The Wire
Curated cybersecurity and tech news — AI-summarized, source attributed.
Mozilla's Thunderbolt targets enterprises wanting self-hosted AI stacks
Mozilla has entered the enterprise AI space with Thunderbolt, a front-end client designed for organizations that want to run AI infrastructure on their own hard
NGINX MCP Integration Flaw Exposes Servers to Critical Risk
A critical vulnerability in the Model Context Protocol (MCP) integration layer used with NGINX deployments creates an exploitable path into server infrastructur
North Korean Operators Weaponize ClickFix Lure Against macOS Targets
North Korea-linked threat actors have extended the ClickFix social engineering technique to macOS, using fake verification prompts and error dialogs to trick us
OpenAI debuts GPT-Rosalind, a biology-specialized LLM for research workflows
OpenAI has released GPT-Rosalind, a large language model fine-tuned specifically for biological research rather than general scientific work. Named after Rosali
OpenAI pitches Codex as a general-purpose coding agent
OpenAI is positioning Codex as an AI coding assistant intended to handle a broad range of software engineering tasks, expanding beyond narrow code completion in
Orphaned Non-Human Identities: The Silent Attack Surface Hiding in Your Stack
Non-human identities - service accounts, API keys, OAuth tokens, machine credentials - now vastly outnumber human users in most enterprise environments, and a g
PHANTOMPULSE RAT Rides Malicious Obsidian Plugins Into Finance and Crypto Targets
Attackers are weaponizing the plugin ecosystem of Obsidian, the popular note-taking application, to deliver a remote access trojan dubbed PHANTOMPULSE. The camp
PowMix Botnet Targets Czech Workforce With Randomized C2 Traffic Patterns
A newly identified botnet dubbed PowMix is actively infecting systems across Czech enterprises, with researchers flagging the campaign as notable for its comman
Qwen3.6-35B beats Claude Opus 4.7 at Willison's pelican SVG benchmark
Simon Willison's long-running "pelican riding a bicycle" SVG test produced an unexpected result: a 21GB quantized Qwen3.6-35B-A3B model running locally on a Mac
Second Microsoft Defender zero-day PoC drops as researcher protests MSRC treatment
A researcher going by "Chaotic Eclipse" has released a proof-of-concept for "RedSun," a local privilege escalation zero-day in Microsoft Defender that yields SY
Simon Willison uses Claude Artifacts to build a YAML preview tool for Datasette news
The datasette.io news section is driven by a news.yaml file in the project's GitHub repository, where each entry combines a date with a markdown body. Editing r
Taboola Widgets on Banking Sites Leak Authenticated Session Data to Temu
A tracking chain embedded in Taboola's recommendation widgets is forwarding authenticated user signals from banking portals to Temu's ad infrastructure. Logged-