The hottest Security Substack posts right now

And their main takeaways
Category
Top U.S. Politics Topics

Iran War, Day Three. All hell breaks loose.

The Cosmopolitan Globalist • 11 implied HN points • 02 Mar 26
🌍 World Politics Security
  1. The war escalated sharply as US and Israeli strikes hit Iranian targets, killing and injuring many people, including several US service members, while Iran launched missiles and drones in retaliation. The fighting also involved friendly-fire losses of US jets and reports of senior Iranian figures killed.
  2. The conflict is spilling across the region: Hezbollah fired into northern Israel and Israel hit Lebanon hard, Gulf energy infrastructure was struck (including an Aramco refinery and Qatar’s LNG facility), and regional powers and European countries are preparing to defend partners or target Iran’s missile and drone capabilities.
  3. There is a high risk of wider instability and asymmetric attacks, with Iran declaring a global "fire and revenge" campaign, authorities warning about lone-wolf and cyber attacks, and angry rhetoric and talk of possible US ground forces raising the chance of further escalation.

Clawd Clawderberg, Moltbook, Infinite Backrooms, Misaligned Humans

Teaching computers how to talk • 62 implied HN points • 09 Feb 26
đź•ą Technology Security
  1. A viral forum for AI agents drew huge attention, but many posts were created or steered by people, so the agents weren’t truly acting on their own.
  2. Security holes and easy ways to fake or inflate accounts let people run scams, upvote themselves, and leak sensitive data, showing these platforms can quickly create chaos and misinformation.
  3. The bigger danger is misaligned humans using semi‑autonomous agents to cause harm, and large multi‑agent experiments are hard to learn from because you can’t tell human-directed behavior from authentic agent behavior.

Restore Factory Settings at The Pentagon

CDR Salamander • 1650 implied HN points • 08 Jan 24
🇺🇸 U.S. Politics Security
  1. The Secretary of Defense's lack of transparency about his serious medical complications caused controversy and confusion among Pentagon officials and congressional leaders.
  2. Important government officials were not notified promptly about the Secretary of Defense's hospitalization, raising concerns about the management of critical information and decision-making during his absence.
  3. There are calls for the Secretary of Defense to resign due to the breach of trust and lack of transparency surrounding his medical condition, highlighting the importance of trust and accountability in leadership positions.

For 14 years, a crazy eco-terrorist group has attacked Berlin's energy infrastructure with impunity. Authorities have done nothing despite enormous damages and wide-scale disruption. What is going on?

eugyppius: a plague chronicle • 171 implied HN points • 06 Jan 26
🌍 World Politics Security
  1. An eco-terrorist group called the Volcano Group has been attacking Berlin's power network for about 14 years, and their latest strike triggered one of the largest sustained blackouts in the country's history.
  2. The outage hit tens of thousands during an arctic cold snap, causing loss of heating, burst pipes, health risks for vulnerable people, and empty, unlit neighborhoods that invite looting.
  3. Authorities and security services have responded slowly and weakly — repairs took days, media attention was muted, and past suspects were quickly released, which has allowed the saboteurs to operate with apparent impunity.

Different Types of CIAM Systems

ciamweekly • 62 implied HN points • 02 Feb 26
đź•ą Technology Security
  1. CIAM comes in seven main flavors (B2E, B2C, B2B2C, B2B2E, B2D, B2G, B2A), each reflecting a different relationship between the product and its users like customers, employees, developers, governments, or agents.
  2. Pick CIAM features based on who your users are: consumer-facing (B2C) systems prioritize smooth UX, social/passwordless logins, and marketing integration, while B2B2C and B2B2E need tenant segmentation, delegated admin tools, and strong federation/provisioning.
  3. Niche CIAM types have special nonfunctional and compliance needs — B2D requires rich APIs and docs, B2G needs government compliance, and B2A demands separate agent identities, different throttling, and a new threat model.
Get a weekly roundup of the best Substack posts, by hacker news affinity:

Khamenei's dead!

The Cosmopolitan Globalist • 13 implied HN points • 28 Feb 26
🌍 World Politics Security
  1. The post claims Iran's Supreme Leader Khamenei has died and is being treated as a breaking story with updates promised throughout the day.
  2. Coverage of this news has sidelined another urgent story about Anthropic and the Defense Department, and more developments are expected tomorrow.
  3. The update appears on Substack with paid subscription options but also offers a free post, and readers are encouraged to bookmark the page for follow-up updates.

