial Security Advisor. Ampyx Cyber CEO. Public speaker. Airport dweller. Recovering regulator. BEERISAC member. CCI US Coordinator. Former SANS Instructor.
#ICS #OT #NERCCIP #NIST #IEC62443 #NIS2 #CRA #SlavaUkraini
#ICS #OT #NERCCIP #NIST #IEC62443 #NIS2 #CRA #SlavaUkraini
Pinned
"The more advanced the automated system, the more crucial the contribution of the human operator..." The Automation Paradox
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens thehackernews.com/2025/11/todd...
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens
ToddyCat upgrades tools like TCSectorCopy and TomBerBil to steal corporate email and browser data, targeting Outlook and Microsoft 365 defenses.
thehackernews.com
November 26, 2025 at 10:42 AM
ToddyCat’s New Hacking Tools Steal Outlook Emails and Microsoft 365 Access Tokens thehackernews.com/2025/11/todd...
New Shai-Hulud worm spreading through npm, GitHub www.csoonline.com/article/4095...
New Shai-Hulud worm spreading through npm, GitHub
The latest version also executes malicious code during the preinstall phase, and is bigger and faster than the first wave, say researchers.
www.csoonline.com
November 26, 2025 at 10:12 AM
New Shai-Hulud worm spreading through npm, GitHub www.csoonline.com/article/4095...
Russian-linked Malware Campaign Hides in Blender 3D Files www.infosecurity-magazine.com/news/russian...
Russian-linked Malware Campaign Hides in Blender 3D Files
Morphisec has observed a new operation embedding StealC V2 malware in Blender project files, targeting users via 3D assets and launching a multi-stage infection chain
www.infosecurity-magazine.com
November 26, 2025 at 9:42 AM
Russian-linked Malware Campaign Hides in Blender 3D Files www.infosecurity-magazine.com/news/russian...
The slow rise of SBOMs meets the rapid advance of AI cyberscoop.com/sbom-adoptio...
The slow rise of SBOMs meets the rapid advance of AI
Despite progress from CISA and global regulators, SBOM adoption in the private sector remains slow as experts debate if AI-driven coding will improve or undermine software security and transparency.
cyberscoop.com
November 26, 2025 at 9:12 AM
The slow rise of SBOMs meets the rapid advance of AI cyberscoop.com/sbom-adoptio...
Attackers deliver ShadowPad via newly patched WSUS RCE bug securityaffairs.com/185007/malwa...
Attackers deliver ShadowPad via newly patched WSUS RCE bug
Attackers exploited a patched WSUS flaw (CVE-2025-59287) to gain access, use PowerCat for a shell, and deploy the ShadowPad malware.
securityaffairs.com
November 26, 2025 at 8:42 AM
Attackers deliver ShadowPad via newly patched WSUS RCE bug securityaffairs.com/185007/malwa...
Smishing Triad Impersonation Campaigns Expand Globally www.infosecurity-magazine.com/news/smishin...
Smishing Triad Impersonation Campaigns Expand Globally
A cluster of fraudulent domains impersonating Egyptian providers have been identified linked to Smishing Triad operations
www.infosecurity-magazine.com
November 26, 2025 at 8:12 AM
Smishing Triad Impersonation Campaigns Expand Globally www.infosecurity-magazine.com/news/smishin...
Shai-Hulud worm returns stronger and more automated than ever before cyberscoop.com/supply-chain...
Shai-Hulud worm returns stronger and more automated than ever before
Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours.
cyberscoop.com
November 26, 2025 at 7:42 AM
Shai-Hulud worm returns stronger and more automated than ever before cyberscoop.com/supply-chain...
Hackers steal sensitive data from major banking industry vendor www.cybersecuritydive.com/news/bank-ve...
Hackers steal sensitive data from major banking industry vendor
The incident highlights how supply-chain compromises threaten even well-defended industries.
www.cybersecuritydive.com
November 26, 2025 at 7:12 AM
Hackers steal sensitive data from major banking industry vendor www.cybersecuritydive.com/news/bank-ve...
Invisible battles: How cybersecurity work erodes mental health in silence and what we can do about it
Invisible battles: How cybersecurity work erodes mental health
Cyber pros are burning out in the shadows, proving you can’t secure the business if you don’t take care of the humans behind the screens.
www.csoonline.com
November 26, 2025 at 6:42 AM
Invisible battles: How cybersecurity work erodes mental health in silence and what we can do about it
Get ready for 2026, the year of AI-aided ransomware www.theregister.com/2025/11/25/t...
Get ready for 2026, the year of AI-aided ransomware
: State-backed crews are already poking at autonomous tools, Trend Micro warns
www.theregister.com
November 26, 2025 at 6:12 AM
Get ready for 2026, the year of AI-aided ransomware www.theregister.com/2025/11/25/t...
About This Account reveals the scale of X’s foreign troll problem www.theverge.com/news/827298/...
About This Account reveals the scale of X’s foreign troll problem
X’s About This Account reveals the scale of its foreign troll problem, confirming that many MAGA accounts aren’t actually American.
www.theverge.com
November 26, 2025 at 5:42 AM
About This Account reveals the scale of X’s foreign troll problem www.theverge.com/news/827298/...
When Another Company’s Crisis Hurts Your Reputation hbr.org/2025/11/when...
When Another Company’s Crisis Hurts Your Reputation
Your company doesn’t have to do anything wrong to get wrapped up in a crisis. When peers face things like product recalls, fraud, or accidents, stakeholders often assume others may be at risk, including...
hbr.org
November 26, 2025 at 5:12 AM
When Another Company’s Crisis Hurts Your Reputation hbr.org/2025/11/when...
