Threat Actors Abuse GitHub Notifications to Deliver Vishing Attacks 

Posted in Commentary with tags on March 9, 2026 by itnerd

The Fortra Intelligence and Research Experts (FIRE) team have uncovered a new phishing tactic that abuses legitimate GitHub notification emails to deliver vishing scams. The research shows how attackers are using trusted infrastructure to get malicious messages into inboxes.

Key findings:

  • Attackers hide vishing lures in GitHub commit messages, which generate legitimate notification emails from noreply@github.com.
  • Researchers say this is the first observed use of GitHub commit messages to distribute vishing scams.
  • Notifications are forwarded through Microsoft 365, helping the messages pass authentication checks and evade filters.
  • The lures impersonate brands such as PayPal and Norton and urge victims to call fake support numbers.

The report is published here: https://www.fortra.com/blog/threat-actors-abuse-github-notifications-to-deliver-vishing-attacks

Mega raises $11.5M to give every SMB an enterprise-grade growth team, without the agency

Posted in Commentary with tags on March 9, 2026 by itnerd

Most small to medium business owners have the same relationship with their marketing agency: they pay for effort and hope it turns into outcomes. It rarely feels like a fair trade. Mega is built to fix that. Today, the company announced an $11.5 million Series A to scale a full-service AI growth engine for SMBs – a platform that replaces traditional agencies with a network of AI agents delivering predictable growth without the overhead.

The Series A funding round was led by Goodwater Capital with participation from Andreessen Horowitz, Atreides, SignalFire and Kearny Jackson. It also includes WNBA stars Diana Taurasi, Breanna Stewart, Kelsey Plum and Nneka Ogwumike. 

The problem is structural. SMBs today are expected to compete in a digital ecosystem built for enterprises, across SEO, paid ads, websites, and emerging AI channels. Agencies are expensive relative to SMB budgets, quality varies wildly, execution is manual, and iteration is slow.  At the same time, AI marketing tools have flooded the market, but most still require business owners to learn and operate complex software. Mega takes a different approach by delivering services via software. Instead of managing tools, customers receive execution and measurable performance.

Mega’s core product is an AI-powered growth engine designed specifically for businesses generating roughly $500,000 to $20 million in revenue. The platform uses a network of specialized AI agents to handle SEO, GEO, paid ads, and website management. From the customer’s perspective, it feels like hiring a high-quality growth team, but it runs as software. The system plans, executes, optimizes, and reports continuously. If a customer signs up and never logs in, their marketing still runs and improves.

Mega’s path to market was unplanned. During Covid, the team was building a video game company. When ChatGPT launched, they began experimenting early, building internal AI tools to accelerate their own growth. Organic traffic increased 100 times. Paid customer acquisition costs dropped by 80 percent. When co-founder Lucas Pellan shared the tools with founder friends, the response was immediate and repeated: can we have that. 

With Mega, approximately 55 percent of the work is fully automated, 35 percent is mostly automated with humans in the loop, and 10 percent is executed end to end by humans. This hybrid structure allows Mega to deliver consistent, scalable performance while maintaining quality control. Every campaign feeds data back into the system, improving creative generation, audience targeting, bidding strategies, and optimization logic across the entire customer base.

Mega’s own trajectory reflects the demand for this model. The company went from zero to $10 million in revenue in 10 months. Customers span home services, law firms, healthcare businesses, ecommerce brands, and software companies. 

In one case, Mega helped a Texas medical spa grow search traffic by 174 times. A personal injury law firm increased search visibility by 243 times and began ranking in the top three for key terms. A D2C health brand drove $120,000 in direct website revenue and surpassed its Amazon marketplace performance without increasing ad spend. On average, Mega helps customers grow 20% faster.

The market is massive and underserved. Tens of thousands of marketing agencies serve SMBs across North America, yet most businesses still struggle with unpredictable lead flow, poor ROI, and no visibility into what is working. As digital channels get more competitive and expensive, the gap keeps widening. AI now makes it possible to close it. 

