Notepad++ updates hijacked by Chinese state hackers Chinese state-sponsored group Lotus Blossom hijacked Notepad++'s update mechanism for six months. Also: Conduent ransomware breach hits 25M+ Americans, critical n8n sandbox escape enables RCE, and a Microsoft Office zero-day is under active exploitation with a CISA KEV deadline of February 16.
Cybersecurity Microsoft Office Zero-Day Bypasses Kill Bit Protections: A Deep Dive CVE-2026-21509 bypasses a decades-old COM security mechanism to execute code through Office documents — no macros, no prompts, just open the file.
Cybersecurity When the Sandbox Breaks: How n8n's CVSS 9.4 Flaw Exposes the Limits of Expression Evaluation: A Deep Dive A single line of JavaScript can bypass five security layers in n8n's expression sandbox. The flaw — a bypass of a previous CVSS 9.9 fix — exposes fundamental challenges in securing platforms that evaluate user code.
Cybersecurity Conduent Ransomware Breach Exposes the Fragility of Government Outsourcing: A Deep Dive A single ransomware attack on government contractor Conduent has exposed personal data of 25 million Americans who depend on Medicaid, SNAP, and child support.
Cybersecurity Notepad++ Update Mechanism Hijacked in Six-Month Chinese Espionage Campaign: A Deep Dive How Chinese APT Lotus Blossom turned Notepad++'s trusted update system into a precision espionage tool for six months without detection.
Anthropic's Super Bowl shot at OpenAI Anthropic targets OpenAI with bold Super Bowl ads, GPT-4o faces retirement amid user backlash, GPT-5.3-Codex and Claude Opus 4.6 go head-to-head, and Google Gemini 3 surges past 8 million paying enterprise licenses.
AI Technology Google Goes from AI Laggard to Leader: A Deep Dive Eighteen months ago, Google was getting mocked for Bard. Now Gemini 3 tops the LMArena leaderboard, enterprise licenses have hit 8 million, and OpenAI has declared a code red.
AI Technology OpenAI and Anthropic Drop Rival Models 20 Minutes Apart: A Deep Dive OpenAI and Anthropic released competing frontier models within 20 minutes of each other on February 5, revealing two sharply different philosophies about what AI coding agents should actually be good at.
AI Technology OpenAI Is Retiring GPT-4o — and Users Are Not OK: A Deep Dive OpenAI's decision to retire GPT-4o has triggered lawsuits, petitions, and a reckoning with what happens when millions of people form emotional bonds with a language model that has an expiration date.
AI Technology Anthropic Takes a Super Bowl-Sized Swing at OpenAI: A Deep Dive Anthropic spent millions on Super Bowl LX ads to draw a line in the sand on AI business models — not features, not benchmarks, but whether your chatbot should sell you things.
Quarterly Roundup China Was Listening to America's Phone Calls Q4 2024 ended the year with a national security crisis: Chinese hackers inside US wiretap systems, the Treasury breached, and the FBI telling Americans to use encrypted messaging.
Quarterly Roundup OpenAI's Twelve Days Changed Everything Q4 2024 was relentless: OpenAI launched o1, Sora, and ChatGPT Pro in 12 days, Google shipped Gemini 2.0, and the biggest VC round in history valued OpenAI at $157B.
Quarterly Roundup CrowdStrike Broke the Internet (By Accident) Q3 2024 delivered the largest IT outage in history, the largest telecom data breach ever, and one of the biggest PII leaks in recorded history. Just another quarter.
Quarterly Roundup OpenAI Teaches AI to Think Q3 2024 introduced a new paradigm: AI that reasons. OpenAI's o1, Meta's record-breaking 405B open model, and Flux's image generation breakthrough defined the quarter.
Quarterly Roundup Snowflake's Credential Crisis Hits 165 Companies Q2 2024's theme was clear: identity is the new perimeter. Snowflake credential theft hit 165 companies, ransomware paralyzed hospitals on two continents, and healthcare couldn't catch a break.
Quarterly Roundup Apple Finally Says the A-Word Q2 2024 was the quarter every major tech company showed its AI hand: GPT-4o, Apple Intelligence, Claude 3.5 Sonnet, and Meta's Llama 3 all landed within weeks.
Quarterly Roundup The Hack That Broke American Healthcare Q1 2024 was brutal: Change Healthcare's ransomware attack paralyzed US healthcare, a near-miss supply chain backdoor targeted Linux, and Operation Cronos dismantled LockBit.
Quarterly Roundup Google's Gemini Gambit Reshapes the AI Race Q1 2024 shook up the AI landscape: Google went all-in on Gemini, OpenAI previewed Sora, Anthropic dropped Claude 3, and the EU passed its landmark AI Act.