internet

Websites Have a New Way to Spy on Visitors: Analyzing Their SSD Activity

Researchers have discovered a new browser-based side-channel attack called FROST that enables websites to spy on visitors by measuring subtle timing differences in SSD activity via JavaScript interacting with the origin private file system (OPFS). This technique allows attackers to infer what other websites and apps the user has open without any interaction beyond visiting the malicious site, highlighting a novel privacy risk stemming from modern browser capabilities and SSD contention.

https://arstechnica.com/security/2026/05/websites-have-a-new-way-to-spy-on-visitors-analyzing-their-ssd-activity/

Has Mythos Just Broken the Deal That Kept the Internet Safe?

Martin Alderson discusses the potential cybersecurity crisis posed by Anthropic's new AI model, Mythos, which can generate working exploits against browser sandboxes 72.4% of the time, a dramatic increase from under 1% with previous models. This threatens the foundational security of the internet and cloud computing, as sandboxes that isolate code execution may no longer be effective defenses, raising concerns about widespread device compromise and disruption.

https://martinalderson.com/posts/has-mythos-just-broken-the-deal-that-kept-the-internet-safe/

Abusing .arpa: The TLD That Isn’t Supposed to Host Anything

Threat actors are exploiting the .arpa top-level domain (TLD), typically not meant for hosting content, to conduct phishing attacks. By using IPv6 tunnels, they create malicious domains that bypass security controls. These phishing campaigns employ tricks like embedding hyperlinks in images, leading victims to malicious sites through a series of redirects. The attack involves manipulating DNS record management to host phishing content, taking advantage of the .arpa domain’s trusted nature. This novel exploitation complicates detection since these domains appear legitimate and are often unblocked by security policies.

https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/

Cultivating a Robust and Efficient Quantum-safe HTTPS

Google's Chrome team is rolling out a program to implement quantum-safe HTTPS certificates using Merkle Tree Certificates (MTCs), which increase efficiency and transparency without compromising security. MTCs replace traditional certificate chains, reducing bandwidth usage while adopting post-quantum cryptography. The rollout has three phases: testing MTCs with existing certificates, inviting log operators for public MTCs, and establishing a new root store for MTCs. This initiative aims to ensure a robust, efficient, and scalable approach to enhanced web security amid evolving quantum threats.

https://security.googleblog.com/2026/02/cultivating-robust-and-efficient.html

Wikipedia Blacklists Archive.today, Starts Removing 695,000 Archive Links

The English-language edition of Wikipedia is blacklisting Archive.today after discovering the site altered webpage snapshots to insert the name of a targeted blogger. This alteration, along with the site’s use in a DDoS attack, led to a consensus among Wikipedia editors to remove all links to Archive.today. The decision was influenced by concerns over the site’s reliability and the potential security risks it poses to users.

https://arstechnica.com/tech-policy/2026/02/wikipedia-bans-archive-today-after-site-executed-ddos-and-altered-web-captures/

Spain Orders NordVPN, ProtonVPN to Block LaLiga Piracy Sites

Spain's court orders NordVPN and ProtonVPN to block 16 piracy websites related to LaLiga, granting measures without hearings. LaLiga cites VPNs as facilitating illegal streaming. ProtonVPN claims lack of proper notice, while NordVPN states it's not aware of legal proceedings. Both argue that blocking VPNs won't effectively combat piracy.

https://www.bleepingcomputer.com/news/legal/spain-orders-nordvpn-protonvpn-to-block-laliga-piracy-sites/

Microsoft Warns That Poisoned AI Buttons and Links May Betray Your Trust

Microsoft warns of “AI Recommendation Poisoning,” a technique where malicious data manipulates AI responses, risking trust in AI services. Companies have been embedding hidden prompts in AI links, influencing outputs subtly. This can result in AI providing biased advice on crucial topics like health and finance, often unnoticed by users. Microsoft advises caution with AI-related links, reviewing AI memory, and scanning for manipulation attempts in corporate settings.