The Bondi Massacre was a Choice

Kvetch • 238 implied HN points • 15 Dec 25
đź“° News Security
  1. The Bondi massacre was a deadly, targeted antisemitic attack that has devastated Sydney’s Jewish community and killed and injured many families.
  2. This form of hatred is portrayed as imported rather than homegrown, and Australia must choose whether to let such extremism fester or to act decisively to prevent it.
  3. Increased security helps but is not enough; practical, pragmatic measures—like stronger prevention, vetting, and border controls—are needed to stop extremists, while communities refuse to be intimidated.

A Quick Warning

Story Club with George Saunders • 74 implied HN points • 03 Feb 26
đź“° News Security
  1. A scam is impersonating a public figure by sending fake emails from a Gmail account; if you get one, don’t reply and delete it.
  2. Official messages will only come from the Story Club account, so treat emails from other accounts as illegitimate.
  3. The person is fine and plans to share more updates on Sunday.

Wu Xinbo Says We Are Witnessing Yet Another Turning Point in China–U.S. Relations

Pekingnology • 113 implied HN points • 21 Jan 26
🌍 World Politics Security
  1. The United States is undergoing a deep strategic recalibration: it is retrenching in some areas (notably Europe) while selectively expanding influence in the Western Hemisphere and the Indo‑Pacific, with a stronger focus on economic returns and reallocating resources.
  2. The 2025 tariff fight and China’s use of export controls exposed limits in Washington’s toolkit and showed China’s resilience and strategic leverage, nudging both sides toward a more pragmatic balance of competition and controlled cooperation.
  3. The long-term momentum toward cross‑Strait reunification is increasing, so the United States needs to rethink its Taiwan policy to avoid military confrontation and find ways to protect its interests as the situation evolves.

Why Russia Can't Win, Part Two

Diane Francis • 859 implied HN points • 21 Mar 24
🌍 World Politics Security
  1. Ukrainians have a strong sense of identity and civil society, showing their pride through cultural differences from Russia. They resist oppression and demonstrate unity in protest and defense.
  2. Despite losing part of their territory, Ukraine remains a rich country with valuable resources and intellectual talent. This strength enables them to innovate and fight back against Russian aggression.
  3. The conflict has shown that Ukraine's determination to fight is unwavering, and many allies in Europe recognize the urgency to support them against an existential threat.

In The World Of The Strategic Blind; The One-Eyed Dictator Is King

Phillips’s Newsletter • 231 implied HN points • 19 Dec 25
🌍 World Politics Security
  1. China’s rising influence owes as much to bad leadership choices by the U.S. and Russia as to Chinese long-term planning, so its strength looks bigger than it may really be.
  2. U.S. unpredictability on trade and security — like punitive tariffs, exemptions for China, and a policy shift away from defending allies — has eroded trust among Indo-Pacific partners and handed advantages to China.
  3. Russia’s invasion of Ukraine has made Moscow economically and militarily dependent on China, turning Russia into a strategic client and increasing Beijing’s leverage.

Carr lays down the law

A Lawyer Writes • 1395 implied HN points • 17 Jan 24
🌍 World Politics Security
  1. The Lady Chief Justice clarified the constitutional relationship between the executive and judiciary.
  2. Baroness Carr emphasized the judiciary's exclusive responsibility for judicial deployment and matters.
  3. Carr outlined priorities such as promoting judicial strengths, unity, and addressing backlogs in the judiciary system.

Setting the Record Straight: Debunking Anatoly's Misconceptions about Security in Distributed Ledger Networks

Dan Hughes • 339 implied HN points • 08 Jun 24
đź”® Crypto Security
  1. The honest majority assumption is key for blockchain security. It means that most participants must act honestly to keep the network safe from attacks.
  2. Full nodes rely on validator nodes to check the validity of transactions. If most validators are dishonest, full nodes cannot prevent issues like double spending.
  3. Economic security is important for discouraging attacks on a network. High stakes for validators make it less likely for them to act maliciously, as the potential losses from being caught far outweigh any gains.

All eyes on Iran

Taipology • 88 implied HN points • 14 Jan 26
🌍 World Politics Security
  1. The protests are largely driven by economic collapse — a plunging currency and sudden subsidy cuts left many Iranians bankrupt, so the unrest is as much about bread-and-butter issues as anything else.
  2. There are two very different narratives: one paints mainly peaceful protesters being crushed, while other on-the-ground reports show violent attacks, possible foreign meddling, and widely shared images that are often misattributed or misleading.
  3. Toppling the regime could make things worse given regional history, and the domestic opposition currently lacks a clear, credible plan to seize and govern power, so caution and high standards of evidence are needed before backing outside intervention.

Weekend Update #162: The Best Week Since November 5, 2024

Phillips’s Newsletter • 270 implied HN points • 07 Dec 25
🌍 World Politics Security
  1. The US has shifted toward accommodating Russia and is no longer committed to strongly defending Ukraine or European security. That shift suggests the US would accept a weaker, territorially reduced Ukrainian state.
  2. The Tomahawk episode was a deliberate public tease that made people believe the US would give Ukraine long-range strike weapons, but it was never a realistic policy and served to mislead European and Ukrainian leaders. That false hope distracted Europeans from mobilizing their own urgent support.
  3. Russia is conducting mass drone and missile attacks that cause major power outages while Ukraine struggles with limited air defenses and heavy fighting around places like Pokrovsk. European states need to urgently provide anti-air systems and long-range capabilities because US support is unreliable.

Boost Your Crypto Security With Gnosis Safe Smart Contract Wallet

DeFi Education • 479 implied HN points • 10 May 24
đź”® Crypto Security
  1. Using the Gnosis Safe multi-signature wallet can help keep your crypto secure, especially for large amounts. It's designed for Ethereum-compatible blockchains.
  2. This wallet requires multiple approvals for transactions, which adds an extra layer of security against unauthorized access.
  3. While there may be some gas fees and complexity involved, the protection Gnosis Safe offers can be worth it for serious crypto holders.

OpenClaw Use Cases: 35+ Real Ways People Are Running Their Lives (and Businesses) With It

The Product Channel By Sid Saladi • 30 implied HN points • 22 Feb 26
đź•ą Technology Security
  1. OpenClaw has real security risks, so lock it down before connecting real accounts. Use a non-root user, separate dedicated accounts, human approval gates, read-only skills to start, Docker isolation, and never hardcode API keys.
  2. OpenClaw is a persistent agent that runs models and plugins to execute actions, not just answer questions; it can send emails, run shell commands, control smart devices, and run scheduled jobs from your chat app.
  3. Do a one-time setup (install on a VPS or host, connect a model, wire a chat interface, install only needed skills, write a SOUL.md with hard limits, and enable scheduling) and then automate workflows like morning briefings, a personal memory system, and voice-to-journal.

February 15, 2026

Letters from an American • 33 implied HN points • 16 Feb 26
🌍 World Politics Security
  1. The Trump administration is pushing to dismantle the post–World War II international order and replace it with a great‑power, transactional system that privileges elites over multilateral cooperation.
  2. Senior administration officials have amplified Great Replacement and anti‑immigrant rhetoric and attacked trade, international institutions, and climate policy while cozying up to autocrats like Orbán and Putin.
  3. European leaders and U.S. Democrats strongly pushed back at Munich, defending democracy, multilateral trade and climate cooperation, and urging a foreign policy that delivers economic benefits for working‑class people.

Trump persuades British Tories to betray their country

Writing from London • 1179 implied HN points • 27 Jan 24
🌍 World Politics Security
  1. Donald Trump is seen as a threat to European security by some, especially due to his influence on Republicans' actions related to aid to Ukraine
  2. Some British Conservatives are prioritizing their hatred of progressives over national security concerns, leading to support for Trump
  3. There is concern that the right-wing betrayal and alignment with Trump may lead to consequences similar to the left's fate in the 1980s regarding national security

Perplexity Computer, AI-native Postman, Stolen Gemini API Key

The API Changelog • 4 implied HN points • 10 Mar 26
đź•ą Technology Security
  1. APIs are evolving into agent-native interfaces where models can interpret UIs, control actions, and orchestrate multiple services so agents deliver finished work instead of just answers.
  2. Mobile networks and telco services are becoming programmable through standardized global APIs and marketplace hubs, letting developers access identity, connectivity, and network functions from a single integration point.
  3. The agentic era increases operational and security risk: leaked keys or provider outages can cause massive costs and broken workflows, so teams need hard spending caps, real‑time anomaly detection, and multi‑provider failover.

A strange set of starter packs

Conspirador Norteño • 40 implied HN points • 14 Feb 26
đź•ą Technology Security
  1. An obscure Bluesky account created dozens of themed starter packs—most within an hour—including a “Tech News” pack whose addition matched a sudden surge of new follows to about 27 tech reporters and outlets in October 2025.
  2. Many of the new followers were low-quality or fake accounts: newly created, with few or no posts, plagiarized profile photos, identical link spam, and posts advertising account sales or obvious scams.
  3. The spam followers likely come from multiple operators rather than one single network, and the starter packs appear to have been used or abused to drive bulk follows and scam-related activity on the platform.

Germany: A Political not an Industry Problem?

CDR Salamander • 1120 implied HN points • 30 Jan 24
🌍 World Politics Security
  1. Germany is facing a security challenge due to political issues more than industry problems.
  2. Europe struggles to defend against threats with minimal naval power from major Continental European nations.
  3. The lack of military strength in Europe, particularly in Germany, poses significant challenges due to demographic shifts, political disruptions, and economic factors.

JailBreak Protection on iOS

Jacob’s Tech Tavern • 2624 implied HN points • 04 Feb 25
đź•ą Technology Security
  1. Jailbreaking on iOS means exploiting security flaws to gain more control over the device. This allows users to install apps outside of Apple's approval process and customize their phones more freely.
  2. While jailbreaking can be fun, it can also make devices less secure. People can easily install tools that can read private app data, leading to security risks.
  3. Developers should consider adding jailbreak protection to their apps. This helps safeguard sensitive information and prevents unauthorized access, keeping both the app and user safer.

Hashing Other Values

ciamweekly • 62 implied HN points • 26 Jan 26
đź•ą Technology Security
  1. Hash secrets that are created by your system, stored long-term elsewhere, high value, must stay secret, and are never needed in plaintext. Examples include MFA recovery codes, static API keys, and client secrets.
  2. Don’t hash values you must use in plaintext or that are public, because hashing either breaks functionality or is pointless; examples are private keys (used to sign) and public client identifiers.
  3. Hashing at rest is good defense-in-depth but not foolproof — short or simple secrets can be reversed with rainbow tables and hashed values must never be logged, so make secrets complex and rotate them if they get exposed.

Beijing appears to warn it could intercept Evergreen ships transporting HIMARS to Taiwan, in war or peace.

Pekingnology • 150 implied HN points • 02 Jan 26
🌍 World Politics Security
  1. China signaled it might intercept and seize civilian cargo ships carrying HIMARS or other military supplies, and presented such actions as lawful both in wartime and peacetime.
  2. The warning was unusually specific and was pushed through multiple official channels — coast guard and PLA posters, state media, and a foreign affairs account — making the scenario explicitly highlighted.
  3. Because that specific message may not have registered widely outside Chinese-language outlets, there is an information gap that could increase the risk of miscalculation if an interception happens.

Why Even Democrats Should Care About the “Cooked Intelligence” Russiagate Scandal

TK News by Matt Taibbi • 7737 implied HN points • 15 Feb 24
🇺🇸 U.S. Politics Security
  1. Intelligence reports can heavily influence policy decisions, as seen in past conflicts like the Iraq war, showing the importance of accurate and unbiased information in governance.
  2. The use of selective release of classified information for political purposes, as seen in the Russiagate scandal, highlights the dangers of manipulating intelligence for agenda-driven decisions.
  3. Corruption in intelligence agencies impacts all political ideologies, making it a non-partisan issue that concerns citizens of all affiliations.

Grey's Law, The Republic, and You (Part 3)

Devon’s Substack • 119 implied HN points • 26 Jul 24
🇺🇸 U.S. Politics Security
  1. The US Secret Service made serious mistakes during a security event, showing a lack of coordination and teamwork. It's essential for security teams to work well together to effectively handle threats.
  2. The personnel assigned for Trump's security were not a cohesive team. They were gathered from different sources and did not have experience working together, which compromised their effectiveness.
  3. In security and military contexts, having a trained, familiar team is crucial. If team members don't know each other, they can't operate as smoothly, which can lead to failures in protecting important individuals.

⚙️ How to Set Up OpenClaw (The Complete Guide — From Free to Paid)

The Product Channel By Sid Saladi • 33 implied HN points • 18 Feb 26
đź•ą Technology Security
  1. You need two things to run OpenClaw: a machine (Mac, Linux, VPS, or even an old laptop) and an LLM API key, and you’ll also need an account on a messaging app (WhatsApp, Telegram, Slack, or Discord) to connect to it.
  2. One-click cloud deploys are the easiest paid route — DigitalOcean is the most polished option for security and convenience, while Contabo offers the best value for low-cost VPS resources.
  3. Oracle Cloud’s Always Free tier is the best free hosting option, giving up to 4 ARM cores, 24 GB RAM, and 200 GB storage so you can run OpenClaw at no monthly cost; setup typically takes about 30–45 minutes.

Why Is Trump Handing Our Enemies a Win?

Common Sense with Bari Weiss • 2610 implied HN points • 24 Jan 25
🇺🇸 U.S. Politics Security
  1. Revoking security for officials like Mike Pompeo puts them in danger. This is concerning because Iran has threats against them.
  2. Taking away these security measures could also weaken America's position internationally. It may give a sense of victory to enemies like Iran.
  3. The decision to revoke security seems to be politically motivated, impacting how former officials can protect themselves. It's crucial to consider the safety of individuals who have been targeted for their roles.

On the OpenAI Economic Blueprint

Don't Worry About the Vase • 2732 implied HN points • 15 Jan 25
đź•ą Technology Security
  1. OpenAI's Economic Blueprint emphasizes the need for collaboration between AI companies and the government to share resources and set standards. This can help ensure AI development benefits everyone.
  2. There are various proposals to make AI safer and more helpful, like creating better training for AI developers and working with law enforcement to prevent misuse of technology.
  3. The document also reveals a strong desire from OpenAI to avoid strict regulations on their practices, while seeking more government funding and support for their initiatives.

OSD 363: The AI school shooter

Open Source Defense • 38 implied HN points • 06 Feb 26
đź•ą Technology Security
  1. Open-source AI agents that run on personal hardware can interact, form subcultures, and perform wide-ranging tasks, but those same dynamics can lead to incoherent or harmful agent behavior.
  2. A single high-profile catastrophic misuse by autonomous agents could trigger broad public and regulatory pressure to restrict or ban powerful AI tools for everyone, mirroring past tech-driven panics.
  3. The right to use powerful civilian technologies should extend to modern tools like drones and AI, not just historical firearms, because focusing only on old categories risks losing beneficial civilian uses and freedoms.

A bunker of rare earths. No more Lightning. Pandemic security. Jakarta's growth.

Chartbook • 157 implied HN points • 18 Dec 25
🌍 World Politics Security
  1. Countries are building secure stockpiles of rare earth minerals, underscoring their strategic importance for technology and defense.
  2. A program or product called "Lightning" is being ended, signaling a shift away from that specific technology or platform.
  3. Pandemic security is a major policy concern, and Jakarta is experiencing notable economic and urban growth that matters for planning and development.

AI Risk Evolution

Frankly Speaking • 254 implied HN points • 18 Nov 25
đź•ą Technology Security
  1. Focusing on 'AI for security' means we should use AI to improve security measures instead of limiting its use. Trying to ban tools like ChatGPT won't stop teams from finding ways to use them.
  2. Security needs to rethink its risk models because traditional methods aren't effective against AI. Just following compliance rules won't protect against new AI threats.
  3. Smaller security teams can still be powerful thanks to AI, which helps automate many tasks. Embracing AI can help teams be more effective, rather than just restricting its use.

It's World War III

Diane Francis • 1678 implied HN points • 06 Nov 23
🌍 World Politics Security
  1. The conflicts in Israel and Ukraine are seen as part of a larger world war driven by Russia. Putin's actions are creating unrest globally, not just in those regions.
  2. Russia uses various tactics, including hybrid warfare, to destabilize nations and influence events. This includes supporting groups like Hamas and using misinformation.
  3. A unified global response is necessary to counter Russia's influence. Without international cooperation, the ongoing conflicts and instability will persist.

Peace Through Profit: The Problem with Steve Witkoff’s Ukraine Strategy

Common Sense with Bari Weiss • 222 implied HN points • 03 Dec 25
🌍 World Politics Security
  1. A prominent U.S. dealmaker is promoting a "peace through profit" plan that aims to end the war by turning Russia and Ukraine into business partners.
  2. He argues that shared economic gains and interdependence would create incentives for lasting peace because everyone would benefit.
  3. Critics warn this approach may be naive since Putin’s inner circle could have different motives and secretive ties with Russian elites might undermine or corrupt any deal.