Steve Puluka
@spuluka.bsky.social
Network & Security Engineer / Cantor & Religious Education Instructor http://puluka.com/home
Deep dive on how Fortinet firewalls are being exploited and reconfigured by Arctic Wolf.
arcticwolf.com/resources/bl...
arcticwolf.com/resources/bl...
Arctic Wolf Observes Malicious Configuration Changes On Fortinet FortiGate Devices via SSO Accounts | Arctic Wolf
Arctic Wolf has observed a new cluster of automated malicious activity involving unauthorized firewall configuration changes on FortiGate devices.
arcticwolf.com
January 24, 2026 at 10:18 AM
Deep dive on how Fortinet firewalls are being exploited and reconfigured by Arctic Wolf.
arcticwolf.com/resources/bl...
arcticwolf.com/resources/bl...
The Python team at PyPI are changing procedures to detect when domain resurrection attacks are occurring in the eco system. These take over abandoned domains and use this to add malware to well known tools.
blog.pypi.org/posts/2025-0...
blog.pypi.org/posts/2025-0...
Preventing Domain Resurrection Attacks - The Python Package Index Blog
PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over PyPI accounts through password r...
blog.pypi.org
January 23, 2026 at 10:27 AM
The Python team at PyPI are changing procedures to detect when domain resurrection attacks are occurring in the eco system. These take over abandoned domains and use this to add malware to well known tools.
blog.pypi.org/posts/2025-0...
blog.pypi.org/posts/2025-0...
Interesting run down on how a threat actor is compromising domains on Snap Publisher in order to distribute malware.
blog.popey.com/2026/01/malw...
blog.popey.com/2026/01/malw...
Malware Peddlers Are Now Hijacking Snap Publisher Domains
tl;dr: There’s a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have change...
blog.popey.com
January 22, 2026 at 10:36 AM
Interesting run down on how a threat actor is compromising domains on Snap Publisher in order to distribute malware.
blog.popey.com/2026/01/malw...
blog.popey.com/2026/01/malw...
Interesting report from Socket Security on 5 malicious Google Chrome extensions that hijack sessions to major ERP platforms. Fortunately on about 2k users were affected before they were removed.
socket.dev/blog/5-malic...
socket.dev/blog/5-malic...
5 Malicious Chrome Extensions Enable Session Hijacking in En...
Five coordinated Chrome extensions enable session hijacking and block security controls across enterprise HR and ERP platforms.
socket.dev
January 20, 2026 at 10:09 AM
Interesting report from Socket Security on 5 malicious Google Chrome extensions that hijack sessions to major ERP platforms. Fortunately on about 2k users were affected before they were removed.
socket.dev/blog/5-malic...
socket.dev/blog/5-malic...
New open source tool from Splunk researcher Michael Haag called ADTrapper. This performs analysis on Microsoft AD logs looking for traces of exploits in progress.
github.com/MHaggis/ADTr...
github.com/MHaggis/ADTr...
GitHub - MHaggis/ADTrapper: Hunt Smarter, Hunt Harder
Hunt Smarter, Hunt Harder. Contribute to MHaggis/ADTrapper development by creating an account on GitHub.
github.com
January 19, 2026 at 10:10 AM
New open source tool from Splunk researcher Michael Haag called ADTrapper. This performs analysis on Microsoft AD logs looking for traces of exploits in progress.
github.com/MHaggis/ADTr...
github.com/MHaggis/ADTr...
The next #AI updates to Apple Siri will be coming from Google Gemini. Another sign that OpenAI is loosing ground in the assistant race.
blog.google/company-news...
blog.google/company-news...
Joint statement from Google and Apple
Apple and Google have entered into a multi-year collaboration under which the next generation of Apple Foundation Models will be based on Google's Gemini models and clou…
blog.google
January 18, 2026 at 10:21 AM
The next #AI updates to Apple Siri will be coming from Google Gemini. Another sign that OpenAI is loosing ground in the assistant race.
blog.google/company-news...
blog.google/company-news...
Time to check the list of VScode packages that have been removed by Microsoft from the Marketplace due to security issues and make sure they are not on your deployment.
github.com/microsoft/vs...
github.com/microsoft/vs...
github.com
January 17, 2026 at 10:13 AM
Time to check the list of VScode packages that have been removed by Microsoft from the Marketplace due to security issues and make sure they are not on your deployment.
github.com/microsoft/vs...
github.com/microsoft/vs...
That time again to check all the new security advisories released on Palo Alto Networks gear and get patching.
security.paloaltonetworks.com
security.paloaltonetworks.com
Palo Alto Networks Security Advisories
Palo Alto Networks Security Advisories - Latest information and remediations available for vulnerabilities concerning Palo Alto Networks products and services.
security.paloaltonetworks.com
January 16, 2026 at 9:42 AM
That time again to check all the new security advisories released on Palo Alto Networks gear and get patching.
security.paloaltonetworks.com
security.paloaltonetworks.com
That time again to check all the new security advisories released on Juniper gear and get patching.
supportportal.juniper.net/s/global-sea...
supportportal.juniper.net/s/global-sea...