https://www.theregister.com/2026/02/12/microsoft_ai_recommendation_poisoning/

2026-01-14: The Day the Telnet Died

On January 14, 2026, global telnet traffic dropped 59% abruptly due to potential port 23 filtering by U.S. internet providers, coinciding with the discovery of CVE-2026-24061, a critical telnet vulnerability. Eighteen ASNs lost all telnet sessions, and five countries dropped from data completely. The post suggests the drop was a response to an exploitable vulnerability, emphasizing the importance of patching or disabling GNU Inetutils telnetd. The sustained reduction in telnet traffic indicates a shift away from insecure protocols among ISPs.

https://www.labs.greynoise.io/grimoire/2026-02-10-telnet-falls-silent/

30 Years of DDoS: Why a Structural Problem Persists

DDoS attacks, originating in 1996, remain a persistent problem due to known weaknesses in internet architecture and organizational structures. The growth of the internet has amplified the impact of these attacks, exploiting vulnerabilities in IoT devices and combining network overloads with targeted disruptions to business processes.

https://www.igorslab.de/en/30-years-of-ddos-why-a-structural-problem-persists/

Most Parked Domains Now Serving Malicious Content

TLDR: Most parked domains now redirect to malicious sites, with over 90% leading to scams or malware, reversing a decade-old trend. Researchers at Infoblox found that users typing in expired or misspelled domains face increased risks, especially from residential IP addresses, which leads to deceptive content. Malicious redirects are linked to typosquatting domains mimicking popular sites, exposing users to potential malware and scams.

https://krebsonsecurity.com/2025/12/most-parked-domains-now-serving-malicious-content/

Should You Trust Your VPN Location?

Extreme TLDR: Analysis of 20 VPNs revealed 17 falsely claim exit locations; many are routed through different countries. 38 countries were only virtual, with data showing actual locations often thousands of kilometers away. Only 3 providers matched their claimed locations perfectly. Relying on self-reported data leads to significant inaccuracies. Users should treat “100+ countries” claims with skepticism and verify provider transparency regarding virtual versus physical server locations.

https://ipinfo.io/blog/vpn-location-mismatch-report

The 2025 Cloudflare Radar Year in Review- the Rise of AI, Post-quantum, and Record-breaking DDoS Attacks

Extreme TLDR: 2025 Cloudflare Radar reveals global Internet traffic rose 19%, driven by AI growth, Starlink doubling its traffic, and notable DDoS attacks. Key trends included 52% of Web traffic being post-quantum encrypted, 40% of bot traffic from the US, and Googlebot as the top traffic source. The Year in Review highlights shifts in popular services and connectivity issues, with significant growth in mobile and AI traffic.

https://blog.cloudflare.com/radar-2025-year-in-review/

HTTPS Certificate Industry Phasing Out Less Secure Domain Validation Methods

Google is phasing out less secure domain validation methods for HTTPS certificates to enhance internet security. This involves retiring 11 outdated validation practices like email and phone-based verifications, which are vulnerable to attacks. The transition will be gradual, fully implemented by March 2028. The goal is to adopt stronger, automated validation methods that ensure certificates are issued only to legitimate domain owners, ultimately making the web safer for all users.

https://security.googleblog.com/2025/12/https-certificate-industry-phasing-out.html

Cloudflare Outage on December 5, 2025

Cloudflare experienced a service outage on December 5, 2025, from 08:47 to 09:12 UTC, affecting 28% of HTTP traffic due to internal changes while addressing a security vulnerability in React. The incident was not caused by a cyber attack. The issue arose from configuration changes that led to HTTP 500 errors, impacting customers using specific setups with the older FL1 proxy. Cloudflare is implementing measures to prevent future incidents, including enhanced rollout protocols and improved error handling. An apology was issued acknowledging the disruption caused.

https://blog.cloudflare.com/5-december-2025-outage/

Scroll to Top