{"id":35984,"date":"2026-05-24T11:46:05","date_gmt":"2026-05-24T18:46:05","guid":{"rendered":"https:\/\/www.podfeet.com\/blog\/?p=35984"},"modified":"2026-05-24T11:46:05","modified_gmt":"2026-05-24T18:46:05","slug":"sb-2026-05-24","status":"publish","type":"post","link":"https:\/\/www.podfeet.com\/blog\/2026\/05\/sb-2026-05-24\/","title":{"rendered":"Security Bits \u2014 24 May 2026"},"content":{"rendered":"<h2>Feedback &amp; Followups<\/h2>\n<aside class=\"small-aside\">Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time.<\/aside>\n<ul>\n<li>More Mythos developments:\n<ul>\n<li>From Anthropic: <a href=\"https:\/\/thehackernews.com\/2026\/05\/claude-mythos-ai-finds-10000-high.html\">Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/daringfireball.net\/linked\/2026\/05\/14\/m5-mie-exploit\">Aided by Mythos Preview, Researchers Announce macOS Kernel Exploit Circumventing M5 Memory Integrity Enforcement \u2014 daringfireball.net\/\u2026<\/a> (Mythos could not do this alone, and the researchers likely couldn&#8217;t have done it alone either; this was a real partnership between skilled humans and powerful tools)<\/li>\n<\/ul>\n<\/li>\n<li>\ud83c\udde8\ud83c\udde6 More push-back against Canada&#8217;s proposed end-to-end-encryption ban:\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/signal-threatens-to-leave-canada-over-proposed-lawful-access-bill\/\">Signal threatens to leave Canada over proposed lawful access bill \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><strong>Related:<\/strong> \ud83c\uddec\ud83c\udde7 <a href=\"https:\/\/cyberinsider.com\/mozilla-calls-on-uk-to-exclude-vpns-from-age-verification-rules\/\">Mozilla calls on UK to exclude VPNs from age verification rules \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>Listener Questions<\/h2>\n<aside class=\"small-aside\">Submit your questions for future shows to Allison using the contact details at the end of the show, or post them in the <em>security-bits<\/em> channel in the <a href=\"https:\/\/podfeet.com\/slack\" target=\"_blank\">Podfeet Slack<\/a>.<\/aside>\n<h3>From Allison \u2014 ChatGPT Malware?<\/h3>\n<p><strong>Allison posted a screenshot on Slack showing her Mac blocking ChatGPT as malware \u2014 what happened?<\/strong><\/p>\n<figure style=\"float: center; margin: 10px\"><img decoding=\"async\" src=\"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2026\/05\/popup-explaining-ChatGPT-is-malware-and-has-been-moved-to-the-trash.png\" alt=\"Popup explaining ChatGPT is malware and has been moved to the trash.\"  title=\"popup explaining ChatGPT is malware and has been moved to the trash.png\" width=\"260 \" height=\"250\"><figcaption style=\"text-align:center\">ChatGPT is Malware?<\/figcaption><\/figure>\n<p><em><strong>TL;DR<\/strong> \u2014 OpenAI fell prey to a supply-chain attack and lost control of one of their software signing certificates, so they marked the certificate as compromised, and rushed out a new version of ChatGPT signed with a safe certificate.<\/em><\/p>\n<p>One of the things Apple&#8217;s Gatekeeper malware protection feature does is check the digital signatures on every app before the system launches it. This provides two important protections:<\/p>\n<ol>\n<li>It gives Apple a quick mechanism for blocking known-bad software simply \u2014 if an app is signed with a revoked cert, block it! No need to develop some kind of AV-style pattern matching, just check the cert!<\/li>\n<li>It detects and blocks apps that have changed since they were signed \u2014 either you were tricked into installing a booby-trapped version of the app, or, something nasty ran on your Mac for long enough to inject new code into a legitimate app you had installed.<\/li>\n<\/ol>\n<p>Once OpenAI discovered they had lost the private key controlling their code signing certificate, they revoked it immediately. They also re-signed their app as quickly as they could and pushed out a software update, allowing legitimate versions of ChatGPT to try update themselves to the known-good version.<\/p>\n<p>Neither certificate revocations nor software updates propagate instantaneously, so we now have a race condition! Would Allison&#8217;s Mac get the ChatGPT update before her Mac learned about the certificate revocation?<\/p>\n<p>As it happens it seems both sort of happened \u2014 the software update process got far enough that the new app was on her Mac, but had clearly not completed all the way. The end result, Allison was told a malicious copy of ChatGPT had been moved to the trash, and, when she tried to launch ChatGPT again it started fine!<\/p>\n<p>There are infinitely many ways for apps to update themselves, but any update mechanism that starts while an app is running needs to briefly have two versions of the app on your system at the same time \u2014 you can&#8217;t change running code!<\/p>\n<p>Apple&#8217;s app store gets around this by forcing your to quit an app before you can update it, which works because the store app is not the app itself.