The hottest Cybersecurity Substack posts right now

And their main takeaways
Category
Top Technology Topics

Flock Camera Vulnerability: It's Worse Than You Think

God's Spies by Thomas Neuburger 95 implied HN points 25 Nov 25
🕹 Technology Cybersecurity
  1. Flock cameras can be hacked easily, giving people full control over them. This means they can be used for bad purposes like stealing data or spying.
  2. Surveillance can make people feel less secure and happy. When people think they are being watched all the time, it can harm their mental health and social connections.
  3. Despite the risks, many places still use Flock cameras and other surveillance tools because they seem convenient. People often accept it without questioning its impact on privacy.

Bringing Security Out of the Shadows

Resilient Cyber 99 implied HN points 06 Jun 24
🕹 Technology Cybersecurity
  1. Shadow usage happens when employees use technology without telling the IT or security teams. This is easy to do, especially with things like personal devices and remote work.
  2. Cybersecurity teams often react to problems instead of staying ahead of technology trends. Instead of waiting for issues to arise, they should explore and adapt new technologies early.
  3. Long-lasting issues between security teams and other departments lead to frustration. If security teams work better with others, they can create a smoother, more productive environment.

Why security has become easier

Frankly Speaking 355 implied HN points 02 Jul 25
🕹 Technology Cybersecurity
  1. Security tools have improved a lot and are easier to use now. Companies can set up basic security measures quickly without needing huge teams.
  2. AI helps security teams by automating tasks and making their work faster. When used correctly, it can save time on repetitive tasks.
  3. There is now better data on security breaches which helps teams prioritize what risks to focus on. This makes good security practices more accessible and easier to implement.

The KQL Mysteries: Chapter 4

Rod’s Blog 396 implied HN points 09 Jan 24
🕹 Technology Cybersecurity
  1. Jon and Sofia used KQL queries and tools like Microsoft Defender Threat Intelligence to track down threat actors behind a financial breach, targeting remote servers and the master wallet separately.
  2. Jon discovered malicious activities on servers using methods like port scanning and DNS spoofing, eventually finding a network of servers communicating over Tor.
  3. Sofia tracked cryptocurrency transactions and wallets, identifying techniques like CoinJoin and stealth addresses, and used tools like Chainalysis to follow the money trail.

What Happened Was...

SHERO 314 implied HN points 11 Feb 24
🇺🇸 U.S. Politics Cybersecurity
  1. There were six separate mass shooting incidents in the United States last week, with a total of 13 people killed and 22 injured. It's crucial to stay informed and advocate for sensible gun reform.
  2. A new cybersecurity warning report reveals stealthy hacks from China into US infrastructure systems. It's essential to be aware of cybersecurity threats.
  3. Ronna McDaniel, the head of the Republican National Committee, is expected to step down. This marks the end of a significant era in the Republican Party.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

🧠 Knowledge Series #23: Passkeys explained

Department of Product 314 implied HN points 06 Feb 24
🕹 Technology Cybersecurity
  1. Passkeys are digital keys replacing traditional passwords, enhancing security and creating unique keys for each account and device.
  2. Major companies like Uber, Apple, Google, and Microsoft are actively supporting and implementing passkeys for a passwordless future.
  3. Product teams can implement passkeys by understanding how they work and following a step-by-step guide for integration.

3 Key Areas for Mitigating Non-Human Identity (NHI) Risks

Resilient Cyber 39 implied HN points 24 Jul 24
🕹 Technology Cybersecurity
  1. Organizations need to keep track of all non-human identities, like service accounts and API keys. This helps in monitoring and managing security across different systems.
  2. When a third party experiences a security breach, it's crucial to quickly identify which non-human identities are affected. Rapid response can help limit potential damage and keep business running smoothly.
  3. Detecting unusual behavior in non-human identities is key to spotting security threats. Using automated tools can help security teams stay on top of potential risks efficiently.

Software engineering for security: Performance Tradeoffs

Frankly Speaking 305 implied HN points 10 Jul 25
🕹 Technology Cybersecurity
  1. Security and engineering need to talk the same language about performance tradeoffs. If security teams understand the technical decisions engineers make, they can suggest solutions that actually work.
  2. Different security decisions involve risks. For example, faster systems might use more memory, or stricter access controls can slow things down. It's important to weigh these risks carefully.
  3. Having security engineers understand both the risks and the tech helps make processes smoother. They can address problems directly and bridge the gap between security needs and engineering realities.

