Roger A. Grimes
@rogeragrimes.bsky.social
Computer security geek who's life's work mission is to make the Internet a far safer place to compute
Pretty wild attack. 0-click ads are posted on websites you frequently visit and are sent to you (and only you). If your phone views the ad...you do nothing else, your phone is completely compromised. And it's "legal"!!??
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Predator spyware uses new infection vector for zero-click attacks
The Predator spyware from surveillance company Intellexa has been using a zero-click infection mechanism dubbed "Aladdin" that compromised specific targets when simply viewing a malicious advertisemen...
www.bleepingcomputer.com
December 7, 2025 at 3:54 PM
Pretty wild attack. 0-click ads are posted on websites you frequently visit and are sent to you (and only you). If your phone views the ad...you do nothing else, your phone is completely compromised. And it's "legal"!!??
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Wisconsin and Michigan have a proposed law, intended to prevent minors from accessing porn sites that prevents ALL citizens from using VPNs to connect to such sites. Outlawing adults from using VPNs, huh? It will be interesting to see if those laws pass with the same language.
December 6, 2025 at 12:26 PM
Wisconsin and Michigan have a proposed law, intended to prevent minors from accessing porn sites that prevents ALL citizens from using VPNs to connect to such sites. Outlawing adults from using VPNs, huh? It will be interesting to see if those laws pass with the same language.
KB4-CON 2026 in Orlando May 12-14, 2026
*World-class cybersecurity speakers
*Deep dives into current security threats
*$199 Dec. 1-15th price, use CYBERMONDAY at checkout
*Event link: www.knowbe4.com/kb4-con
Registration link: knowbe4.cventevents.com/DOGrGb?RefId...
*World-class cybersecurity speakers
*Deep dives into current security threats
*$199 Dec. 1-15th price, use CYBERMONDAY at checkout
*Event link: www.knowbe4.com/kb4-con
Registration link: knowbe4.cventevents.com/DOGrGb?RefId...
KB4-CON | KnowBe4
Access KB4-CON 2025 keynotes and breakout sessions on-demand until July 8. Register now or log in with your conference credentials for security insights.
www.knowbe4.com
December 5, 2025 at 4:51 PM
KB4-CON 2026 in Orlando May 12-14, 2026
*World-class cybersecurity speakers
*Deep dives into current security threats
*$199 Dec. 1-15th price, use CYBERMONDAY at checkout
*Event link: www.knowbe4.com/kb4-con
Registration link: knowbe4.cventevents.com/DOGrGb?RefId...
*World-class cybersecurity speakers
*Deep dives into current security threats
*$199 Dec. 1-15th price, use CYBERMONDAY at checkout
*Event link: www.knowbe4.com/kb4-con
Registration link: knowbe4.cventevents.com/DOGrGb?RefId...
How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials
Great threat intelligence article regarding a multi-staged phishing campaign. Great details. Great read.
blog.knowbe4.com/the-ghost-in...
Great threat intelligence article regarding a multi-staged phishing campaign. Great details. Great read.
blog.knowbe4.com/the-ghost-in...
The Ghost in the Machine: How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials
Since November 3, 2025, KnowBe4 Threat Labs has been monitoring a highly sophisticated, multi-stage phishing operation that is actively targeting...
blog.knowbe4.com
December 4, 2025 at 3:46 PM
How a Multi-Stage Phishing Campaign Evades Security to Steal Microsoft 365 Credentials
Great threat intelligence article regarding a multi-staged phishing campaign. Great details. Great read.
blog.knowbe4.com/the-ghost-in...
Great threat intelligence article regarding a multi-staged phishing campaign. Great details. Great read.
blog.knowbe4.com/the-ghost-in...
Check out my latest article: Would You Be Prepared if NIST Significantly Moved Up the Q-Day Deadline?
www.linkedin.com/pulse/would-...
www.linkedin.com/pulse/would-...
Would You Be Prepared if NIST Significantly Moved Up the Q-Day Deadline?
The other day, I heard a strong rumor that NIST may be significantly updating the dates they think the world should be prepared for the coming day when quantum computers become sufficiently capable of...
www.linkedin.com
December 4, 2025 at 1:53 PM
Check out my latest article: Would You Be Prepared if NIST Significantly Moved Up the Q-Day Deadline?
www.linkedin.com/pulse/would-...
www.linkedin.com/pulse/would-...