Looking ahead, Mega plans to expand beyond SEO, ads, and websites into managing the entire revenue generation engine for SMBs, including email, outbound, organic social, lead qualification, sales operations, and reporting. The long-term vision is to provide a fully automated growth infrastructure that allows small and mid-sized businesses to compete with enterprise-grade marketing capability, without enterprise overhead.

CData Expands Connect AI Platform with New Agent Tooling and Enterprise-Grade Security

Posted in Commentary with tags on March 9, 2026 by itnerd

CData Software today announced major enhancements to CData Connect AI at the Gartner Data & Analytics Summit (Booth #308). The updates extend CData’s managed Model Context Protocol (MCP) platform with new capabilities across connectivity, context, and control, the three pillars required to move AI from experimentation to production.

Why AI Stalls Before Production

AI investment is accelerating. “Gartner®¹ says worldwide AI spending will total $2.5 trillion in 2026.” But spending isn’t translating into results. Most generative AI initiatives still stall before reaching production. The bottleneck isn’t model capability, it’s the data infrastructure underneath. Without live connectivity to business systems, semantic intelligence that gives data context to AI, and governance controls that enforce security at scale, AI initiatives fail to deliver business value.

CData’s own State of AI Data Connectivity Report reinforces this reality. Only 6% of organizations are satisfied with their current data infrastructure for AI. More than half still rely on custom-built integrations that can’t scale. And 71% of AI teams spend over a quarter of their implementation time on data integration alone, time spent wiring plumbing instead of building intelligence.

Connect AI: Connectivity, Context, and Control in a Single Platform

CData Connect AI is purpose-built to address the data infrastructure gaps that prevent AI from reaching production. Today’s enhancements extend the platform across all three pillars

Connectivity: Connect Gateway and 350+ Data Sources

Connect AI provides live, read-write access to more than 350 business systems, without replication or data movement. The new Connect Gateway extends this reach to data sources behind the firewall, with support for SAP, SQL Server, and PostgreSQL, and more. The result: AI systems can operate against live data regardless of where it resides.

Context: Expanded Agent Tooling and Toolkits

AI agents need business-aware context to choose the right actions and avoid unnecessary MCP tool calls. But exposing too much context creates new risks: increased token usage, model confusion, and unintended access to sensitive data or operations. Connect AI addresses this challenge with a scoped MCP architecture that precisely controls what each agent can see and do. This release introduces three complementary tool types:

  • Universal Tools provide a normalized set of operations that work consistently across all 350+ connected systems. Instead of exposing hundreds of system-specific tools, agents receive a compact, schema-aware interface ideal for data exploration, ad-hoc analysis, and multi-source reasoning — without tool surface bloat.
  • Source Tools expose tightly defined operations specific to each system. These tools map directly to approved system actions, allowing IT teams to enforce predictable execution, transactional safety, and auditability for production workflows.
  • Custom Tools allow organizations to define purpose-built operations tailored to specific workflows. These tools execute pre-optimized queries with explicit data access limits — reducing token usage, improving performance, and eliminating unintended data exposure.

Workspaces define the data boundary for each agent by specifying exactly which datasets, schemas, or views are accessible. New Toolkits define the action boundary by determining which Universal, Source, or Custom Tools are available. Each Workspace and Toolkit combination can be deployed as a dedicated MCP server, ensuring that agents operate only within their intended scope; reducing context noise, strengthening governance, and delivering enterprise-grade control over agent behavior.

Control: SCIM and Custom OAuth Applications

Connect AI enforces per-user authentication with native source-system permissions applied dynamically at runtime, backed by full audit trails. New governance enhancements include SCIM 2.0 for automated identity lifecycle management and Custom OAuth Applications that enable organizations to use first-party credentials to meet internal security and compliance requirements. Every query is authenticated, authorized, and auditable.