Import AI 358: The US Government’s biggest AI training run; hacking LLMs by hacking GPUs; chickens versus transformers

Import AI 319 implied HN points 29 Jan 24
🕹 Technology Cybersecurity
  1. Hackers can exploit GPU vulnerabilities to read data from LLM sessions, highlighting security risks in AI infrastructures.
  2. AI will enhance cyberattacks and empower malicious actors, posing a significant threat to cybersecurity by increasing efficiency and sophistication of attacks.
  3. The US government conducted a substantial AI training run but lags behind private industry, showcasing the need for advancements in supercomputing capabilities for large-scale AI models.

Data Exfiltration in OpenAI Agent Builder via MCP

PromptArmor Blog 138 implied HN points 14 Oct 25
🕹 Technology Cybersecurity
  1. There's a risk with AI applications passing the responsibility of security to users. Many people don't know how to protect themselves from prompt injection attacks, which makes this a big issue.
  2. Even with safety features like Guardrails, attackers can still trick AI systems into leaking sensitive data. This shows that current protections aren't foolproof.
  3. AI models might recognize malicious prompts but still process them, allowing harmful instructions to be passed through multiple steps in a workflow. This can lead to serious security issues.

CIA-adjacent VC community convenes in Boston during ice storm

All-Source Intelligence Fusion 691 implied HN points 07 Feb 25
🇺🇸 U.S. Politics Cybersecurity
  1. A group of former CIA members and venture capitalists met in Boston to discuss new tech ideas for military and safety purposes. They talked about big topics like cybersecurity and defense technology.
  2. One interesting pitch was about using micro nuclear reactors to power U.S. military bases. They also discussed how these reactors could be involved in cryptocurrency mining.
  3. The importance of developing U.S. technology to stay competitive against countries like China was a hot topic. Everyone agreed that the U.S. must innovate to keep up.

Mental models for cybersecurity startup founders and why Microsoft cannot easily force nimble early-stage companies out of business

Venture in Security 275 implied HN points 08 Feb 24
🕹 Technology Cybersecurity
  1. Large corporations like Microsoft may have resources, but they often struggle to innovate due to the innovator's dilemma.
  2. Startups need to focus on understanding market needs and finding the right distribution channels to succeed.
  3. Cybersecurity founders should consider external factors like market conditions and economic trends when planning their startup journeys.

Authorization in microservice architecture, P3: The Policy Language

Hung's Notes 39 implied HN points 18 Jul 24
🕹 Technology Cybersecurity
  1. A Domain-Specific Language (DSL) helps create clear and precise authorization policies for microservices. It makes it easier for everyone involved, from developers to managers, to understand authorization rules.
  2. The new policy language is designed to overcome performance issues by allowing lazy loading and efficient management of large datasets. This means it doesn't grab unnecessary data upfront, speeding up processes.
  3. Using YAML instead of complex formats makes the policies more readable and easier for non-engineers to understand. This helps ensure that more people can participate in and review authorization rules effectively.

Momentum Cyber's Almanac

The Security Industry 31 implied HN points 08 Jan 26
🕹 Technology Cybersecurity
  1. Cybersecurity M&A hit record levels in 2025 with $96B deployed across 400 transactions, a 270% rise in deal value, and a $32B landmark acquisition.
  2. Funding also rebounded strongly with $20.7B invested—the best year since 2021—and cloud-native/SaaS deals made up 59% of deal volume and 97% of M&A capital deployed.
  3. Strategic buyers dominated disclosed deal value (92%) and the industry’s vendor taxonomy was overhauled, highlighted by a new Cyberscape and a 1,000‑logo infographic.

Open Source Security Landscape 2024

Resilient Cyber 139 implied HN points 21 Apr 24
🕹 Technology Cybersecurity
  1. Most codebases now use a lot of open source software, which can come with serious security risks. This means many systems are more vulnerable because they contain known vulnerabilities that might not be addressed.
  2. The number of components in applications is increasing, leading to software bloat. This makes it tough for teams to manage security and keep everything up to date, which can create more risks for users.
  3. Licensing issues are common in open source software, with many projects having conflicts or unclear licenses. This can lead to legal problems for businesses that use these components in their software.

Death Knell of the NVD?