I just heard that NIST will be moving up their Q-Day deadline significantly soon.
December 2, 2025 at 6:00 PM
I just heard that NIST will be moving up their Q-Day deadline significantly soon.
Yeah, Google (AI) not giving me the most accurate information this morning
December 2, 2025 at 3:05 PM
Yeah, Google (AI) not giving me the most accurate information this morning
If you want to hear some innovative thinking you've never heard before, this guy interviewed by Lex Friedman, is the dude. I didn’t understand the first sentence out of his mouth, but then every other thing he said was a jewel to think about.
www.youtube.com/watch?v=Qp0r...
www.youtube.com/watch?v=Qp0r...
Michael Levin: Hidden Reality of Alien Intelligence & Biological Life | Lex Fridman Podcast #486
YouTube video by Lex Fridman
www.youtube.com
December 2, 2025 at 11:13 AM
If you want to hear some innovative thinking you've never heard before, this guy interviewed by Lex Friedman, is the dude. I didn’t understand the first sentence out of his mouth, but then every other thing he said was a jewel to think about.
www.youtube.com/watch?v=Qp0r...
www.youtube.com/watch?v=Qp0r...
This is a pretty cool service. Click on the link below and it will immediately tell you if your computer is exploited by malware and part of a botnet. Real link, not malicious (I know, that's just what a hacker would say)
check.labs.greynoise.io
check.labs.greynoise.io
GreyNoise IP Check
Check if your IP address has been observed by GreyNoise sensors. Instantly detect malicious activity, compromised devices, and security threats affecting your network.
check.labs.greynoise.io
December 1, 2025 at 6:18 PM
This is a pretty cool service. Click on the link below and it will immediately tell you if your computer is exploited by malware and part of a botnet. Real link, not malicious (I know, that's just what a hacker would say)
check.labs.greynoise.io
check.labs.greynoise.io
Tether Stablecoin Stability Rating Reduced to ‘Weak’ at S&P
Cryptocurrency can't get even its stable coin right. It's not coin and it ain't stable.
www.bloomberg.com/news/article...
Cryptocurrency can't get even its stable coin right. It's not coin and it ain't stable.
www.bloomberg.com/news/article...
Tether Stablecoin Stability Rating Reduced to ‘Weak’ at S&P
The ability of Tether’s USDT stablecoin to maintain its peg to the US dollar has been downgraded to the lowest rating by S&P Global Ratings, which warned that a drop in Bitcoin’s value could leave...
www.bloomberg.com
November 27, 2025 at 1:26 PM
Tether Stablecoin Stability Rating Reduced to ‘Weak’ at S&P
Cryptocurrency can't get even its stable coin right. It's not coin and it ain't stable.
www.bloomberg.com/news/article...
Cryptocurrency can't get even its stable coin right. It's not coin and it ain't stable.
www.bloomberg.com/news/article...
Researchers have developed a new AI model that allows autonomous drones, subs and satellites to adapt to unexpected mission changes to take charge of their own planning.
I hope they have a thorough understanding of what happened to Skynet on Aug29, 1997
www.turing.ac.uk/news/new-ai-...
I hope they have a thorough understanding of what happened to Skynet on Aug29, 1997
www.turing.ac.uk/news/new-ai-...
www.turing.ac.uk
November 27, 2025 at 11:14 AM
Researchers have developed a new AI model that allows autonomous drones, subs and satellites to adapt to unexpected mission changes to take charge of their own planning.
I hope they have a thorough understanding of what happened to Skynet on Aug29, 1997
www.turing.ac.uk/news/new-ai-...
I hope they have a thorough understanding of what happened to Skynet on Aug29, 1997
www.turing.ac.uk/news/new-ai-...
Check out my latest article: I’m Wary of Fear Being Used To Prevent AI Safety
www.linkedin.com/pulse/im-war...
www.linkedin.com/pulse/im-war...