The 25% Accuracy Gap: Why Architecture Matters

MCP is becoming the default interface between AI agents and business software. But how accurately do MCP providers actually return data? To find out, CData tested five MCP providers, representing the major architectural approaches in the market, across four sources (CRM, project management, data warehouse, and ERP) using 378 real-world prompts. Every response was scored against pre-established ground truth. No partial credit.

The results revealed a significant accuracy gap. CData Connect AI achieved 98.5% accuracy (67 of 68 correct responses). The other providers ranged from 65% to 75%—failing on one out of every three to four queries. The failures weren’t random: they clustered around relative date logic, multi-filter queries, semantic interpretation of business terms, and write operations, exactly the kinds of tasks AI agents need to perform reliably every day.

For organizations moving beyond copilots toward autonomous agents that read, write, and act on live business data, this gap is decisive. At 75% accuracy, an AI agent fails one out of every four actions. And that inaccuracy compounds: 75% accuracy across a five-step workflow means less than 24% of processes complete successfully. A 75% accuracy rate becomes a 75% failure rate.

Most MCP providers translate natural language directly into API calls, which works for simple lookups but breaks down when queries require date math, multi-condition filtering, or platform-specific business logic. Connect AI uses a relational abstraction layer with semantic intelligence that understands entity relationships, business conventions, and workflow rules. That’s why it maintained near-perfect accuracy across every platform tested, including ERP, where the vendor’s own native MCP server failed completely.

View the full benchmarking methodology and results here: https://www.cdata.com/lp/ai-accuracy-whitepaper/

Organizations deploying AI in production need an accuracy rate that prevents autonomous agents from creating more cleanup work than they save. Connect AI is built to clear that bar because connectivity, context, and control aren’t just platform features. They’re what makes accuracy at scale possible.

CData at Gartner Data & Analytics Summit

CData will be at the Gartner Data & Analytics Summit at Booth #308, where attendees can connect with the team and see the latest in universal data connectivity.

Speaking Session: AI Agents and the Future of Digital Work with Microsoft — CData Chief Product Officer Ken Yagen will take the stage alongside Microsoft Partner Director of Product Management James Oleinik on Wednesday, March 11 (11:15–11:45 AM EDT). The session will present a joint blueprint for moving from AI pilots to production-ready agentic AI, exploring how Copilot Studio and universal data connectivity can deliver the governed infrastructure enterprises need as Gartner predicts 40%+ of agentic AI projects will be canceled by 2027 without the right architecture in place.

Supporting Resources

  • The 25% Accuracy Gap: MCP Provider Performance Across Enterprise Workloads — CData’s benchmark of five MCP providers across 378 enterprise queries found a 25+ percentage point accuracy gap, with CData Connect AI achieving 98.5% accuracy compared to 65–75% for other providers. Download the whitepaper: https://www.cdata.com/lp/ai-accuracy-whitepaper/
  • The State of AI Data Connectivity Report: 2026 Outlook — Based on research with 200+ data and AI leaders and insights from AI pioneers at Microsoft, AWS, and Google, CData’s report found that only 6% of enterprises consider their data infrastructure fully ready for AI — establishing a direct link between data infrastructure maturity and AI success. Download the report: https://www.cdata.com/lp/ai-data-connectivity-report-2026/

¹ Gartner, Inc., “Gartner Says Worldwide AI Spending Will Total $2.5 Trillion in 2026,” Gartner.com (Jan. 15, 2026), accessed Feb. 20, 2026, https://www.gartner.com/en/newsroom/press-releases/2026-1-15-gartner-says-worldwide-ai-spending-will-total-2-point-5-trillion-dollars-in-2026
GARTNER is a trademark of Gartner, Inc. and/or its affiliates.

How the February 28 Strikes Triggered a New Wave of AI-Assisted Attacks on US Critical Infrastructure

Posted in Commentary with tags on March 9, 2026 by itnerd

CloudSEK has posted a pair of research reports that are highly relevant to the cyber dimension of the Iran-US conflict, especially in light of developments since the February 28 strikes.

