Subscribe
Sign in
Home
Notes
SitReps
Signal
Archive
About
DHOM SitRep #002: First Chrome Zero-Day of 2026, Singapore Evicts Chinese Hackers from All 4 Telcos, and AI-Built Malware Goes Multi-Cloud
CVE-2026-2441 hits 70% of browsers. UNC3886 owned Singapore's telecom backbone. VoidLink is the first malware framework built by AI. Plus: PANW closes…
Feb 17
•
Marcus J. Carey
1
1
First Chrome Zero-Day of 2026 Is Being Exploited Right Now — Update Every Chromium Browser You Own
CVE-2026-2441: A use-after-free in Chrome's CSS engine. Google won't say who's exploiting it. Patch is live. Don't wait for auto-update.
Feb 16
•
Marcus J. Carey
2
1
OpenAI Built an AI That Can Hack Hardened Targets — Now They're Deciding Who Gets to Use It
GPT-5.3-Codex is the first AI model its own maker calls ‘high risk’ for cyber. The Trusted Access program is their answer. Is it enough?
Feb 16
•
Marcus J. Carey
1
70 Orgs Hacked Across 37 Countries — And the Vendor That Found It Won’t Say Who Did It
Unit 42's Shadow Campaigns report exposes massive state espionage. Reuters says Palo Alto stripped the China attribution. Here's why it doesn't matter.
Feb 15
•
Marcus J. Carey
BeyondTrust's Treasury Breach Flaw Has a Sequel — And Attackers Found It in 24 Hours
CVE-2026-1731: AI found it, hackers exploited it, CISA gave you 3 days to patch.
Feb 15
•
Marcus J. Carey
1
DHOM SitRep #001: OpenClaw Exposes 135K Agents, Notepad++ Supply Chain Owned for 6 Months, and Microsoft Patches 6 Zero-Days
AI agents are the new shadow IT. Plus, a state-sponsored supply chain attack hid in plain sight, and Patch Tuesday brings six actively exploited…
Feb 13
•
Marcus J. Carey
2
1
1
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
