The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
OpenAI traces the origin of 'goblins' — AI-generated artifact memes
OpenAI published a post titled 'Where the goblins came from,' apparently tracing the lineage of a recurring class of AI-generated visual artifacts that have tak
OpenAI's Codex system prompt bans GPT-5.5 from mentioning goblins
OpenAI's recently open-sourced Codex CLI repository on GitHub includes a base instruction file for GPT-5.5 that twice forbids the model from talking about "gobl
Qinglong scheduler RCE chain mines crypto on exposed Chinese dev servers
Two authentication bypass flaws in Qinglong, a self-hosted task scheduler with strong adoption among Chinese developers, are being chained for remote code execu
Roku's bargain Howdy streaming service hits 1M subs on a diet of older catalog titles
Antenna estimates Roku's Howdy SVOD service has crossed one million subscribers six months after its August launch, with roughly 300,000 sign-ups in the first m
Simon Willison ships LLM 0.32a0 alpha
Simon Willison has tagged a new alpha release of his LLM command-line tool, version 0.32a0. The post is a release marker on his weblog pointing at the in-progre
TeamPCP hits SAP npm packages, exfiltrating dev and CI credentials via GitHub dead-drops
Four official SAP npm packages — @cap-js/sqlite, @cap-js/postgres, @cap-js/db-service, and mbt — were trojanized with a preinstall script that pulls down the Bu
Troy Hunt's tongue-in-cheek 'Robophobia Equality Policy' for AI support bots
Hunt's Weekly Update 501 centers on a satirical 'Robophobia Equality Policy' he drafted for Have I Been Pwned's AI support bot, Bruce. The policy is a parody of
Ukrainian trio arrested for hijacking 610,000 Roblox accounts in $225K scheme
Lviv police arrested three Ukrainian nationals — aged 19, 21, and 22 — for compromising more than 610,000 Roblox accounts between October 2025 and January 2026,
Vect 2.0 Ransomware Functions as a Wiper Due to Broken Crypto Design
Vect 2.0, a ransomware strain currently being tracked by researchers, fails at its core function: it cannot reliably decrypt files even when victims pay. A desi
Webinar pitches automated exposure validation as answer to AI-accelerated attacks
The Hacker News is promoting a webinar centered on automating exposure validation, framing it as a necessary response to attackers who are weaponizing AI to com
Why Zig bans LLM contributions: contributors matter more than code
The Zig project enforces one of the strictest anti-LLM policies in major open source: no AI-generated issues, pull requests, or bug tracker comments, including
WordPress redirect plugin on 70K sites carried dormant backdoor since 2021
Quick Page/Post Redirect, a WordPress utility plugin with over 70,000 installs, has been hiding a backdoor planted five years ago. Researcher Austin Ginder trac