Following the February 28 US-Israel strikes on Iran, CloudSEK has documented an immediate and significant surge in Iranian-aligned cyber activity targeting US critical infrastructure, with AI now acting as a direct force multiplier for threat actors.

The key findings:

  • Over 60 Iranian-aligned hacktivist groups activated on Telegram within hours of the February 28 strikes, the largest single-event mobilization of this ecosystem ever recorded.
  • An Electronic Operations Room was formed on Telegram to coordinate attacks, operating on ideological initiative rather than central state direction, which makes activity harder to predict and constrain.
  • More than 40,000 US industrial control systems are currently reachable on the public internet, many with default or no credentials, representing an immediately exploitable attack surface.
  • CloudSEK researchers demonstrated that an actor with no prior ICS knowledge can move from intent to a working list of accessible US industrial targets in under five minutes using AI tools and passive reconnaissance. No scanning, no exploitation, no specialist knowledge required.
  • The same AI platforms now embedded in US defense operations are accessible to threat actors for offensive reconnaissance, creating a dual-use dynamic that significantly widens the threat.

Both reports are primary-sourced, technically detailed, and directly tied to the current conflict escalation. The full write-ups are here:

Report 1: AI, the Iran-US Conflict, and the Threat to US Critical Infrastructure
https://www.cloudsek.com/blog/ai-the-iran-us-conflict-and-the-threat-to-us-critical-infrastructure

Report 2: Threat Actor Landscape Assessment of ICS/OT Targeting in the 2026 Iran-US Conflict
https://www.cloudsek.com/blog/a-threat-actor-landscape-assessment-of-ics-ot-targeting-in-the-2026-iran-us-conflict-and-the-scale-of-the-risk

ESET Opens 2026 Women in Cybersecurity Scholarship Applications Across Canada on International Women’s Day

Posted in Commentary with tags on March 9, 2026 by itnerd

ESET today announced the opening of applications for its Women in Cybersecurity North American Scholarship, launching on International Women’s Day in alignment with the 2026 theme, #GiveToGain. Now entering its 11th year, the program continues ESET’s longstanding commitment to support and empower women pursuing careers in cybersecurity through financial assistance, mentorship, and community-building.

Originally established in 2016 in the United States and expanded to Canada in 2021, ESET’s Women in Cybersecurity Scholarship was one of the earliest initiatives of its kind in the industry. In Canada alone, the program has awarded more than $50,000 to 14 women, expanding from one $5,000 award in its first year to $15,000 across three scholarships today. Many recipients have gone on to build successful careers in cybersecurity and technology.

The need for continued action remains clear. According to the most recent (ISC)² Cybersecurity Workforce Study, approximately 22% of the global cybersecurity workforce is comprised of women, a sign of gradual progress but continued underrepresentation across the industry. In Canada, women account for 21.2% of cybersecurity professionals, underscoring the need for initiatives to expand access and strengthen the talent pipeline. As emerging technologies like AI reshape the threat landscape, a diversity of perspectives is critical to developing ethical and effective solutions.

For the 2026 application cycle, ESET Canada will award three $5,000 awards to applicants demonstrating strong technical aptitude, leadership potential, and a commitment to cybersecurity.

DETAILS AND HOW TO APPLY

Applications are now being accepted for the 2026 round and submissions must be received by 11:59 p.m. PT April 8, 2026. Applicants can learn more about the scholarships and submit their application by visiting ESET’s dedicated webpages. If you’re a Canadian student, apply here. Questions? Email us at CA-scholarship@eset.com [Canada-only inquiries] with any questions.

Ubitium tapes out universal processor to end embedded computing complexity crisis

Posted in Commentary with tags on March 9, 2026 by itnerd

Ubitium today announced the tape-out of its first silicon on Samsung Foundry’s 8nm process. The tape-out was completed in December 2025. The chip is the first universal RISC-V processor to replace the stack of specialized processors used in modern embedded systems.