<\/p>\n<p>Firefox has to deal with this problem somehow, because Firefox updates itself without the help of the App Store app. What Firefox does it download updates in the background as soon as they becomes available, then, as it starts, it checks for a waiting copy. If it finds one, it launches a helper app, and exists, letting the helper app do the switcheroo, before it then starts Firefox for you. What you exerience as a user is a slightly slower startup, and you might notice the dock icon appear, disappear briefly, then re-appear.<\/p>\n<p>Chrome on the other hand helps itself to your resources and runs an always-on background app that does nothing but check for updates. It then downloads any updates Google pushes, and checks if Chrome is running, if not, it does the switcheroo, if it is, it waits! The down-side is you have an always-on process consuming your RAM, and if that process has a vulnerability or a bug, your Mac is always running the vulnerable code, even when you quit Chrome. For about a year Mac users running Chrome complained their RAM kept vanishing, and it was eventually traced to a bug in the Chrome updater that forgot to free a piece of memory after use, causing it to grow and grow and grow until you rebooted your Mac!<\/p>\n<p>If you&#8217;re curious why certificate revocations are not checked in real-time, there are a few reasons. Before we look at why it\u2019s not done in real time for app launches, I do want to emphasise that it is possible, at least for now.<\/p>\n<p>Certificate Authorities currently provide URLs for querying certificate statuses using OCSP, the <em>Online Certificate Status Protocol<\/em>.<\/p>\n<p>So, why not use OCSP?<\/p>\n<ol>\n<li>You need to be able to launch apps while not connected to the internet!<\/li>\n<li>Checking every cert&#8217;s latest status each time would slow down your app launches and flood certificate authorities with real-time certificate status checks<\/li>\n<li>Checking every time is a privacy leak \u2014 the certificate authority&#8217;s certificate status protocol servers would see the App cert and the IP of the machine running it each time an app was started, allowing them to track app usage by specific IPs, something data brokers would pay big money for!<\/li>\n<\/ol>\n<p>Why did I hedge my mention of OCSP with <em>for now<\/em>? Precisely because of the privacy concerns, it\u2019s being phased out! It is being replaced by a privacy-protecting, less real-time protocol that uses lists of hashed revoked certificates structured in a computationally efficient data structure that can be searched really efficiently.<\/p>\n<h3>Links<\/h3>\n<ul>\n<li><a href=\"https:\/\/hi-tech.ua\/en\/macos-started-sending-chatgpt-to-trash-why-mac-considers-the-program-malicious\/\">MacOS Started Sending ChatGPT to Trash: Why Mac Considers the Program Malicious \u2014 hi-tech.ua\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2026\/04\/openai-revokes-macos-app-certificate.html\">OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident \u2014 thehackernews.com\/\u2026<\/a><\/li>\n<\/ul>\n<h2>\u2757 Action Alerts<\/h2>\n<aside class=\"small-aside\">Calls to action, if any stories in this section are relevant to you, there is some action you should take.<\/aside>\n<ul>\n<li><a href=\"https:\/\/isc.sans.edu\/diary\/rss\/32976\">Apple Patches Everything \u2014 isc.sans.edu\/\u2026<\/a>\n<ul>\n<li>The graph in the SANS article showing the number of fixes per release over time is interesting \u2014 this one is about average<\/li>\n<li>One notable new security feature: <a href=\"https:\/\/tidbits.com\/2026\/05\/11\/%EF%A3%BFos-26-5-adds-encrypted-rcs-messaging-fixes-bugs\/\">\uf8ffOS 26.5 Adds Encrypted RCS Messaging, Fixes Bugs \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/these-mobile-carriers-support-ios-26-5-encrypted-rcs-messaging\/\">These Mobile Carriers Support iOS 26.5 Encrypted RCS Messaging \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li>Fixes for older OSes too:<\/li>\n<li><a href=\"https:\/\/tidbits.com\/watchlist\/safari-26-5\/\">Safari 26.5 \u2014 tidbits.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/ios-18-7-9-and-ipados-18-7-9-now-available-for-older-iphone-and-ipad\/\">iOS 18.7.9 and iPadOS 18.7.9 Now Available for Older iPhone and iPad \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/apple-rolls-out-ios-16-7-16-and-ios-15-8-8-for-older-iphones-with-important-security-fixes\/\">Apple Rolls Out iOS 16.7.16 and iOS 15.8.8 for Older iPhones with Important Security Fixes \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/www.macobserver.com\/news\/macos-15-7-7-and-14-8-7-released-alongside-apples-latest-software-updates\/\">macOS 15.7.7 and 14.8.7 Released Alongside Apples Latest Software Updates \u2014 www.macobserver.com\/\u2026<\/a><\/li>\n<li><a href=\"https:\/\/tidbits.com\/2026\/05\/13\/apple-extends-notification-privacy-fix-to-ios-15-ios-16-and-ipados-17\/\">Apple Extends Notification Privacy Fix to iOS 15, iOS 16, and iPadOS 17 \u2014 tidbits.