CEC Juniper Community
https://supportportal.juniper.net/s/global-search/%40uri#t=KnowledgeArticles&sort=relevancy&f:ctype=[Security%20Advisories]
January 15, 2026 at 10:21 AM
That time again to check all the new security advisories released on Juniper gear and get patching.
supportportal.juniper.net/s/global-sea...
supportportal.juniper.net/s/global-sea...
Interesting deep dive into the Ransomware strain CrazyHunter created by apparently Chinese groups and deployed in Taiwanese organizations.
www.trellix.com/blogs/resear...
www.trellix.com/blogs/resear...
www.trellix.com
January 14, 2026 at 10:21 AM
Interesting deep dive into the Ransomware strain CrazyHunter created by apparently Chinese groups and deployed in Taiwanese organizations.
www.trellix.com/blogs/resear...
www.trellix.com/blogs/resear...
Nice outline on just why sorting plastic for recycling centers is so hard and only 10% is currently recycled by NIST.
www.nist.gov/how-do-you-m...
www.nist.gov/how-do-you-m...
How Do Recycling Facilities Sort Different Kinds of Plastic?
To quickly identify the main components of a plastic product, recyclers can use commercial tools to measure light that has interacted with the object.
www.nist.gov
January 13, 2026 at 11:05 AM
Nice outline on just why sorting plastic for recycling centers is so hard and only 10% is currently recycled by NIST.
www.nist.gov/how-do-you-m...
www.nist.gov/how-do-you-m...
Outline of the currently available Verifiable Digital Credentials from NIST. Good introduction to the current state of the options and how to evaluate them.
www.nist.gov/blogs/cybers...
www.nist.gov/blogs/cybers...
Digital Identities: Getting to Know the Verifiable Digital Credential Ecosystem
Understanding mDL credential formatsStandards in the VDC Ecosystem
www.nist.gov
January 12, 2026 at 9:56 AM
Outline of the currently available Verifiable Digital Credentials from NIST. Good introduction to the current state of the options and how to evaluate them.
www.nist.gov/blogs/cybers...
www.nist.gov/blogs/cybers...
The new California DROP (Delete Request and Opt-out Platform) law has gone live. State residents can register to have over 500 data brokers remove them from sale collections.
privacy.ca.gov/drop/
privacy.ca.gov/drop/
Delete request and opt-out platform (DROP)
Protect your personal information. Data brokers collect, share, and sell your personal information. You can stop that from happening.
privacy.ca.gov
January 11, 2026 at 7:46 PM
The new California DROP (Delete Request and Opt-out Platform) law has gone live. State residents can register to have over 500 data brokers remove them from sale collections.
privacy.ca.gov/drop/
privacy.ca.gov/drop/
CES conference announcement that #AI is coming for every new TV model from Samsung.
techxplore.com/news/2026-01...
techxplore.com/news/2026-01...
TV makers tout AI upgrades at CES, as smartphone threat looms
A century after Scottish inventor John Logie Baird demonstrated the first mechanical television system, TVs face mounting competition from a much more recent invention: smartphones.
techxplore.com
January 10, 2026 at 10:24 AM
CES conference announcement that #AI is coming for every new TV model from Samsung.
techxplore.com/news/2026-01...
techxplore.com/news/2026-01...
Rumor has it that Discord is getting ready to go public with their IPO and move to full monetization of the platform.
www.gamesindustry.biz/discord-repo...
www.gamesindustry.biz/discord-repo...
Discord reportedly makes confidential filing for IPO
The chat platform has allegedly been working with Goldman Sachs and JPMorgan Chase on a listing for some time now
www.gamesindustry.biz
January 9, 2026 at 10:25 AM
Rumor has it that Discord is getting ready to go public with their IPO and move to full monetization of the platform.
www.gamesindustry.biz/discord-repo...
www.gamesindustry.biz/discord-repo...
A new study by the Dutch government finds that most teen hackers do leave their criminal choices behind by their twenties.
www.tweedekamer.nl/kamerstukken...
www.tweedekamer.nl/kamerstukken...
Jong op het verkeerde pad. Verkenning maatschappelijke kosten van criminele carrières van adolescenten | Tweede Kamer der Staten-Generaal
www.tweedekamer.nl
January 8, 2026 at 10:26 AM
A new study by the Dutch government finds that most teen hackers do leave their criminal choices behind by their twenties.
www.tweedekamer.nl/kamerstukken...
www.tweedekamer.nl/kamerstukken...
Good news that Australian authorities have convicted and sentenced to 7 years the man responsible for deploying evil twin WiFi networks for phishing credentials in the Perth, Melbourne and Adelaide airports.
www.afp.gov.au/news-centre/...
www.afp.gov.au/news-centre/...