Embedded computing, a $115 billion market, has reached a breaking point. Cars once ran on one processor; today’s vehicles contain more than 200, each with its own toolchain, software stack and supplier. Performance is no longer the only limiting factor. Complexity is. As AI workloads move into robots, drones, and industrial machines, this complexity becomes unsustainable.

Ubitium builds on RISC-V, the open-source architecture already used in billions of chips worldwide and extends it beyond a conventional CPU. Its universal processor runs Linux and RTOS simultaneously, handles radar and audio signals in real time, and executes neural networks for inference at the edge, without separate accelerators or coprocessors. Full RISC-V software compatibility preserved. 

Ubitium does for embedded compute what software-defined radio did for wireless: replaces fixed-function hardware with one reconfigurable silicon. The result: embedded systems that ship faster, cost less, and have long product lifecycles.

Ubitium is working with Samsung Foundry, Siemens Digital Industries Software and ADTechnology as it advances toward production silicon.

Ubitium’s founders have spent decades building programmable architectures and the software stacks that unlock them at scale. CTO Martin Vorbach created PACT XPP, an early commercial reconfigurable processor, and holds 200+ processor-architecture patents. The core team combines deep industry experience from Intel, Texas Instruments, Apple and NVIDIA, with 350+ peer-reviewed publications.

The tape-out validates the foundational components of Ubitium’s architecture: the Universal Processing Array with runtime reconfiguration and LPDDR5 memory interface. A second tape-out is targeted for later this year, with volume production in 2027.

Technical Notes

  • Workload coverage: Ubitium’s universal processor spans general-purpose computing, real-time signal processing, and massively parallel AI inference on a single die; in a homogeneous architecture
  • Software stack: Full Linux and RTOS support, standard RISC-V toolchains, and compatibility with modern software frameworks. No need for proprietary languages or vendor-specific compilers.
  • Target applications: Radar and multi-sensor signal chains, real-time audio and voice, computer vision, edge AI, automotive cockpits, industrial HMI.
  • Runtime adaptability: The Universal Processing Array shifts execution mode at runtime (CPU, DSP, GPU, parallel accelerator) without context-switch penalty or external offload.
  • System consolidation: One processor, one toolchain, one qualification cycle. Reduces BOM cost, board complexity, and supplier dependencies across product lifecycles.

Today Is International Women’s Day

Posted in Commentary on March 8, 2026 by itnerd

International Women’s Day 2026 is being celebrated today under the theme “Give To Gain,” emphasizing support, collaboration, and gender equality. Since this is a tech blog, I reached out to a pair of women in tech to get their views on this important day.

Margaret Hoagland, VP, Global Sales & Marketing, SIOS Technology

“On International Women’s Day, we honor the courage of women like Anita Hill, Ruth Bader Ginsburg, and Malala Yousafzai—whose bravery and sacrifice reshaped the future for women everywhere. Their leadership expanded rights, opportunity, and voice. But progress is not permanent. Without our continued vigilance and action, the gains they fought for can be eroded. Let us honor their legacy not only with words, but with sustained action to protect and advance equality for the next generation.”

Betsy Doughty, Vice President of Partner Marketing, Hammerspace

Gender equality advances when we choose to build it – deliberately, consistently, and together. Throughout my career, whether leading employee resource groups, running WILD (Women Inspiring Leadership Development), mentoring women at CU Leeds, or learning from mentors myself, I’ve seen that progress doesn’t happen by accident; it happens through intentional connection. The theme Give to Gain reflects what I’ve experienced firsthand: when we give time, advocacy, and opportunity, we gain perspective, growth, and stronger communities in return. What I’ve experienced firsthand is that when we give time, advocacy, and opportunity, we gain perspective, growth, and stronger communities in return. Nowhere is that more evident than in mentorship and networking, and particularly women learning from other women.

