The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Headless services resurge as personal AI agents favor APIs over GUIs
Matt Webb and others are betting that headless services - platforms exposed purely through APIs, MCP, and CLI rather than browser UIs - are poised for a resurge
Inside a Texas Petawatt shot day: stars in a vacuum chamber, then funding cuts
Two floors beneath the University of Texas at Austin sits the Texas Petawatt, one of the most powerful lasers in the country. From 2020 to 2024, the author led
Microsoft rolls back Teams update that bricked desktop client launches
Microsoft reverted a service-side update on Friday after a regression in the Teams desktop client build caching system left users stuck on the loading screen wi
Microsoft ships out-of-band patches after April updates crash Windows Server domain controllers
Microsoft pushed emergency updates across every supported Windows Server release after the April 2026 Patch Tuesday rollout broke core infrastructure. The prima
Nexcorium Mirai Variant Weaponizes TBK DVR Flaw CVE-2024-3721 for DDoS Swarm
A fresh Mirai descendant dubbed Nexcorium is actively enlisting TBK-branded digital video recorders into a DDoS botnet by abusing CVE-2024-3721, a command injec
NIST Drops Severity Scoring for Low-Priority CVEs as Submission Volume Overwhelms NVD
NIST is officially scaling back the National Vulnerability Database. As of April 15, only CVEs that hit specific thresholds — presence in CISA's Known Exploited
Opus 4.7's New Tokenizer Inflates Text Costs ~40% at Same Sticker Price
Simon Willison extended his Claude Token Counter tool to compare token counts across model versions, surfacing a concrete cost implication of Anthropic's update
Opus 4.7's New Tokenizer Inflates Text Costs ~40% Despite Unchanged Pricing
Simon Willison extended his Claude Token Counter to compare token usage across models, surfacing a practical consequence of Opus 4.7's updated tokenizer. Anthro
Phishers abuse Apple account-change alerts to smuggle scams past spam filters
Attackers are weaponizing Apple's own account notification system to deliver callback phishing lures from legitimate Apple infrastructure. By creating an Apple
protobuf.js RCE: unsanitized schema identifiers pipe straight into Function()
A critical remote code execution flaw in protobuf.js, the JavaScript port of Google's Protocol Buffers that pulls roughly 50 million weekly npm downloads, lets
Pulling Datasette Query Results into Google Sheets via importdata and Apps Script
Simon Willison documents three patterns for piping live data from a Datasette instance into Google Sheets. The simplest path is the built-in IMPORTDATA() functi
Sanctioned Grinex Exchange Halts Operations After $13.74M Breach
Grinex, a cryptocurrency exchange already under international sanctions, has suspended operations following a $13.74 million theft. The incident comes amid inte