X-Industry

Meta’s Ray-Ban AI glasses have shot up in popularity in recent years, selling over seven million pairs in 2025 in a considerable jump over the two million it sold in 2023 and 2024 combined.  While the smart glasses have scored big with consumers, allowing them to record first-person footage through an integrated camera and microphone array, and analyzing the world around them through Meta’s AI model, the hardware has sparked a heated debate.  Critics say enabling facial recognition in the glasse

Ollama is an open-source framework that enables users to run large language models locally on their own hardware. By design, the service binds to localhost at 127.0.0.1:11434, making instances accessible only from the host machine.  However, exposing Ollama to the public internet requires only a single configuration change: setting the service to bind to 0.0.0.0 or a public interface.  At scale, these individual deployment decisions aggregate into a measurable public surface.

Over the past year,

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

Drones have emerged as a significant security concern for US military bases and critical infrastructure.  These unmanned systems are typically low-cost, simple to operate, and difficult to detect using traditional air-defense sensors.  A single drone can be deployed for surveillance, smuggling, or disruption, creating a scenario where security forces must respond swiftly without overreacting.  To address this challenge, the US Army is adopting a new counter-drone platform known as DroneArmor.  D

In the 1980’s the rock group The Who, had a hit song: ‘Who are You.”  That was rock’n’roll, but what is happening now is a question of, “Is it Real, or is it Fake?”  Who are You?  In modern digital enterprises, the fastest-growing identity population is no longer human users; it is machine identity.  APIs, microservices, containers, cloud workloads, CI/CD pipelines, robotic process automation, and AI agents all authenticate using identities.  Each relies on credentials such as keys, certificates

Telecom security specialist ENEA has published a report highlighting how public 4G and 5G networks are increasingly integrated into modern drone operations during armed conflicts, particularly the Russia-Ukraine war.  The analysis raises concerns about the vulnerability of civilian infrastructure and urges governments and mobile operators to implement targeted controls rather than broad shutdowns.  Drones have emerged as a central element in contemporary warfare, especially in the ongoing Russia

Military action in Iran has increased the potential of cyberattacks from Iranian-sponsored actors and hacktivists, and criminal groups aligned with Iran.  Below is a brief on the types of attacks Iran has executed or sponsored in the past to provide a starting roadmap based on their past cyberattacks during similar times of conflict.[1]   

While the line between hacktivist and state-sponsored threat actors can be blurry, Iran is a formidable adversary hosting several prominent threat actors. Ira

A new report from blockchain data platform Chainalysis has revealed a significant rise in the use of cryptocurrency for illicit activities related to human trafficking.  The research indicates that cryptocurrency payments to suspected human trafficking services increased by 85% year-on-year in 2025, with the total value reaching hundreds of millions of dollars across the identified services.  The findings shed light on how criminal networks are adapting their financial operations, using digital

Most people think of Dungeons and Dragons (D&D) as a place for imagination, dice, and heroic misadventures.  Yet a team of computer scientists has turned this iconic tabletop game into something far more ambitious: a laboratory for understanding how artificial intelligence behaves when it must operate independently for long periods.  Their research paper, Setting the DC: Tool-Grounded D&D Simulations to Test LLM Agents, paired with the recent TechXplore article on the same work, reveals why D&D

Phishing remains the highest risk category for users and organizations in South Africa, accounting for 45.7% of detected threats.  According to ESET Research’s latest Threat Report, this compares with a significantly lower 32.5% in Africa.  The report summarizes the threat landscape trends observed in ESET telemetry and analyzed by ESET threat detection and research experts in the second half of 2025.  “Phishing remains the leading initial access vector affecting South African companies,” says T

Recently, a report was released from Unit 42, a threat intelligence and incident response arm of Palo Alto Networks detailing an investigation of approximately 750 breaches between 2024 and 2025.

Their findings indicate that "identity weaknesses" were present in about 89% of investigated cases. Additionally, in 65% of these cases, it seems that attackers were able to gain initial access with compromised credentials rather than other means like exploiting software weaknesses.

Another striking asp

The future of autonomous vehicles took a surprising turn on 04 February 2026, when Waymo's Chief Safety Officer, Dr. Mauricio Peña, publicly confirmed that Waymo's driverless taxis sometimes rely on remote human operators, including workers based in the Philippines, to assist vehicles when the onboard autonomous system encounters challenges.  This revelation, disclosed during a US Senate Commerce, Science, and Transportation Committee hearing, has sparked bipartisan alarm among lawmakers over cy

Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms.  But a stealthy new phishing-as-a-service offering lets customers sidestep both of these pitfalls: It uses cleverly disguised links to load the target brand’s real website, and then acts as a relay between the victim and the legitimate site, forwarding the victim’s username, password and multi-factor authentica

Browser Fingerprinting - In an article by Rahul Naskar, he describes vulnerabilities with Incognito.  “I'm not a privacy enthusiast, but that doesn't mean I don't care about it.  I have always used the best settings to protect my privacy since I learned about the benefits of controlling how my personal information is collected, stored, and shared online.  I still remember the day when I first learned about private browsing, and every time I went Incognito, it felt like adding one more brick to m

The US federal government is rethinking how to support its globally adopted vulnerability tracking ecosystem after years of backlogs, funding scares, and growing doubts about whether the existing model can scale as vulnerability disclosures continue to accelerate.  At the center of that ecosystem, there are two distinct but interdependent components.  The Common Vulnerabilities and Exposures program, operated by Mitre, assigns standardized identifiers to software flaws.  The National Vulnerabili

FortiGuard Labs recently observed several targeted phishing campaigns in Taiwan that use themes designed to exploit local business processes.  These campaigns disseminate Winos 4.0 (ValleyRat) and subsequent malicious plugins through weaponized attachments or embedded links.  The lures mimic official communications, such as tax audit notifications, tax filing software installers, and cloud-based e-invoice downloads.

The rapid rise of OpenClaw, a locally running agentic AI assistant, has introduced a new class of security risk: malware that targets the assistant itself.  Because the framework stores persistent memory, configuration data, and authentication material on the user’s device, it effectively becomes a vault of API keys, tokens, private keys, and sensitive personal context.  Security researchers have now observed infostealing malware exfiltrating these files (openclaw.json, device.json, and soul.md)

Many malware attacks against open-source software components have compromised thousands of software packages and repositories, but the practical damage these attacks have caused organizations is harder to quantify.  The longer-term and indirect costs of these attacks may prove most significant for organizations.  Open-source components and software have long been a well-established source of threat activity. The widespread use, combined with the broad variance in how well-supported different pro

The past few years have brought an extraordinary shift in how digital content is created. Videos and images that once required studios, actors, and expensive equipment can now be produced by generative deep learning models that run on a laptop.  These systems can fabricate a person’s face, voice, and gestures with such precision that the results often look indistinguishable from real footage. This technological leap has opened remarkable creative possibilities, yet it has also created a new kind

Bitcoin has spent more than a decade moving from fringe experiment to global financial phenomenon.  Yet despite wider adoption, institutional interest, and the rise of crypto infrastructure, a persistent fear keeps resurfacing: what if Bitcoin’s value could eventually fall to zero?

Supporters often argue that Bitcoin can’t go to zero because of its scarcity and network effects.  Critics counter that scarcity alone doesn’t guarantee lasting demand, and that markets can abandon even once-dominant