March 9, 2026

This was famously confirmed in 1914, the year that marked the end of war forever https://t.co/P1jj8UEkY8

— Neil Renic (@NC_Renic) March 9, 2026

I wrote about how LLMs broke CTF competitions over on Mastodon.https://t.co/QgNDeFfMPg

— Hoshino Lina / 星乃リナ 🩵 3D Yuri Wedding 2026!!! (@Lina_Hoshino) March 9, 2026

The Russians were using this same technique against the same targets (Signal and WhatsApps) in Ukraine just last year. https://t.co/JESWcb3I8o

Looks like Dan’s prediction was correct. https://t.co/SElYcw9eoB

— thaddeus e. grugq (@thegrugq) March 9, 2026

Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog

Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.

👀"Russian state hackers are engaged in a large-scale global cyber campaign to gain access to Signal and WhatsApp accounts belonging to dignitaries, military personnel and civil servants," per the Dutch intelligence and security services MIVD and AIVD. https://t.co/PlZlgBhEpQ

— Mike Eckel (@Mike_Eckel) March 9, 2026

Russia targets Signal and WhatsApp accounts in cyber campaign | AIVD

Russian state hackers are engaged in a large-scale global cyber campaign to gain access to Signal and WhatsApp accounts belonging to dignitaries, military personnel and civil servants. The Dutch intelligence and security services MIVD and AIVD can...

I get it. TSCM techniques sound like magic, but many of these techniques have been around for decades.

Like NLJDs (Nonlinear Junction Detectors) that were invented during WW2. It’s basically really tiny radar, which also took off during WW2. NLJDs allow you to detect even a… pic.twitter.com/wk0NnZryr1

— MG (@_MG_) March 8, 2026

Vulhunt is now open-source, this is a game changer: https://t.co/kTLFiaktkV @binarly_io @vulhuntdev

— Rodrigo Branco (@bsdaemon) March 7, 2026

GitHub - vulhunt-re/vulhunt: Vulnerability detection framework by Binarly's REsearch team · GitHub

Vulnerability detection framework by Binarly's REsearch team - vulhunt-re/vulhunt

vulhunt-re/vulhunt (446 stars, C++) Vulnerability detection framework by Binarly's REsearch team

source: Rodrigo Branco (@bsdaemon)

"What you are seeing is not an animation. It is not a reinforcement learning policy mimicking biology. It is a copy of a biological brain, wired neuron-to-neuron from electron microscopy data, running in simulation, making a body move." - what is this, a matrix for flys? https://t.co/zo50oZTuuh

— AIfredo 0rtega (@ortegaalfredo) March 7, 2026

This, from @JohnMooneyIRL, is the best journalism money can buy

The heads of the Kinahan crime family are too smart — too cowardly — to show themselves in public

Through cutting edge tech and deep investigative reporting, the ST and Bellingat found them https://t.co/bTCmQC7F5q

— Gabriel Pogrund (@Gabriel_Pogrund) March 8, 2026

The world is looking for the Kinahan drug lords. We found them

Our investigation has obtained images of Daniel and Christy Kinahan living freely in Dubai despite an international manhunt. Why aren’t they in custody?

At the end of a tumultuous week for national security, we have seen:

- Arrest of three former Labour party staffers accused of spying for China,
- Arrest of four men in North London accused of spying for Iran,
- Escalation of conflict in the Middle East, including drones fired…

— Richard Holmes 🕵🏻‍♂️ (@Richard_AHolmes) March 8, 2026

I refuse to let AI take away the hard earned joy of failing to write for 4 hours, going for a little walk, then failing to write for another 4 hours.

— Neil Renic (@NC_Renic) March 8, 2026

🚨NEW: Iran is recruiting a network of “gig-economy” spies across Europe through Telegram channels offering cash payments for surveillance and potentially violent attacks.

