Hungary update: All the ministerial appointments from the new govt. have so far been completely sane and reasonable. Real experts with vaguely reasonable opinions, not yes-men or corrupt family members.

This shouldn't feel like it's news, but after 16 years of Orban's cleptocracy I have such a hard time processing this. As if one day Putin lost an election and suddenly the country was just ... normal??? I fully know we're in a honeymoon phase, but it is also just so incredibly liberating to see

"Elon Musk’s legal team on Tuesday told a jury that the billionaire had sued OpenAI on moral principle"

Ah. So it's not a legal issue and thus this case should be thrown out immediately. Next.

Over 600 Google employees tried to stop the company from signing a deal with the Pentagon but that made no difference as the deal was confirmed signed this morning.

Anthropic seems to be the only AI company that has bowed out from its technology being used for “classified work” by the military.

-UK NCSC blasts SOC metrics
-Vimeo got hacked
-Greece wants to ban anonymity on social media
-Scatter Spider hacker arrested in Finland
-Ukrainians hacked Russian satellite comms platform
-Leak at Asian soccer federation
-China's surveillance system left exposed online
-Handala leaks US Marines data
-Checkmarx incident blamed on Lapsus$
-Mystery outage takes out tens of piracy sites
-US privacy fines go over $3.4b

Podcast: risky.biz/RBNEWS557/
Newsletter: news.risky.biz/risky-bulletin-…

🎙️ Risky Business #835 -- Why the Fast16 malware is badass

risky.biz/RB835/

The Ghostty founder is leaving GitHub

When you read his blog post, I want you to keep this image in your mind

mitchellh.com/writing/ghostty-…

The Elastic security team is open-sourcing CI/CD Abuse Detector, a collection of drop-in CI templates that use an LLM to detect suspicious changes to CI/CD pipelines, workflows, and automation configurations.

elastic.co/security-labs/detec…

github.com/elastic/cicd-abuse-…

53% of all known bad IPs are coming from VPNs or residential proxy networks, even if they account for just under 10% of all the IP population

"The signal here is concentration. When abuse occurs, it’s often [...] infrastructure designed to abstract identity and location."

ipinfo.io/blog/vpns-residentia…

A third of all Apple Music content is AI slop songs that nobody's listening to

appleinsider.com/articles/26/0…

Tens of pirate streaming sites have gone dark this week after their shared backend, a suspected Piracy-as-a-Service provider, went down under mysterious circumstances

torrentfreak.com/sflix-myflixe…

CISA finds a security bug in NSA's GRASSMARLIN OT-mapping app

cisa.gov/news-events/ics-advis…

The Greek government plans to ban anonymity on social media networks.

Officials cited the rising levels of toxicity in online comments, coordinated harassment, fake news, and political manipulation.

greekcitytimes.com/2026/04/28/…

I was wondering who's gonna be smart enough to buy John's product

socket.dev/blog/socket-acquire…

GitHub has fixed a major vulnerability that could have allowed threat actors to take over its own servers.

The bug could have been exploited using a custom, maliciously crafted "git push" operation.

github.blog/security/securing-…

A cat can never be held accountable. Therefore a cat must never take the blame.

(This message brought to you by the Council of Cats)

The Vect ransomware is destroying large files due to a buggy encryption, so don't pay their ransom

research.checkpoint.com/2026/v…

Scattered Spider member Bouquet was arrested in Finland

He was identified as 19yo Peter Stokes, a dual US-Estonian citizen

chicagotribune.com/2026/04/27/…

Chrome extension devs are blatantly selling your data and not even hiding it anymore because nobody reads the ToS these days

layerxsecurity.com/blog/your-e…

Checkmarx confirms that its supply chain attack was carried out by Lapsus$ after the group leaked their data over the weekend

I'm wondering if they knew before that... or they found out like the rest of us from the leak

checkmarx.com/blog/supply-chai…