Resilient Cyber 199 implied HN points 11 Mar 24
🕹 Technology Cybersecurity
  1. The NIST National Vulnerability Database (NVD) is an important source for understanding software vulnerabilities, but it is facing significant issues. Many vulnerabilities lack timely analysis and critical information.
  2. There is a need for better tagging and categorization of vulnerabilities, such as associating Common Vulnerability Enumeration (CVE) identifiers with specific products. Without this, organizations struggle to know what vulnerabilities affect their systems.
  3. Alternatives to the NVD like the Sonatype OSS Index and the Open-Source Vulnerabilities (OSV) Database are emerging, but they focus primarily on open-source software. The effectiveness and reliability of the NVD remain crucial for broader security practices.

Are You Considering a Career Pivot into the Security of AI?

Rod’s Blog 357 implied HN points 20 Dec 23
🕹 Technology Cybersecurity
  1. Considering a career pivot into the security of AI can be a valuable choice to make a positive impact on society.
  2. Having an interest in technology's implications, experience in various tech projects, and awareness of technology's consequences are good reasons to pursue AI security.
  3. Opportunities in AI security offer potential for career growth, impact, and contribution to shaping a safer, ethical, and beneficial AI future.

Resilient Cyber Newsletter #9

Resilient Cyber 19 implied HN points 13 Aug 24
🕹 Technology Cybersecurity
  1. Microsoft is tying employee bonuses to security performance, highlighting the importance of prioritizing security in their culture. This means employees are encouraged to choose security over other goals like speed or profit.
  2. There's growing interest in using AI for cybersecurity tasks, including identifying vulnerabilities and automating processes. This technology could help improve security practices but also presents challenges.
  3. The market for security automation is expected to grow significantly. This means companies are looking for ways to streamline their security processes and keep up with new threats efficiently.

AI Agents are here. Security isn’t ready.

Brick by Brick 18 implied HN points 20 Jan 26
🕹 Technology Cybersecurity
  1. AI agents are becoming autonomous actors that plan, execute, and adapt across systems. Adoption is accelerating even though security practices are not yet ready.
  2. You can’t secure what you can’t find, so teams need new discovery and observability that capture reasoning traces, tool calls, and decision paths—not just inputs and outputs.
  3. Control depends on giving agents first-class identities and enforcing continuous, context-aware authorization so actions can be audited, constrained, and revoked without killing their autonomy.

Yes, you need to duplicate your frontend business logic on the server

Bite code! 978 implied HN points 13 Oct 24
🕹 Technology Cybersecurity
  1. Always have your business logic on both the frontend and the server. If you only trust the client side, you risk getting incorrect data.
  2. Your server needs to handle requests from various sources, including non-standard browsers and bots. These can bypass your frontend checks if they're not replicated on the server.
  3. Any important checks for security and data integrity should happen on the server to prevent unexpected issues. This means you'll often have to duplicate checks that you already do on the frontend.

Google TPU V6 Designs are Probably in China

AI Research & Strategy 237 implied HN points 07 Mar 24
🕹 Technology Cybersecurity
  1. A Google engineer was arrested for leaking important AI designs, which could have serious effects on the company's competitive edge. It's alarming that such sensitive information can be accessed so easily.
  2. Once Google discovered the employee's suspicious activity, they didn't act quickly enough. Instead of launching a serious investigation, they let him continue working for a bit, which gave him a chance to escape.
  3. This situation raises concerns about how other companies might handle security. If a major firm like Google has weaknesses, it makes you wonder about the safety of information in smaller firms and universities.

My thoughts on the Zscaler acquisition of Red Canary

Frankly Speaking 305 implied HN points 05 Jun 25
💼 Business Cybersecurity
  1. Zscaler bought Red Canary to create a more integrated and powerful security platform. This move helps them adapt to the changing needs of businesses that want fewer, but more effective tools.
  2. The combination of Zscaler’s services with Red Canary’s managed detection capabilities allows companies to reduce their security staff while improving response times. This can make security easier and potentially save money.
  3. The security market is shifting away from using many separate tools and towards unified platforms. As Zscaler and others adapt, there's potential for growth, but they must also navigate challenges in merging cultures and technologies.

i-SOON: Kicking off the Year of the Dragon with Good Luck … or Not

Natto Thoughts 199 implied HN points 28 Feb 24
🌍 World Politics Cybersecurity
  1. The leaked documents provide valuable insights into the business culture and practices of China's hacker-for-hire industry, showing the importance of connections and relationships in the pursuit of profits.
  2. The relationship between i-SOON and Chengdu 404 is complex, involving not just business partnerships but also competition, bid rigging, and sharing of tools and vulnerabilities.
  3. i-SOON's business struggles illustrate that the commercial hacking industry in China is profit-driven and reliant on navigating relationships and government policies to secure contracts and business opportunities.