Four Ways AI Is Being Used to Strengthen Democracies Worldwide www.schneier.com/blog/archive...
Four Ways AI Is Being Used to Strengthen Democracies Worldwide - Schneier on Security
Democracy is colliding with the technologies of artificial intelligence. Judging from the audience reaction at the recent World Forum on Democracy in Strasbourg, the general expectation is that…
www.schneier.com
November 26, 2025 at 4:42 AM
Four Ways AI Is Being Used to Strengthen Democracies Worldwide www.schneier.com/blog/archive...
$262 million stolen in account takeover fraud schemes this year, FBI says ahead of holiday season
$262 million stolen in account takeover fraud schemes this year, FBI says ahead of holiday season
The law enforcement agency said they have received more than 5,100 complaints about Account Takeover (ATO) fraud since January and have tallied losses exceeding $262 million.
therecord.media
November 26, 2025 at 4:12 AM
$262 million stolen in account takeover fraud schemes this year, FBI says ahead of holiday season
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City www.securityweek.com/russian-hack...
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further.
www.securityweek.com
November 26, 2025 at 3:42 AM
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City www.securityweek.com/russian-hack...
Lifetime access to AI-for-evil WormGPT 4 costs just $220 www.theregister.com/2025/11/25/w...
Lifetime access to WormGPT 4 costs just $220
: 'Ah, I see you're ready to escalate. Let's make digital destruction simple and effective.'
www.theregister.com
November 26, 2025 at 3:12 AM
Lifetime access to AI-for-evil WormGPT 4 costs just $220 www.theregister.com/2025/11/25/w...
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide www.bleepingcomputer.com/news/securit...
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide
Risk management company Crisis24 has confirmed its OnSolve CodeRED platform suffered a cyberattack that disrupted emergency notification systems used by state and local governments, police…
www.bleepingcomputer.com
November 26, 2025 at 2:42 AM
OnSolve CodeRED cyberattack disrupts emergency alert systems nationwide www.bleepingcomputer.com/news/securit...
GPU prices are coming to earth just as RAM costs shoot into the stratosphere arstechnica.com/gadgets/2025...
GPU prices are coming to earth just as RAM costs shoot into the stratosphere
Some RAM kits are over three times as expensive as they were three months ago.
arstechnica.com
November 26, 2025 at 2:12 AM
GPU prices are coming to earth just as RAM costs shoot into the stratosphere arstechnica.com/gadgets/2025...
CISOs Get Real About Hiring in the Age of AI www.darkreading.com/cybersecurit...
CISOs Get Real About Hiring in the Age of AI
Experts help cyber job seekers get noticed; and have a stark conversation about keeping AI from breaking the sector's talent pipeline.
www.darkreading.com
November 26, 2025 at 1:42 AM
CISOs Get Real About Hiring in the Age of AI www.darkreading.com/cybersecurit...
ZTE, China Unicom Liaoning and Dalian Changhai Airport launch 5G-A ISAC private network to elevate low-altitude security and airport safety www.theregister.com/2025/11/25/z...
5G-A ISAC Network Boosts Low-Altitude & Airport Safety
Partner Content: Millimeter-wave ISAC and edge AI create unified sensing-communication capabilities for next-generation low-altitude security
www.theregister.com
November 26, 2025 at 1:12 AM
ZTE, China Unicom Liaoning and Dalian Changhai Airport launch 5G-A ISAC private network to elevate low-altitude security and airport safety www.theregister.com/2025/11/25/z...
JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach www.csoonline.com/article/4095...
JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach
The breach underscores growing third-party cyber risks in financial services, with vendor-related incidents up 15% year-over-year.
www.csoonline.com
November 26, 2025 at 12:42 AM
JPMorgan, Citi, Morgan Stanley assess fallout from SitusAMC data breach www.csoonline.com/article/4095...
Cybersicherheit in kommunalen Verwaltungen | OT Security Made Simple www.listennotes.com/e/6184bfac66...
www.listennotes.com
November 26, 2025 at 12:12 AM
Cybersicherheit in kommunalen Verwaltungen | OT Security Made Simple www.listennotes.com/e/6184bfac66...
New research finds that Claude breaks bad if you teach it to cheat cyberscoop.com/anthropic-cl...
New research finds that Claude breaks bad if you teach it to cheat
A new paper from Anthropic found that teaching Claude how to reward hack coding tasks caused the model to become less honest in other areas.
cyberscoop.com
November 25, 2025 at 11:42 PM
New research finds that Claude breaks bad if you teach it to cheat cyberscoop.com/anthropic-cl...
Clop's Oracle EBS rampage reaches Dartmouth College www.theregister.com/2025/11/25/c...
Clop's Oracle EBS rampage reaches Dartmouth College
: Uni notifies 1,400-plus Maine residents as zero-day fallout continues
www.theregister.com
November 25, 2025 at 11:12 PM
Clop's Oracle EBS rampage reaches Dartmouth College www.theregister.com/2025/11/25/c...
Canon Says Subsidiary Impacted by Oracle EBS Hack www.securityweek.com/canon-says-s...
Canon Says Subsidiary Impacted by Oracle EBS Hack
More than 100 alleged victims of the Oracle EBS campaign have been added to the Cl0p ransomware website.
www.securityweek.com
November 25, 2025 at 10:42 PM
Canon Says Subsidiary Impacted by Oracle EBS Hack www.securityweek.com/canon-says-s...