Mentorship changed everything for me. Early in my career, mentors recognized my potential before I could articulate it myself. They listened, advocated, and created opportunities that altered my trajectory. They showed me that great mentors don’t hold talent in place – they help it move forward. Over time, I stepped into mentoring roles of my own, offering guidance, opening doors, and supporting women at pivotal moments in their careers. What surprised me most was how much I gained in return: clarity, self-reflection, fresh perspective, and the privilege of watching confident, capable leaders emerge. You don’t need to be at the peak of your career to mentor; you simply need to share what you’ve learned so far.

Networking plays a similarly powerful role. For women, especially, access to networks builds visibility, confidence, and a sense of belonging. Creating intentional spaces for connection fosters shared language around growth and leadership, turning individual success into collective momentum. For me, Give to Gain is not an abstract idea—it’s a lived experience. Every time we choose to lift one another as we climb, we strengthen not just individual careers, but the foundation for lasting gender equality.

CloudSEK Identifies 40,000+ Exposed US Industrial Systems Vulnerable to AI-Assisted Recon as Iranian-Aligned Groups Mobilise

Posted in Commentary with tags on March 6, 2026 by itnerd

CloudSEK researchers have documented how artificial intelligence has fundamentally collapsed the barrier to targeting industrial control systems, compressing what once required weeks of specialist knowledge into a five-minute reconnaissance workflow. 

The findings come as the 28 February 2026 US-Israel strikes against Iran triggered the largest single-event activation of Iranian-aligned cyber actors ever documented, with over 60 hacktivist groups mobilising within hours – many without deep ICS expertise, but now equipped with AI tools that make that expertise unnecessary.

Key Findings

  • CloudSEK identified 40,000+ internet-exposed US industrial control systems immediately discoverable using AI-assisted reconnaissance – and confirmed that a passive five-minute workflow using free tools can identify live devices, retrieve default credentials, map accessible interfaces, and enumerate CVEs without authenticating to or probing a single system.
  • OpenAI confirmed in October 2024 that Iranian-affiliated actors (CyberAv3ngers) used ChatGPT to conduct ICS reconnaissance, querying default credentials for industrial devices, generating Shodan search strings, and requesting automation scripts – one of the first documented use of a commercial LLM by a state-affiliated actor against critical infrastructure.
  • More than 60 Iranian-aligned hacktivist groups mobilised within hours of the 28 February 2026 strikes. The death of Supreme Leader Khamenei disrupted IRGC command structures, removing the political constraints that historically governed Iranian cyber targeting. Proxy and hacktivist groups now operate without accountability for civilian harm.
  • US government reporting confirms 75+ US ICS devices were compromised in campaigns linked to the same threat ecosystem, including 34+ in the Water and Wastewater sector. The 2023 Aliquippa water plant compromise – forced onto manual operations by a default password – is the documented template these groups are replicating.
  • Internet exposure across OT and ICS environments is worsening: 35% year-on-year growth in exposed systems and a 160% surge in Unitronics port 20256 exposure, despite two years of CISA advisories following the Aliquippa attack (ReliaQuest, H1 2025).

Why This Matters

The real shift is not in malware sophistication. It is in speed, scale, and accessibility. AI is enabling less technically mature actors to perform ICS reconnaissance that once required years of specialist knowledge.

 In a conflict environment where over 60 groups are simultaneously activated and seeking accessible targets, AI compresses the cycle from intent to impact.

CloudSEK researchers reproduced the AI-assisted reconnaissance chain as a passive research exercise, mirroring the confirmed methodology. Following the same process, researchers identified multiple live instances of unauthenticated, internet-exposed ICS systems with direct operational impact potential. 

CloudSEK notes that the passive nature of this research, standard HTTP requests against publicly indexed systems, is indistinguishable from what a threat actor would perform.

The cyber fallout from the Iran-US conflict is not limited to advanced state-linked operators. Loosely aligned hacktivists and proxy actors can now use AI-assisted workflows to identify and prioritise exposed industrial assets in real time, increasing the risk of opportunistic disruption to water treatment, energy distribution, fuel management, and manufacturing operations.