Channels on the messaging platform openly advertise “jobs”, inviting users to “work with Iranian…

— Richard Holmes 🕵🏻‍♂️ (@Richard_AHolmes) March 9, 2026

Iran hires European criminals to work as spies via Telegram bots

Tehran-linked channels advertise paid assignments for surveillance and other tasks, raising concerns about a growing 'gig-economy' espionage model across Europe 

If you are wondering what it takes to get published in phrack click through to the CFP for areas of interest but tl:dr
the requirements are:
offensive security research
10-20pgs deep dive on internals/theory
Proven practical demo and source code snapshot. submissions@phrack.org https://t.co/dwvZcp8g7e

— Richard Johnson (@richinseattle) March 8, 2026

The Luxor's sky beam accidentally created one of the planet's strangest ecosystems.

The 315,000-watt light attracts massive swarms of moths and insects... which attract Brazilian free-tailed bats traveling up to 20 miles from Red Rock Canyon... which attract owls and falcons… pic.twitter.com/0gjQmUA8Fp

— Las Vegas Locally 🌴 (@LasVegasLocally) March 7, 2026

Don't get addicted to drugs you can't afford. https://t.co/n2UUjL9coe

— Kuba Gretzky (@mrgretzky) March 8, 2026

You cannot block anyone from sending you stuff in crypto. Someone can send you ten million hitler NFTs and now they are visibly in your public wallet until you pay thousands of dollars to send them to someone else. Future of finance https://t.co/ZVBkSGg4Tt

— Lukas (computer) 🔺 (@hyperonline) March 8, 2026

This is a real problem for defenders.

I don’t care about “AI powered malware” or “malware that uses AI to make decisions”

An actual thing to be worried about is a threat actor being able to produce 100x more malware, and just say “diversify behaviors and signatures”

Scary… https://t.co/y5M26zhHb4

— Low Level (@LowLevelTweets) March 8, 2026

Brutal numbers for US tech sector jobs released today—overall, employment decreased by 12k last month and is down 57k over the last year

That's now nearly as bad as the worst of the 2024 tech-cession, and significantly worse than either the 2008 or 2020 recessions pic.twitter.com/pjKJ6sv7aZ

— Joey Politano 🏳️‍🌈 (@JosephPolitano) March 6, 2026

#SpyNews - week 10 (March 1-7):
A summary of 82 espionage-related stories from week 10 coming from 🇺🇸🇮🇷🇮🇱🇮🇳🇵🇰🇧🇩🇱🇰🇷🇺🇺🇦🇬🇷🇬🇪🇨🇦🇱🇧🇰🇵🇹🇷🇰🇷🇷🇸🇬🇧🇶🇦🇸🇦🇫🇷🇲🇦🇨🇺🇦🇺🇵🇸🇯🇵🇨🇳🇵🇭🏴󠁧󠁢󠁳󠁣󠁴󠁿🇳🇿🇭🇰🇫🇮🇦🇪🇩🇪🇨🇫🇮🇶🇪🇹🇱🇹🇵🇱🇸🇾🇪🇸🇮🇪🇧🇷🇭🇺 https://t.co/ejDX52esDZ

— Spy Collection (@SpyCollection1) March 8, 2026

Syria’s Kurds are warning their Iranian counterparts not to align with the U.S., saying Washington will eventually betray them and citing their own experience in the last few months as proofhttps://t.co/hX2u2Lm76C

— Maya Gebeily (@GebeilyM) March 8, 2026

Reverse-engineered Coruna - a nation-state iOS exploit kit - from raw JavaScript. 28 modules, 500+ XOR strings decoded, 6,596-line teardown. PAC bypass, JIT cage escape, PACDB hash forgery.https://t.co/M3OMF1BQcyhttps://t.co/FMQ8uipT4r
(technical analysis more interesting, read…

— nad (@Nadsec11) March 6, 2026

Inside Coruna: Reverse Engineering a Nation-State iOS Exploit Kit From JavaScript | NadSec-Online

Deep-dive into Coruna - a nation-state iOS exploit kit reverse-engineered from obfuscated JavaScript. WebKit RCE, PAC bypass, JIT cage escape.

Coruna: Complete Technical Teardown of a State-Grade iOS/macOS Exploit Chain | NadSec-Online

6,596-line reverse engineering of 16 JavaScript modules from Coruna - a state-grade iOS/macOS exploit chain.