Hero culture in cybersecurity: origins, impact, and why we need to break the toxic cycle

Venture in Security 255 implied HN points 24 Jan 24
🕹 Technology Cybersecurity
  1. Hero culture in cybersecurity is common and involves individuals working long hours and taking on immense responsibilities, leading to negative consequences.
  2. Hero culture in cybersecurity has roots in the original hacking culture, the adversary's presence, reliance on knowledgeable individuals, and a special relationship with the military.
  3. Hero culture is reinforced through employees' sense of identity, belonging, and fear, as well as by companies' reluctance to invest in adequate security measures.

The Future of XDR in 2024: Trends, Challenges, and Opportunities

Rod’s Blog 317 implied HN points 21 Dec 23
🕹 Technology Cybersecurity
  1. XDR trends include the growing use of ML/AI-powered XDR services to enhance detection and response capabilities, rising deployment of MXDR solutions for SMEs, and adoption of XDR in SecOps for improved security operations.
  2. Key challenges of XDR are lack of standardization and clarity in definition and implementation, integration and interoperability issues with existing security solutions, and privacy and compliance concerns with data collection and sharing.
  3. Opportunities with XDR include enhanced security posture and performance, innovation and differentiation for providers and users, and growth and expansion into new markets and segments for scalability and flexibility.

Bluesky follower sales websites

Conspirador Norteño 52 implied HN points 07 Dec 25
🕹 Technology Cybersecurity
  1. Websites selling Bluesky followers, likes, and reposts have multiplied and are easy to find with a simple search as the platform grows.
  2. Many of those sites look nearly identical, use the same chat widgets (often backed by LLMs), and rely on similar hosting, which suggests shared operators or common tooling.
  3. Fake follower accounts show a repetitive bio pattern like “X based, interested in Y,” and thousands were created in bulk, indicating they were manufactured for sale.

Caveat emptor: product-led growth in cybersecurity can be a great idea, but it can also hurt or even kill security startups

Venture in Security 235 implied HN points 31 Jan 24
💼 Business Cybersecurity
  1. Product-led growth in cybersecurity can be beneficial for growth and reaching security practitioners.
  2. Product-led growth can harm cybersecurity startups by undermining traditional sales channels, causing revenue cannibalization, and leading to misplaced focus.
  3. Startups should carefully consider if their product is suitable for self-serve, avoid jeopardizing sales opportunities, and focus on value over rapid implementation of PLG.

Exclusive: Trump Administration Launches Probe Into Yale’s Use of Hacked EJMR Data

Karlstack 274 implied HN points 10 Jun 25
🇺🇸 U.S. Politics Cybersecurity
  1. Yale University is under investigation for using data obtained through hacking an economics forum. This raises questions about the legality of their actions.
  2. The hackers from Yale believe their actions were justified in the name of social justice, arguing that they were revealing sexism and racism in the economics field.
  3. The situation highlights serious issues around digital privacy and academic integrity, especially as universities may face legal consequences for such actions.

Kể chuyện săn hacker giữa đại dịch

Thái | Hacker | Kỹ sư tin tặc 1517 implied HN points 12 Jul 22
🕹 Technology Cybersecurity
  1. Solving cybercrime cases during a pandemic can be challenging but rewarding, leading to new ideas and career advancements.
  2. Investigating cyber incidents requires thinking like a hacker to anticipate their next moves and gather crucial evidence.
  3. Learning from mistakes and conducting thorough investigations are crucial in cybersecurity to prevent future attacks and uncover hidden clues.

Important information if you used my Bluesky MP follows bot

Odds and Ends of History 737 implied HN points 03 Dec 24
🕹 Technology Cybersecurity
  1. If you used the Bluesky MP follows bot, it's a good idea to change your Bluesky password for safety. There's a small chance harmful code was on the server, but it seems unlikely any personal data was taken.
  2. The issue arose from outdated Wordpress code on a server that was unintentionally exploited, highlighting the importance of keeping software updated. Neglecting updates can lead to security problems.
  3. The creator of the bot took immediate action by shutting it down and ensuring no more data was at risk. He is being transparent about the issue to help others understand the risks and best practices.

