The landing site for Trackr Services
Stanford fabricated and measured a memory-on-logic 3D chip in a US foundry; Huawei announced a logic-folding design method and a new scaling law with no independent audit yet. Same wall, opposite evidence bars.
A self-propagating npm worm poisoned 32 @redhat-cloud-services packages on June 1, 2026 — and because it published through Red Hat’s own OIDC pipeline, the malicious versions carried legitimate SLSA provenance. Here’s the scope, the mechanism, and the rotation list.
A CVSS 9.8 stack-based buffer overflow in Windows Netlogon gives an unauthenticated attacker code execution on a domain controller. Microsoft called exploitation ‘less likely.’ Belgium’s CCB says it’s happening now.
System-preferred authentication is moving to the first factor, the password prompt is about to vanish for passkey holders, and break-glass accounts are not exempt from mandatory MFA. Here’s what that actually changes for Entra defenders and home users.
A defender’s view of indirect prompt injection in MCP-connected and tool-calling LLM agents — what the telemetry actually looks like, where detections originate noise, and how to map containment to 800-53.
CIFSwitch is a local-root flaw in the Linux kernel’s CIFS client that a researcher surfaced with AI-assisted analysis after it sat untouched since 2007. The kernel piece is real, but whether it touches you is a configuration question, not a kernel-version one.
Chinese state actors have been inside major U.S. carrier networks for months to years. Here is what enterprise defenders should actually do about it — detection logic, SIEM specifics, and the control updates that matter.
Wildcarded sub claims in IAM trust policies for GitHub Actions OIDC are still the most common cloud-CI footgun in 2026. Here’s the detection that actually catches it, and the tuning round that has to happen before the SOC stops ignoring the alert.
Image-mode RHEL moves the host into an ostree-backed, container-built world. The threat model shifts up the stack, and most detection content built for traditional EL hosts quietly stops working.
CVE-2026-48095 is a heap buffer overflow in 7-Zip’s NTFS handler reachable from any file extension because of signature-based fallback parsing. The fix shipped in 26.01 three days after the private report; public disclosure came 25 days later. PoC is public, the trigger is a one-line undefined shift, and the exploitable vtable sits 304 bytes from the overflow site. The patch is uncomplicated. The deployment surface isn’t.
