We are no longer in the age of the lone script kiddie lobbing pre-cooked exploits from their mum’s basement. What is emerging instead are neural ghosts—AI-powered entities capable of autonomously probing, adapting, and burrowing into networks. Think of them as digital fungi: self-replicating, invisible, and patient enough to live under your floorboards for years before fruiting. Proof-of-concepts like Neural Ghost and FungusFiber ISP hijacks already sketch what such systems can become: distributed, stealthy, and frighteningly persistent. ...

The US National Vulnerability Database has slipped from a dull but dependable piece of security plumbing into a sputtering liability. Enrichment of CVEs has stalled, backlogs have exploded, and defenders are left with raw identifiers instead of actionable intelligence. This collapse is not accidental—it is the predictable result of political austerity, funding cuts, and a fixation on flashy science over unglamorous infrastructure. In other words, the pipes have burst while Washington debates whether water is really a priority. For security teams all over the world, the message is blunt: stop waiting for rescue. Diversify your sources, automate your own triage, build peer networks, and treat metadata as survival gear, not a luxury. ...

Psychological operations—PSYOPs—are often painted as shadowy mind-control tools wielded by a secret cabal. Reality is less cinematic but far more interesting. PSYOPs are deliberate efforts to influence the beliefs, emotions, or behaviours of target audiences. They are planned, measurable, and bureaucratically codified—but that doesn’t make them benign, nor do they naturally uphold transparency or democratic norms. The US Department of Defense defines PSYOPs as operations “to convey selected information and indicators to foreign audiences to influence their emotions, motives, objective reasoning, and ultimately their behavior”. This definition is precise but neutral: it says what the practice is, not whether it is ethical. The challenge is recognising influence in action without falling into conspiracy or mystique. ...

The objective of this patch sprint choreography is to elevate the tedious act of patching from a soul-crushing administrative duty into a mildly entertaining team exercise—complete with structured chaos, passive-aggressive incentives, and just enough humiliation to ensure participation. Transform patching from a dreaded chore into a fast, fun, and competitive team activity—complete with gamification, music, and rewards—to eliminate hackable inertia. Pre-sprint: Laying the groundwork for reluctant enthusiasm Theme and soundtrack Designation: “Operation Patch And Pray” or “The Great Vulnerability Purge Of 2025”, or … Musical accompaniment: A carefully curated selection of motivational anthems (e.g., The Imperial March for urgency, Yakety Sax for when things go wrong). Visual reinforcement: A digital leaderboard displaying real-time patch progress, because nothing motivates like public accountability. Roles and responsibilities Patch Commandos (System Administrators) – Tasked with deploying fixes before morale deteriorates further. Vulnerability Inquisitors (Penetration Testers) – Responsible for verifying patches while maintaining an air of smug superiority. Morale Officers (Management) – Obliged to provide snacks and unconvincing pep talks. Agents Of Chaos (Red Team) – Permitted to introduce simulated breaches to keep the exercise from becoming too enjoyable. The sprint: A structured exercise in controlled panic Round one: Patch or face the consequences Duration: 30-60 minutes of concentrated regret. Scoring Mechanism: One point per successfully patched system. Bonus points awarded for: Being the first team to declare victory (subject to verification). The most creatively worded patch log entry (e.g., “Closed this vulnerability before the auditors noticed”). Penalty: If the Agents of Chaos successfully breach an unpatched system, the offending team must endure a lecture on basic cyber hygiene. Round two: The verification farce Purpose: To confirm that patches were not merely applied but actually function as intended. Additional humiliation factor: If the Vulnerability Inquisitors uncover a lingering flaw, the responsible team must perform a brief interpretive dance illustrating their failure. Round three: The backup charade Critical Task: Ensure backups are both immutable and restorable. Entertainment value: Should backups prove unreliable, the team lead must recount a personal tale of professional disgrace (e.g., “There was an incident involving a production database and an ill-advised ‘DROP TABLE’ command…”). Post-sprint: Rewards and psychological reinforcement Victory ceremonies The Golden Patch Award – A physical token of dubious value, bestowed upon the winning team. The Wall Of Remediated Shame – A public display of conquered vulnerabilities, each marked with a sarcastic epitaph. Sustenance For The Defeated – Biscuits (because morale cannot survive on pride alone). Ensuring future compliance Patch DJ Rotation – A monthly honour (or punishment) ensuring musical variety in future sprints. The “Least Disastrous” Prize – For teams demonstrating marginal improvement since the last debacle. Conclude the exercise with a mock incident report titled “How We Avoided Catastrophe Through Sheer Luck And Peer Pressure.” ...

