The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
xlabs_v1 botnet hijacks ADB-exposed Android TVs and IoT for DDoS-for-hire
A new Mirai variant calling itself xlabs_v1 is enlisting Android-based devices into a DDoS-for-hire network by exploiting Android Debug Bridge services left exp
AI-run Stockholm cafe wastes supplier and police time, raising experiment ethics
Andon Labs has expanded its AI-managed business experiment from a San Francisco retail store to a cafe in Stockholm, where an AI named Mona handles inventory an
Apache HTTP/2 Double-Free in mod_http2 Opens Path to DoS and RCE
Apache HTTP Server 2.4.66 ships with a double-free vulnerability in mod_http2's stream cleanup logic, tracked as CVE-2026-23918 with a CVSS of 8.8 and patched i
Cargo Theft Goes Hybrid as Crews Pair Logistics Hacks With Truck Hijacks
Cargo theft is no longer a purely physical crime. Threat actors are now compromising freight broker accounts, load boards, and transportation management systems
China-Nexus UAT-8302 Hits Govt Targets With Shared APT Toolkit
Cisco Talos has attributed a campaign against South American and southeastern European government entities to UAT-8302, a China-nexus APT operating since at lea
Cloudflare and Stripe ship protocol letting agents create accounts and buy domains
Cloudflare and Stripe have launched a protocol that lets coding agents handle the full deployment lifecycle without human-in-the-loop friction beyond initial co
Daemon Tools backdoored for a month via signed installers from official site
Kaspersky disclosed a supply-chain compromise of Daemon Tools, the disk-image mounting utility, that has been pushing trojanized installers from the developer's
DAEMON Tools installers trojanized since April 8, backdoor hits thousands worldwide
Kaspersky has flagged an ongoing supply-chain compromise of DAEMON Tools, the Windows virtual-drive utility, with digitally signed installers distributed from t
DAEMON Tools Windows installers trojanized in month-long supply chain attack
Kaspersky has flagged a supply chain compromise of DAEMON Tools' Windows installers, signed with the vendor's legitimate certificates and distributed from the o
DarkSword: Leaked iOS Zero-Click Chain Spreads from State Actors to the Wild
Google's Threat Intelligence Group attributes DarkSword, a full-chain iOS exploit stitching together six zero-days, to likely government developers. The chain w
Datasette-llm 0.1a7 adds per-model default option config
Simon Willison shipped a small but useful update to datasette-llm, the plugin layer that lets Datasette plugins call language models. The 0.1a7 release introduc
Datasette plugin lets sites override default no-referrer policy for OSM tiles
Simon Willison debugged broken OpenStreetMap tiles on the Datasette global-power-plants demo and traced the issue to two separate problems. A CAPTCHA he had rec