WA man jailed for stealing intimate material and using ‘evil twin’ WiFi networks | Australian Federal Police
A West Australian man who created ‘evil twin’ WiFi networks to capture personal data and hacked into women’s online accounts to steal intimate material has been sentenced to seven years and four month...
www.afp.gov.au
January 7, 2026 at 9:47 AM
Good news that Australian authorities have convicted and sentenced to 7 years the man responsible for deploying evil twin WiFi networks for phishing credentials in the Perth, Melbourne and Adelaide airports.
www.afp.gov.au/news-centre/...
www.afp.gov.au/news-centre/...
Unfortunately, #AI slop has come not just to search but to Wikipedia. At least the team seems to be on top of the influx of bad information and working on a solution.
January 6, 2026 at 3:50 PM
Unfortunately, #AI slop has come not just to search but to Wikipedia. At least the team seems to be on top of the influx of bad information and working on a solution.
Looks like ads and sponsored content are coming this year to ChatGPT.
www.tomshardware.com/tech-industr...
www.tomshardware.com/tech-industr...
ChatGPT could prioritize sponsored content as part of ad strategy — sponsored content could allegedly be given preferential treatment in LLM’s responses, OpenAI to use chat data to deliver highly pers...
Are we going to see ads in ChatGPT's answers soon?
www.tomshardware.com
January 5, 2026 at 10:12 AM
Looks like ads and sponsored content are coming this year to ChatGPT.
www.tomshardware.com/tech-industr...
www.tomshardware.com/tech-industr...
The latest move in advertising surveillance dystopia are facial recognition billboards at mass transit sites in Canada. Fortunately the privacy commissioner is already investigating their use.
therecord.media/canada-priva...
therecord.media/canada-priva...
Canada’s privacy regulator to probe billboards equipped with facial scanning tech
The billboards, located near Toronto’s Union Station, reportedly analyze only the age and gender of people nearby, according to their owner.
therecord.media
January 4, 2026 at 10:24 AM
The latest move in advertising surveillance dystopia are facial recognition billboards at mass transit sites in Canada. Fortunately the privacy commissioner is already investigating their use.
therecord.media/canada-priva...
therecord.media/canada-priva...
New regulations in South Korea apply fines to companies that have repeated data breaches or delay reporting of security incidents.
www.koreatimes.co.kr/southkorea/2...
www.koreatimes.co.kr/southkorea/2...
Science minister vows punitive fines against companies with repeated security breaches - The Korea Times
Science Minister Bae Kyung-hoon said Friday the government will seek to introduce punitive fines on businesses with repeated data breaches amid gro...
www.koreatimes.co.kr
January 3, 2026 at 10:16 AM
New regulations in South Korea apply fines to companies that have repeated data breaches or delay reporting of security incidents.
www.koreatimes.co.kr/southkorea/2...
www.koreatimes.co.kr/southkorea/2...
The new Baseline Security Mode is rolling out on Microsoft products through March of this year. This dashboard makes applying recommended minimum security settings apply for enterprise administrators.
mc.merill.net/message/MC11...
mc.merill.net/message/MC11...
MC1193689 - Microsoft baseline security mode for Office, SharePoint, Exchange, Teams, and Entra | Microsoft 365 Message Center Archive
Baseline Security Mode centralizes Microsoft’s recommended security standards for Office, SharePoint, Exchange, Teams, and Entra. Rolling out from November 2025 to March 2026, it provides admins with ...
mc.merill.net
January 2, 2026 at 10:43 AM
The new Baseline Security Mode is rolling out on Microsoft products through March of this year. This dashboard makes applying recommended minimum security settings apply for enterprise administrators.
mc.merill.net/message/MC11...
mc.merill.net/message/MC11...
Interesting end of year report from Cloudflare shows what the mix of traffic is and trends on their hosted domains.
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/year-in-revi...
Cloudflare Radar 2025 Year in Review
The Cloudflare Radar 2025 Year In Review features interactive charts, graphs, and maps you can use to explore what changed on the Internet Worldwide throughout 2025.
radar.cloudflare.com
January 1, 2026 at 11:34 AM
Interesting end of year report from Cloudflare shows what the mix of traffic is and trends on their hosted domains.
radar.cloudflare.com/year-in-revi...
radar.cloudflare.com/year-in-revi...
Good news that Ukrainian authorities, in cooperation with Czech Republic, Latvia & Lithuania, have taken down fraud call center operators in three cities. There were over 400 victims with losses over €10M.
www.eurojust.europa.eu/news/fraudul...
www.eurojust.europa.eu/news/fraudul...
Fraudulent call centres in Ukraine rolled up
Authorities from the Czech Republic, Latvia, Lithuania and Ukraine with the support of Eurojust took action against a criminal network operating call centres in Dnipro, Ivano-Frankivsk and Kyiv, Ukrai...
www.eurojust.europa.eu
December 31, 2025 at 10:29 AM
Good news that Ukrainian authorities, in cooperation with Czech Republic, Latvia & Lithuania, have taken down fraud call center operators in three cities. There were over 400 victims with losses over €10M.
www.eurojust.europa.eu/news/fraudul...
www.eurojust.europa.eu/news/fraudul...