TryHackMe AI Data Controversy - Users Deleting Accounts. TryHackMe's launch of its AI pentesting tool "NoScope" sparked backlash after allegations surfaced that the platform used user-generated data to train AI models without explicit consent. The platform denied it, but its own marketing states that "millions of user journeys from TryHackMe give our agent unmatched vulnerability context." The only opt-out offered: delete your account. The irony of a security platform having trust and transparency issues with its own users has not gone unnoticed.

Users are migrating to alternatives including

FBI Director's Gmail Breach: Pro-Iranian group Handala leaked authentic emails (2010–2019) from FBI Director Kash Patel’s personal Gmail account, with TechCrunch verifying the headers as legitimate. Find out more

Dubai Airport Infiltration: The Iran-linked group Nasir Security claims a month-long breach of Dubai International (DXB), leaking passport photos of US and Emirati travelers along with security scans. In a bold display of confidence, the hackers have offered a $50,000 bounty to anyone who can detect their presence within the airport's network. Find out more

EU Commission Supply-Chain Hack: A massive 350GB data breach has hit the European Commission after hackers from TeamPCP compromised the Trivy security scanner to steal AWS keys. The leaked data, now published by the ShinyHunters group, includes sensitive emails and cloud configurations affecting 71 EU-related entities across 42 internal Commission entities and 29 other EU bodies. Find out more

New Iranian Cyber Arsenal: MuddyWater deployed four new malware families (GhostFetch, GhostBackDoor, HTTP_VIP, and CHAR) in Operation Olalampo, targeting MENA organizations. The Rust-based CHAR backdoor uses Telegram bots for C2, and researchers found signs of AI-assisted development in its code. Find out more.

KYCnot.me: Privacy Infrastructure Directory: A catalog of ID-free crypto and hosting services used by Red Teams to build anonymous infrastructure and by Blue Teams as a high-risk watchlist. – Tip by Piotr Kowalczyk

CertMap: An interactive map of global TLS Certificate Authorities (CAs) and their market dominance.Find out more

CERT Orange Polska Report 2025. 194 pages summarising 365 days of CERT Orange PL operations. Report (PL)

CERT-UA Analytical Report: Cyber Threats Ukraine (H2 2025). Report

Kremlin Hotline - Hungary Colluded with Russia to Delist Sanctioned Oligarchs: An investigation by our team and our partners - Anna Gielewska, Szabolcs Panyi (VSquare), Wojtek Cieśla (FRONTSTORY), Holger Roonemaa, Ilya Ber (Delfi Meedia), Michael Weiss (The Insider), Lukas Diko (Investigatívne centrum Jána Kuciaka) reveals how Budapest worked behind the scenes with Moscow to remove sanctioned Russian oligarchs, companies, and banks from EU sanctions lists. Find out more

India Arrests 6 Ukrainians and 1 American Under Anti-Terror Law: India's NIA detained American Matthew VanDyke and six Ukrainian nationals under the UAPA for allegedly entering Mizoram illegally, crossing into Myanmar, and training ethnic armed groups in drone warfare. The case carries a Russia-Ukraine dimension as Myanmar's military junta is one of Moscow's closest allies. Find out more

Frontex HQ Raided in Corruption Probe: The European Anti-Fraud Office (OLAF) raided Frontex headquarters in Warsaw as part of a corruption investigation targeting a high-ranking Italian official within the agency. Find out more

Chinese Espionage Indictment: Chu Cheng-chi (former DPP legislative assistant and Taipei city council primary winner) has been indicted for his role in a suspected Chinese intelligence operation aimed at political and technological infiltration. Find out more

Pipeline Sabotage Attempt: Explosives found near Serbia-Hungary Gas Link. Explosives were discovered near the critical gas pipeline connecting Serbia and Hungary, raising concerns over infrastructure sabotage in the Balkans. Find out more

Instagram testing New Subscription package. Instagram has confirmed live testing of a new subscription model for creators.

Something I recently stumbled upon out of curiosity: Do you know what these chat expressions mean and which country they come from? If you do, reply to this email with your answers!

Proton Meet Security Gap: Proton launched a "Swiss-secure," E2E encrypted Zoom alternative, but researchers found a major privacy catch. Find out more

Thunderbird Will Evaluate Encryption Keys. The Mozilla Thunderbird email client will now evaluate users' encryption keys and flag whether they are weak or secure.

Euro-Office: Europe's Sovereign Alternative to Microsoft Office. A coalition of European tech firms including IONOS, Nextcloud, Eurostack, XWiki, and OpenProject has launched Euro-Office, an open-source office suite for documents, spreadsheets, and presentations. Built on a fork of OnlyOffice under European governance, it supports DOCX/XLSX/PPTX and OpenDocument formats.

Anthropic Source Code Leak: A routine npm update for Claude Code accidentally included a source map file, exposing the tool's entire architecture over 500,000 lines of code and 1,900 files.