In July 2025, the Dutch healthcare sector faced one of its most devastating cybersecurity crises to date. The ransomware group Nova infiltrated Clinical Diagnostics NMDL, a laboratory critical to the Netherlands’ national cervical cancer screening program, exfiltrating 300 GB of sensitive patient data—including names, addresses, citizen service numbers (BSNs), and intimate medical test results 69. The breach, which affected 485,000 women and extended to other medical examinations, exposed systemic vulnerabilities in healthcare IT infrastructure, third-party risk management, and regulatory compliance. ...

In July 2025, the Netherlands faced a crisis that unfolded not in public squares but across invisible networks. The Public Prosecution Service, several courts, and parts of the Ministry of Justice were forced to halt operations. Hearings were postponed, case files became inaccessible, and whole sections of the justice system were brought to a standstill. The cause was not ransomware flashing on screens or stolen data dumped online. It was the silent exploitation of Citrix NetScaler — a remote-access system used by thousands of organisations to let staff work securely from anywhere. Think of Citrix as a heavily guarded front door to an office: only authorised people can enter, and it keeps prying eyes out. In theory. In July, that door had both a faulty lock and an absent guard. ...

Far-right movements thrive in the shadows, weaving complex networks across borders that shape politics and media narratives. Reactionary International steps into that murky terrain with a public, evidence-based approach, mapping these hidden connections for all to see. Rather than conspiracy or propaganda, it offers rigorous research from a diverse team of contributors worldwide. Exploring the project’s origins, funding realities, and why it stands apart from typical disinformation claims. A public lens on hidden networks Reactionary International is an openly accessible research platform published by Progressive International, whose About page clearly describes its creation and mission. Its stated aim is to trace the links between politicians, think‑tanks, media outlets, financiers, journalists and technology platforms involved in far‑right coordination and influence campaigns. ...

In one corner, we have Demis Hassabis, CEO of DeepMind, telling The Guardian in 2024 that AI will be “10 times bigger than the Industrial Revolution.” Disruption is inevitable, he says, but humanity will adapt, as it always does. The challenge is simply to manage the turbulence. In the other corner, we have Joseph Weizenbaum, reflecting in the 1980s on his earlier work designing a banking system for processing physical cheques. It was an intricate, technically satisfying project. Only years later did it occur to him that no one had asked whether automating cheque processing at scale was socially desirable, or what knock-on effects it might have. “It never occurred to me to ask,” he admitted. ...

In 1991, The Tech at MIT published an interview with Joseph Weizenbaum, the computer scientist best known for creating ELIZA and later becoming one of the field’s sharpest internal critics. Speaking with Diana ben‑Aaron, he dissected the role of computers in education, their entanglement with the military, and the ethical evasions of scientists. Three decades later, his words are less a time capsule and more a mirror — the issues he named have not only persisted but mutated into modern forms, from AI hype cycles to tech‑military partnerships dressed up in start‑up chic. This post is a “then/now” rendering of that interview: his points in their original spirit, and how they look in the world of 2025. ...

Threat modelling for zero-day vulnerabilities is a peculiar exercise in preparing for the unknowable. These are not the comfortable, catalogue‑ready bugs that live in CVE databases. These are the ones nobody—least of all the vendor—has seen fit to admit exist. They arrive without warning, without a patch, and with precisely zero days’ notice before being exploited. The task, therefore, is less about ticking boxes and more about building the sort of resilience that can withstand the unexpected without falling to pieces. ...