Vulnerable U
Infosec's favorite weekly newsletter for news, tools, and tips with 28,000+ CISOs, founders, change-makers, and straight up hackers.
Connect
Data brokers enabling violence, New trick to use discord to spread malware, Widespread Grafana account takeover bug,
An inside look at Vance Boelter’s use of 11 people-search services to track and attack officials, and why weak U.S. privacy laws still leave every home address exposed.
Grocery supply chain hack leaves shelves empty, 0-click Microsoft 365 Copilot vulnerability, massive internet outage, my Sleuthcon trip report, and much more!
Front-row notes on ransomware franchising, residential-proxy abuse, and the crypto money-trail analytics reshaping modern threat hunting
June 2025 breach forces UNFI to take critical systems offline, triggering order backlogs, an FBI investigation, and scrutiny of critical infrastructure.
Deep dive into call screening, messages filtering, on-device AI, PCC, and promised RCS encryption - what they mean for security and privacy
Google Threat Intel Voice Phishing Knowledge Drops, Massive critical Cisco bug, Meta caught tracking data they weren't supposed to, and much more!
Analysis of leaked builds, chat logs and wallet tables uncovers how new affiliates fuel global ransomware attacks.
ASUS botnet, Everything is a C2 (even you're calendar), Bitcoin related kidnappings and violence continue, Fake AI Video Generators are delivering malware, and much more!
How attackers use clipboard PowerShell stagers and brand-spoofed links to bypass macros and drop a .NET RAT.
Treasury’s May 29 action freezes Funnull’s IP pools and prefab scam kits. An estimated $200 million in U.S. losses tied to this turnkey infrastructure provider.
Analysis of the May 28 breach shows tight scope but zero transparency. Here’s what MSPs must do to validate their defenses.