December 4, 2025
Microsoft quietly shuts down Windows shortcut flaw after years of espionage abuse
Silent Patch Tuesday mitigation ends ability to hide malicious commands in .lnk files Microsoft has quietly closed off a critical Windows shortcut file bug long abused by espionage and cybercrime networks.…
Aisuru botnet turns Q3 into a terabit-scale stress test for the entire internet
Cloudflare data shows 29.7 Tbps record-breaker landed amid 87% surge in network-layer attacks The internet has spent the past three months ducking for cover as the Aisuru botnet hurled record-shattering DDoS barrages from an army of up to 4 million infected machines.…
TLS 1.3 includes welcome improvements, but still allows long-lived secrets
Tricky tradeoffs are hard to avoid when designing systems, but the choice not to use LLMs for some tasks is clear Systems Approach As we neared the finish line for our network security book, I received a piece of feedback from Brad Karp that my explanation of forward…
Rust core library partly polished for industrial safety spec
Ferrous Systems achieves IEC 61508 (SIL 2) certification for systems that demand reliability Memory-safe Rust code can now be more broadly applied in devices that require electronic system safety, at least as measured by International Electrotechnical Commission (IEC) standards.…