I’m Wary of Fear Being Used To Prevent AI Safety
We all know that AI, left completely unregulated, will likely do some bad things, some intended, some unintended. So, it makes sense to have some sort of legislative regulation and guardrails.
www.linkedin.com
November 25, 2025 at 1:28 PM
Check out my latest article: I’m Wary of Fear Being Used To Prevent AI Safety
www.linkedin.com/pulse/im-war...
www.linkedin.com/pulse/im-war...
Be aware of the world's richest man becoming richer at the same time he is desperately trying to convince you that buying more of his expensive products will set you free from worrying about money or your health. If money were going to become worthless, why is he trying to hoard so much of it??
November 25, 2025 at 1:22 PM
Be aware of the world's richest man becoming richer at the same time he is desperately trying to convince you that buying more of his expensive products will set you free from worrying about money or your health. If money were going to become worthless, why is he trying to hoard so much of it??
If half all human-to-human communication is non-verbal, how is an AI ever going to be more human-like anytime soon? Is someone working on that or have the decided to skip the human-like part?
November 24, 2025 at 6:22 PM
If half all human-to-human communication is non-verbal, how is an AI ever going to be more human-like anytime soon? Is someone working on that or have the decided to skip the human-like part?
FCC rolls back cybersecurity requirements put in place after Chinese telecom hack.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chine...
www.bleepingcomputer.com
November 24, 2025 at 1:37 PM
FCC rolls back cybersecurity requirements put in place after Chinese telecom hack.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
I know I'm the willing doing it and by buying it, it's just capitalism at work, but Domino's charging $25 for a 12" thin crust pizza with 4 ingredients is insane. It's been this way since COVID and it's not coming down. I'm over it! Adios Dominos!!
November 23, 2025 at 3:32 PM
I know I'm the willing doing it and by buying it, it's just capitalism at work, but Domino's charging $25 for a 12" thin crust pizza with 4 ingredients is insane. It's been this way since COVID and it's not coming down. I'm over it! Adios Dominos!!
Rogue MCP servers can take over Cursor’s built-in browser
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Rogue MCP servers can take over Cursor’s built-in browser
A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
www.csoonline.com
November 17, 2025 at 4:46 AM
Rogue MCP servers can take over Cursor’s built-in browser
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Check out my latest article: Improving Quantum Attacks to Reach Q-Day Sooner
www.linkedin.com/pulse/improv...
www.linkedin.com/pulse/improv...
Improving Quantum Attacks to Reach Q-Day Sooner
There are lots of avenues to reaching Q-Day sooner than the US government talks about. Ever since Peter Shor released his algorithm in 1994, the world has been waiting for the day when sufficiently-ca...
www.linkedin.com
November 17, 2025 at 2:35 AM
Check out my latest article: Improving Quantum Attacks to Reach Q-Day Sooner
www.linkedin.com/pulse/improv...
www.linkedin.com/pulse/improv...
Apple is now giving $2M rewards for finding the most impactful vulns, + other cool stuff like "Target flags" that, if you find prove you have hacked Apple products, and you get the reward right away and fuss over the details later. Very, very cool.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research - Apple Security Research
Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards — up to $2 million and a maximum payout in excess of $5 million — expanded research ca...
security.apple.com
November 16, 2025 at 6:00 PM
Apple is now giving $2M rewards for finding the most impactful vulns, + other cool stuff like "Target flags" that, if you find prove you have hacked Apple products, and you get the reward right away and fuss over the details later. Very, very cool.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
Russian nation-state hacker sought by Microsoft arrested when visiting Thailand
www.cnn.com/2025/11/15/a...
www.cnn.com/2025/11/15/a...
Russian alleged cyber-hacker faces extradition to US after arrest in Thailand | CNN
A Russian man wanted for extradition by the United States over cyber-crime allegations has been arrested on the Thai holiday island of Phuket, local police said Friday.
www.cnn.com
November 15, 2025 at 1:45 PM
Russian nation-state hacker sought by Microsoft arrested when visiting Thailand
www.cnn.com/2025/11/15/a...
www.cnn.com/2025/11/15/a...
Google Sues to Disrupt Chinese SMS Phishing Triad – Brian Krebs
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
Google Sues to Disrupt Chinese SMS Phishing Triad
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast o...
krebsonsecurity.com
November 14, 2025 at 8:38 PM
Google Sues to Disrupt Chinese SMS Phishing Triad – Brian Krebs
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments