Roger A. Grimes
@rogeragrimes.bsky.social
Computer security geek who's life's work mission is to make the Internet a far safer place to compute
FCC rolls back cybersecurity requirements put in place after Chinese telecom hack.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
FCC rolls back cybersecurity rules for telcos, despite state-hacking risks
The Federal Communications Commission (FCC) has rolled back a previous ruling that required U.S. telecom carriers to implement stricter cybersecurity measures following the massive hack from the Chine...
www.bleepingcomputer.com
November 24, 2025 at 1:37 PM
FCC rolls back cybersecurity requirements put in place after Chinese telecom hack.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
I know I'm the willing doing it and by buying it, it's just capitalism at work, but Domino's charging $25 for a 12" thin crust pizza with 4 ingredients is insane. It's been this way since COVID and it's not coming down. I'm over it! Adios Dominos!!
November 23, 2025 at 3:32 PM
I know I'm the willing doing it and by buying it, it's just capitalism at work, but Domino's charging $25 for a 12" thin crust pizza with 4 ingredients is insane. It's been this way since COVID and it's not coming down. I'm over it! Adios Dominos!!
Rogue MCP servers can take over Cursor’s built-in browser
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Rogue MCP servers can take over Cursor’s built-in browser
A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
www.csoonline.com
November 17, 2025 at 4:46 AM
Rogue MCP servers can take over Cursor’s built-in browser
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Another MCP hack that can exploit your computer without any user intervention. This is the 5th or 6th MCP hack like this I've heard about in 2 weeks. Hundreds are coming.
www.csoonline.com/article/4089...
Check out my latest article: Improving Quantum Attacks to Reach Q-Day Sooner
www.linkedin.com/pulse/improv...
www.linkedin.com/pulse/improv...
Improving Quantum Attacks to Reach Q-Day Sooner
There are lots of avenues to reaching Q-Day sooner than the US government talks about. Ever since Peter Shor released his algorithm in 1994, the world has been waiting for the day when sufficiently-ca...
www.linkedin.com
November 17, 2025 at 2:35 AM
Check out my latest article: Improving Quantum Attacks to Reach Q-Day Sooner
www.linkedin.com/pulse/improv...
www.linkedin.com/pulse/improv...
Apple is now giving $2M rewards for finding the most impactful vulns, + other cool stuff like "Target flags" that, if you find prove you have hacked Apple products, and you get the reward right away and fuss over the details later. Very, very cool.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
A major evolution of Apple Security Bounty, with the industry's top awards for the most advanced research - Apple Security Research
Today we’re announcing the next major chapter for Apple Security Bounty, featuring the industry’s highest rewards — up to $2 million and a maximum payout in excess of $5 million — expanded research ca...
security.apple.com
November 16, 2025 at 6:00 PM
Apple is now giving $2M rewards for finding the most impactful vulns, + other cool stuff like "Target flags" that, if you find prove you have hacked Apple products, and you get the reward right away and fuss over the details later. Very, very cool.
security.apple.com/blog/apple-s...
security.apple.com/blog/apple-s...
Russian nation-state hacker sought by Microsoft arrested when visiting Thailand
www.cnn.com/2025/11/15/a...
www.cnn.com/2025/11/15/a...
Russian alleged cyber-hacker faces extradition to US after arrest in Thailand | CNN
A Russian man wanted for extradition by the United States over cyber-crime allegations has been arrested on the Thai holiday island of Phuket, local police said Friday.
www.cnn.com
November 15, 2025 at 1:45 PM
Russian nation-state hacker sought by Microsoft arrested when visiting Thailand
www.cnn.com/2025/11/15/a...
www.cnn.com/2025/11/15/a...
Google Sues to Disrupt Chinese SMS Phishing Triad – Brian Krebs
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
Google Sues to Disrupt Chinese SMS Phishing Triad
Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast o...
krebsonsecurity.com
November 14, 2025 at 8:38 PM
Google Sues to Disrupt Chinese SMS Phishing Triad – Brian Krebs
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
krebsonsecurity.com/2025/11/goog...
This is great, great news. This crew (including 25 identified people) is responsible for a large portion of the fake SMS messages (smishing) that we all get. Crew also did fake Google Pay payments
Anthropic says Chinese hackers jailbroke its AI to automate a 'large-scale' cyberattack
www.msn.com/en-us/money/...
www.msn.com/en-us/money/...
MSN
www.msn.com
November 14, 2025 at 2:21 PM
Anthropic says Chinese hackers jailbroke its AI to automate a 'large-scale' cyberattack
www.msn.com/en-us/money/...
www.msn.com/en-us/money/...
Check out my latest article: How to Most Efficiently Use AI to Get Speedy Results
www.linkedin.com/pulse/how-mo...
www.linkedin.com/pulse/how-mo...
How to Most Efficiently Use AI to Get Speedy Results
Using the right tool for the job is always better. Anyone who does DIY projects around the home knows how using the right tool can dramatically make the job you are doing far easier.
www.linkedin.com
November 12, 2025 at 2:00 PM
Check out my latest article: How to Most Efficiently Use AI to Get Speedy Results
www.linkedin.com/pulse/how-mo...
www.linkedin.com/pulse/how-mo...
November 12, 2025 at 10:36 AM
XPENG iRON robot...many people probably think it's a human pretending to be a robot walking. Nope, it's 100% robot.
www.youtube.com/shorts/rda9_...
www.youtube.com/shorts/rda9_...
XPENG iRON The Future of robots Unveiled!
YouTube video by DPCcars
www.youtube.com
November 11, 2025 at 6:15 PM
XPENG iRON robot...many people probably think it's a human pretending to be a robot walking. Nope, it's 100% robot.
www.youtube.com/shorts/rda9_...
www.youtube.com/shorts/rda9_...
Good coverage of a phishing platform named Quantum Route Redirect. On a side note: Even criminals think just putting quantum in a name is good for marketing even if if it has nothing to do with quantum.
blog.knowbe4.com/quantum-rout...
blog.knowbe4.com/quantum-rout...
Quantum Route Redirect: Anonymous Tool Streamlining Global Phishing Attack
KnowBe4 Threat Labs has uncovered an emerging advanced phishing campaign targeting Microsoft 365 users globally to steal their credentials.
blog.knowbe4.com
November 11, 2025 at 12:31 PM
Good coverage of a phishing platform named Quantum Route Redirect. On a side note: Even criminals think just putting quantum in a name is good for marketing even if if it has nothing to do with quantum.
blog.knowbe4.com/quantum-rout...
blog.knowbe4.com/quantum-rout...
Check out my latest article: The AI Disaster That Scares Me The Most
www.linkedin.com/pulse/ai-dis...
www.linkedin.com/pulse/ai-dis...
The AI Disaster That Scares Me The Most
There is one truly worst-case AI scenario that has a higher risk of happening than all the others, and we must work to prevent it from happening. While there are a ton of great new services and invent...
www.linkedin.com
November 10, 2025 at 1:58 PM
Check out my latest article: The AI Disaster That Scares Me The Most
www.linkedin.com/pulse/ai-dis...
www.linkedin.com/pulse/ai-dis...
Pentagon releases ‘revised’ plan to boost cyber talent, ‘domain mastery’
breakingdefense.com/2025/11/pent...
Three new orgs, one for hiring, one for training, one for deploying. Aggressively going after cyber talent. But short on details and heavy on rhetoric. Let's hope for the best.
breakingdefense.com/2025/11/pent...
Three new orgs, one for hiring, one for training, one for deploying. Aggressively going after cyber talent. But short on details and heavy on rhetoric. Let's hope for the best.
Pentagon releases 'revised' plan to boost cyber talent, 'domain mastery' - Breaking Defense
The strategy, an altered version of the Biden-era CYBERCOM 2.0 initiative, makes some organizational changes to find, train and retain cyber operators.
breakingdefense.com
November 9, 2025 at 1:35 AM
Pentagon releases ‘revised’ plan to boost cyber talent, ‘domain mastery’
breakingdefense.com/2025/11/pent...
Three new orgs, one for hiring, one for training, one for deploying. Aggressively going after cyber talent. But short on details and heavy on rhetoric. Let's hope for the best.
breakingdefense.com/2025/11/pent...
Three new orgs, one for hiring, one for training, one for deploying. Aggressively going after cyber talent. But short on details and heavy on rhetoric. Let's hope for the best.
If you truly believe that AI will be replacing most human jobs in 2-3 decades, and that we all will be at home doing mostly nothing but collecting gov't paychecks to survive, you would not be encouraging our kids to learn, go to school, how to think, or to learn a trade...today!
November 8, 2025 at 4:28 PM
If you truly believe that AI will be replacing most human jobs in 2-3 decades, and that we all will be at home doing mostly nothing but collecting gov't paychecks to survive, you would not be encouraging our kids to learn, go to school, how to think, or to learn a trade...today!
If the Louvre's WiFi password being 'Louvre' shocks you, you really don't understand the less than state-of-the-art security used by the majority of people and organizations. They aren't even getting the very basics right all over the place. That's the real state of things.
November 6, 2025 at 1:36 PM
If the Louvre's WiFi password being 'Louvre' shocks you, you really don't understand the less than state-of-the-art security used by the majority of people and organizations. They aren't even getting the very basics right all over the place. That's the real state of things.
Wow! 99% of a company's profit for 6-months wiped out by cyber attack. Share that scenario with senior mgmt.
www.bbc.com/news/article...
www.bbc.com/news/article...
M&S profits almost wiped out after cyber hack left shelves empty
Marks & Spencer's online and in-store sales were hit by a cyber attack which it said cost it £101m
www.bbc.com
November 5, 2025 at 9:23 PM
Wow! 99% of a company's profit for 6-months wiped out by cyber attack. Share that scenario with senior mgmt.
www.bbc.com/news/article...
www.bbc.com/news/article...
Check out my latest article: Microsoft Help Desk Phishing Scam www.linkedin.com/pulse/micros...
Microsoft Help Desk Phishing Scam
I received this email the other day to my personal email account (see below). Look, it is a “Security Alert” from “Microsoft Helpdesk.
www.linkedin.com
November 4, 2025 at 1:15 PM
Check out my latest article: Microsoft Help Desk Phishing Scam www.linkedin.com/pulse/micros...
What is AI?
After I finally realized what AI is and what it isn't,I got into some big showdowns from AI-hyperbole pushers who were literally yelling at me and in tears because I wouldn't say that AI was human. And I stand by my definition of today's AI more than ever.
youtube.com/shorts/nykxE...
After I finally realized what AI is and what it isn't,I got into some big showdowns from AI-hyperbole pushers who were literally yelling at me and in tears because I wouldn't say that AI was human. And I stand by my definition of today's AI more than ever.
youtube.com/shorts/nykxE...
What is AI...really?
YouTube video by Cybersecurity WTF Rants
youtube.com
November 2, 2025 at 4:06 PM
What is AI?
After I finally realized what AI is and what it isn't,I got into some big showdowns from AI-hyperbole pushers who were literally yelling at me and in tears because I wouldn't say that AI was human. And I stand by my definition of today's AI more than ever.
youtube.com/shorts/nykxE...
After I finally realized what AI is and what it isn't,I got into some big showdowns from AI-hyperbole pushers who were literally yelling at me and in tears because I wouldn't say that AI was human. And I stand by my definition of today's AI more than ever.
youtube.com/shorts/nykxE...
Signal combines quantum encryption with classical to go post-quantum. This hybrid solution is going to be very common in the PQC world. Especially if we aren't 100% sure that a PQC algorithm really works as advertised. Here's Bruce Schneier talking about it: www.schneier.com/blog/archive...
Signal's Post-Quantum Cryptographic Implementation - Schneier on Security
Signal has just rolled out its quantum-safe cryptographic implementation. Ars Technica has a really good article with details: Ultimately, the architects settled on a creative solution. Rather than bo...
www.schneier.com
October 31, 2025 at 3:39 PM
Signal combines quantum encryption with classical to go post-quantum. This hybrid solution is going to be very common in the PQC world. Especially if we aren't 100% sure that a PQC algorithm really works as advertised. Here's Bruce Schneier talking about it: www.schneier.com/blog/archive...
Russia arrests Meduza Stealer group. At first this surprised me, but they attacked Russia as well. Big mistake for those Russian hackers. Going to the gulag now (unless bribes paid).
risky.biz/risky-bullet...
risky.biz/risky-bullet...
Risky Bulletin: Russia arrests Meduza Stealer group - Risky Business Media
Russian authorities have arrested three individuals believed to have created and sold the Meduza infostealer.The suspects were arrested th [Read More]
risky.biz
October 31, 2025 at 2:36 PM
Russia arrests Meduza Stealer group. At first this surprised me, but they attacked Russia as well. Big mistake for those Russian hackers. Going to the gulag now (unless bribes paid).
risky.biz/risky-bullet...
risky.biz/risky-bullet...