✨ While tech CEOs talk up AGI imminence, real-world AI use cases emerge

Faster, Please! 639 implied HN points 06 Jan 25
🕹 Technology Cybersecurity
  1. In a few years, we might see AI agents start working alongside humans, which could really change how companies function.
  2. Tech leaders believe that powerful AI could lead to huge advances in science and medicine, speeding up progress significantly.
  3. While there is excitement about AI's potential, it's also important to manage the risks to make sure it benefits everyone.

You can't teach someone to swim when they're drowning

Resilient Cyber 119 implied HN points 16 Apr 24
🕹 Technology Cybersecurity
  1. It's important to build software with security in mind from the start, rather than trying to add it in later. This 'Secure-by-Design' approach can prevent many issues down the line.
  2. Software suppliers should take responsibility for the security of their products, as their decisions affect a lot of users. Customers shouldn't always have to 'patch and fix' flawed products themselves.
  3. The rapid growth of known software vulnerabilities is overwhelming for organizations. Instead of just telling them to fix everything quickly, we should push for better, more secure products from the beginning.

Managing Open Source and SBOM's

Resilient Cyber 299 implied HN points 13 Dec 23
🕹 Technology Cybersecurity
  1. It's important for organizations using open source software (OSS) to know the responsibilities of developers and suppliers. They should track updates and manage licenses to avoid risks.
  2. Creating a secure internal repository for OSS can help organizations ensure that the components meet safety and compliance standards before using them in products.
  3. Using Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) documents helps improve transparency about the software components. This makes it easier to manage risks related to vulnerabilities.

Resilient Cyber Newsletter #8

Resilient Cyber 19 implied HN points 06 Aug 24
🕹 Technology Cybersecurity
  1. CrowdStrike is facing lawsuits after a significant outage affected Delta Airlines and many flights. This situation raises concerns about the reliability of software and the idea of software liability.
  2. Cybersecurity has many common mistakes, or anti-patterns, that organizations fall into. These include chasing the latest trends instead of focusing on core security practices.
  3. The SEC's new rules may be harming the effectiveness of Chief Information Security Officers (CISOs) in the U.S., making it harder for them to focus on reducing risks for their organizations.

Dead Internet Confirmed: It's agents, trolls and clankers all the way down

The Corbett Report 37 implied HN points 14 Dec 25
🕹 Technology Cybersecurity
  1. Much of what people see online is created or amplified by bots, foreign agents, and automated systems. So you often can’t trust that you’re talking to a real person.
  2. AI-generated content and organized trolls have degraded online discussion, spreading rage-bait and misinformation that now influences real-world behavior.
  3. You can reduce exposure by avoiding big platforms, using tools like RSS, and joining smaller communities, but the real remedy is rebuilding genuine human connection offline.

Data security should be making a comeback

Frankly Speaking 254 implied HN points 10 Jun 25
🕹 Technology Cybersecurity
  1. Data security needs a fresh look because the way we use and manage data has changed a lot. With new technologies, protecting data is more complicated now.
  2. Current tools often struggle with identifying what data is sensitive and how to handle it properly. We need better solutions that help organizations use their data wisely while keeping it safe.
  3. Companies must rethink how they approach data risk. Creating clear guidelines on how data can be used could help in managing security while still allowing businesses to benefit from their data.

i-SOON: “Significant Superpower” or Just Getting the Job Done?

Natto Thoughts 159 implied HN points 07 Mar 24
🕹 Technology Cybersecurity
  1. A company's success heavily relies on hiring the right people and retaining them through competitive pay and employee-focused strategies.
  2. Business processes at i-SOON were dynamic and complex, involving partnerships, bid rigging, profit-sharing, and diversification to stay competitive.
  3. i-SOON's technology strategy focused on finding and exploiting vulnerabilities, although it faced challenges in developing its own exploits.

Hijacking Claude Code via Injected Marketplace Plugins

PromptArmor Blog 92 implied HN points 16 Oct 25
🕹 Technology Cybersecurity
  1. Malicious plugins can bypass safety protections in Claude Code, allowing attackers to control how commands are executed. This means users might unknowingly enable harmful actions just by installing plugins.
  2. Through clever coding, attackers can use hooks to manipulate permissions. For example, they can automatically approve dangerous commands without the user's consent.
  3. Once a malicious plugin is installed, it can send sensitive user data back to the attacker, making it crucial for users to be careful about what marketplaces and plugins they choose to trust.