Trail of Bits: AI Agent Skills & Workflows Collection. Trail of Bits has published a collection of workflows and skills/plugins for AI agents, all free to use. Valuable for manual reading as well to upskill your own analytic tradecraft. Find out more

Malaysia OSINT Community (MOC) Launched. Akmal Taufik has officially established the Malaysia OSINT Community on LinkedIn, expanding the global network of regional OSINT communities. Find out more

ImageWhisperer OCR Update: Henk van Ess’s tool now detects AI-generated documents by scanning internal text for hidden "tell" prompts. In a recent demo, it caught an authentic-looking Polish hospital discharge summary that every other major AI detector missed. Check it here.

Netryx Astra V2 Geolocation: A new open-source engine that finds exact GPS coordinates from a single photo using pure computer vision. It ignores metadata and LLMs, instead analyzing architecture and textures to match against global street-level imagery.GitHub | Demo

coJournalist Update: Tom Vaillant's AI-powered journalism assistant can now extract and monitor social media profiles using Gemini's multimodal embedding and detect post removals. Authentication has migrated to MuckRock Foundation to protect journalists' data. A new upcoming feature, Track the Council, will extract promises from town council meeting PDFs and schedule follow-up alerts for accountability reporting.

Panama Papers: 10 Years On, the System Survived. A decade after the leak, governments worldwide have recovered around $2 billion in taxes, beneficial ownership registers exist in more countries, and Mossack Fonseca is gone.

Hormuz Blockade Bypass: Shipping vessels are now using Omani territorial waters to bypass the IRGC-controlled corridor as traffic through the strait has dropped 90%, causing the largest energy disruption since the 1970s while Iran enforces a "toll booth" regime for diplomatic allies. Find out more

Quantum Crypto Countdown (2029): Google researchers warn that quantum computers could crack standard crypto (ECC) with 20x fewer resources than expected. They’ve moved their migration deadline to 2029 to thwart "harvest now, decrypt later" attacks, beating the US government’s 2030+ targets. Find out more

Google’s Threat Disruption Unit: Announced at RSAC 2026, this new elite team uses court orders and technical takedowns to actively dismantle hacker infrastructure. While not "hacking back," the unit leverages Google’s global platform visibility to cut off attackers' access to the web’s "plumbing”. Find out more

Google’s Dark Web AI Agents: At RSAC 2026, Google unveiled Gemini-powered agents that crawl 10 million dark web posts daily with 98% accuracy. Google Cloud Blog

Alleged 375TB Lockheed Martin Leak: A group called APT Iran listed 375TB of purported Lockheed data (including F-35 blueprints) on a Russian market for $600 million. While unverified, the claim coincides with a separate campaign by the Handala Hack Team, which doxxed Lockheed employees and targeted them with direct intimidation. Find out more

Mapping Today's Cocaine Geography in West Africa (GI-TOC): Logistics, criminal kingpins, and corruption. April 9 | Register here

Global Forum: FIMI & Hybrid Threats - Meet the China Panel. Five specialists tracking Chinese foreign information manipulation across the EU. April 16. Register here

Corsearch x Temu Webinar: This on-demand session explores how structured cooperation between brands and platforms can stop dangerous toy counterfeits, which can move from upload to checkout in just days. It breaks down Temu’s enforcement model, including seller vetting, proactive AI detection, and how rights holders can provide specific intelligence to accelerate the removal of high-risk, non-compliant products.

Digital Experience Nordic (Stockholm, April 14): Magdalena Rosinski Sedeborg on AI in investigative practice (13:30). Event details

LAC4 Cybersecurity Training for Andean SMEs. In-person training for Bolivia, Colombia, Ecuador & Peru. May 11-13, Lima. Deadline for applications is 15 April 2026. Apply here

Journée OSINT 2026: Détecter et agir face aux opérations d'influence (AEGE, Paris). Jonathan Spedale on the "citizen investigator" and OSINT-driven influence operations. April 21, 09:00-17:00 | ILERI Paris. Register here

OSINT Switzerland Playdate + CTF. Hands-on CTF by Kevin Gasser (Redguard): track a malicious actor through their social media activity. April 17, 15:00-17:00 | University of Zurich. Register here

Something new ❗ - Newrali Global Intelligence Challenge. 24-hour global OSINT competition. April 18. Join Discord

EEIE x SKOPEIN OSINT CTF. Scenario inspired by real-world industrial competition and international interference. Hybrid format (Versailles + Discord). June 2. Join Discord

Trace Labs L150 Training Webinar: Case Walkthrough. Real missing person investigation walkthroughs from Trace Labs CTFs, focusing on investigative flow, pivoting techniques, and pattern recognition in cold cases. April 18, 12-1 PM EDT | Online | No recording. Register here

PivotCon. Agenda

Behavioural Analysis 2026 (Krakow, September 16-18): 8th international security conference on tactical risk assessment and non-racial profiling techniques.The event.

ESET Women in Cybersecurity Scholarship (US only). Apply

WiCSME Call for Volunteers: Women in Cyber Security Middle East is seeking volunteers to join its inclusive, collaborative community. The call is open to women in the MENA region and Arab women abroad looking to lead, learn, and contribute to the cybersecurity space – Apply here