The same 28 February window also saw OpenAI confirm a partnership with the US Department of Defense, triggering a 295% spike in ChatGPT app uninstalls (Sensor Tower via TechCrunch). As commercial AI platforms face governance pressure around military use, threat actors migrate to unconstrained alternatives. The safety guardrails that limited CyberAv3ngers on ChatGPT in 2024 are a floor, not a ceiling.

Immediate Defensive Priorities

CloudSEK recommends that organisations urgently:

  • Remove ICS management interfaces from the public internet immediately and place them behind VPN. This single action eliminates the AI-assisted passive reconnaissance attack path entirely.
  • Change default credentials on all deployed ICS devices. The Unitronics default password 1111 is in a vendor manual, in CISA Advisory AA23-335A, and in active use on internet-exposed devices today.
  • Block industrial protocol ports at the perimeter: TCP 20256, 102, 502, 44818, 1911 and UDP 47808 have no legitimate reason to be directly internet-accessible.
  • Audit all third-party remote access to OT environments. IT managed service providers with tools on OT networks are confirmed entry points for supply chain attacks.
     

CloudSEK’s findings are based on passive reconnaissance of publicly indexed information and exposed web interfaces, without logging into or actively probing any system.

You can read the research here: AI, the Iran-US Conflict, and the Threat to US Critical Infrastructure | CloudSEK

The Company Reviewing Meta Glasses Footage Has a Security Problem

Posted in Commentary with tags on March 6, 2026 by itnerd

Mike Bell, Founder and CEO of Suzu Labs, has just published the research blog “The Company Reviewing Your Meta Glasses Footage Has a Security Problem.” 

“Last week, Swedish journalists revealed that Meta sends video footage from Meta Ray-Ban smart glasses to human data annotators at Sama, a San Francisco-based outsourcing company that runs its annotation workforce out of Nairobi, Kenya. Workers described seeing footage of people in bathrooms, bedrooms, and intimate situations. The UK’s Information Commissioner opened a probe. The story dominated privacy news for days,” Bell said.

“Nobody asked the obvious follow-up question. How secure is Sama? We did. And the answer isn’t reassuring.”

Sama Credential Exposure on the Dark Web: Suzu Labs ran dark web intelligence against Sama’s corporate domain (sama.com) using its threat intelligence platform. Within the last 90 days alone, Suzu Labs identified 118 credential entries tied to sama.com circulating across Telegram channels, underground forums, and breach databases. The results were alarming, including the fact that eighty-three of the entries included plaintext passwords.

Suzu Labs research reveals just how shaky Sama’s current (December 2025-Feb. 2026) security posture is. “Most of these credentials didn’t come from some third-party breach where Sama employees happened to have accounts. Roughly 87% came from info-stealer malware logs. That means malware was running on machines used by people with sama.com email addresses, pulling credentials and session tokens directly off the endpoint. The stealer takes everything on the machine. It doesn’t filter by importance.”

The research also evaluates risks to AI training data and other Sama clients, and offers recommendations – for Meta, for Sama, and for every organization.

The Company Reviewing Your Meta Glasses Footage Has a Security Problem: https://suzulabs.com/suzu-labs-blog/the-company-reviewing-your-meta-glasses-footage-has-a-security-problem

2015 vs. 2025: How password habits have evolved over the past 10 years

Posted in Commentary with tags on March 6, 2026 by itnerd

ExpressVPN has published an article on the evolution of password security over the past 10 years. Cybersecurity researcher Jeremiah Fowler has published an analysis of part of the data from the recent 149 million credentials leak on the ExpressVPN blog, comparing current password habits with those from a decade ago.

During this research, Jeremiah noted some interesting and concerning findings:

  • Only 15% of the passwords from 2025 could be classified as complex.
  • 85% of current passwords typically contain known patterns from prior breaches or password-guessing models.
  • It’s still common for people to reuse passwords across multiple accounts.

Jeremiah published his detailed report on the ExpressVPN blog here: https://www.expressvpn.com/blog/password-security-2015-vs-2025/