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days\/\">Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>The disgruntled security research who previously released Microsoft zero-days just after Patch Tuesday struck again:<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/windows-bitlocker-zero-day-gives-access-to-protected-drives-poc-released\/\">Windows BitLocker zero-day gives access to protected drives, PoC released \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>Physical access to the device is required to booby-trap the firmware, so not a problem for typical users<\/li>\n<li>Does not allow a drive to be decrypted on any computer other than the one it was encrypted on<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-shares-mitigation-for-yellowkey-windows-zero-day\/\">Microsoft shares mitigation for YellowKey Windows zero-day \u2014 www.bleepingcomputer.com\/\u2026<\/a> (cumbersome overkill for regular users)<\/li>\n<\/ul>\n<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/new-windows-miniplasma-zero-day-exploit-gives-system-access-poc-released\/\">New Windows &#8216;MiniPlasma&#8217; zero-day exploit gives SYSTEM access, PoC released \u2014 www.bleepingcomputer.com\/\u2026<\/a>\n<ul>\n<li>Local privilege escalation, so not a big problem for typical home users \u2014 <em>&#8220;if you have malicious code running on your machine \u2026&#8221;<\/em><\/li>\n<\/ul>\n<\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/microsoft-warns-of-new-defender-zero-days-exploited-in-attacks\/\">Microsoft warns of new Defender zero-days exploited in attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>By default, Defender automatically updates, so no users action is needed<\/li>\n<li>Good time to check you haven&#8217;t disabled automatic Defender updates!<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Ubiquity Owners:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/ubiquiti-patches-three-max-severity-unifi-os-vulnerabilities\/\">Ubiquiti patches three max severity UniFi OS vulnerabilities \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<li>\u26a0\ufe0f <strong>NGNINX Users:<\/strong> <a href=\"https:\/\/thehackernews.com\/2026\/05\/18-year-old-nginx-rewrite-module-flaw.html\">18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE \u2014 thehackernews.com\/\u2026<\/a>\n<ul>\n<li>No patch yet, but workarounds available<\/li>\n<li>Only affects very specific configurations, so first step is to check your configs for problem declarations<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Drupal Users:<\/strong> <a href=\"https:\/\/thehackernews.com\/2026\/05\/highly-critical-drupal-core-flaw.html\">Highly Critical Drupal Core Flaw Exposes PostgreSQL Sites to RCE Attacks \u2014 thehackernews.com\/\u2026<\/a>\n<ul>\n<li>Only affects sites back-ended by PostgreSQL<\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/drupal-critical-sql-injection-flaw-now-targeted-in-attacks\/\">Drupal: Critical SQL injection flaw now targeted in attacks \u2014 www.bleepingcomputer.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>WordPress Users:<\/strong> <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/hackers-exploit-auth-bypass-flaw-in-burst-statistics-wordpress-plugin\/\">Hackers exploit auth bypass flaw in Burst Statistics WordPress plugin \u2014 www.bleepingcomputer.com\/\u2026<\/a> (privacy-focused analytics used on over 200,000 sites!)<\/li>\n<li>\u26a0\ufe0f <strong>Google API Users:<\/strong> <a href=\"https:\/\/cyberinsider.com\/google-wont-fix-api-key-staying-active-for-23-mins-after-deletion\/\">Google \u201cWon\u2019t Fix\u201d API key staying active for 23 mins after deletion \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li>This seems utterly un-tenable to me \u2014 in the age of AI 23 minutes is an eternity!<\/li>\n<li>I can&#8217;t see how it is possible to safely use Google&#8217;s APIs \ud83d\ude41<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Worthy Warnings<\/h2>\n<aside class=\"small-aside\">Potentially relevant warnings from government organisations, public interest groups, or the security community.<\/aside>\n<ul>\n<li><a href=\"https:\/\/tidbits.com\/2026\/05\/19\/gift-card-scam-funnels-millions-in-apple-devices-through-new-hampshire-warehouses\/\">Gift Card Scam Funnels Millions in Apple Devices Through New Hampshire Warehouses \u2014 tidbits.com\/\u2026<\/a>\n<ul>\n<li>Avoid buying physical gift cards of any kind in stores!<\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Telegram Users:<\/strong> <a href=\"https:\/\/cyberinsider.com\/telegrams-mtproto-protocol-leaks-persistent-identifiers-enabling-user-tracking\/\">Telegram\u2019s MTProto protocol leaks persistent identifiers enabling user tracking \u2014 cyberinsider.com\/\u2026<\/a>\n<ul>\n<li>Treat Telegram like social media \u2014 <strong>Telegram is not a secure messaging platform<\/strong><\/li>\n<\/ul>\n<\/li>\n<li>\u26a0\ufe0f <strong>Mullvad VPN users:<\/strong> \ud83e\uddef <a href=\"https:\/\/cyberinsider.com\/mullvad-vpn-exit-ip-patterns-could-enable-user-fingerprinting\/\">Mullvad VPN exit IP patterns could enable user fingerprinting \u2014 cyberinsider.com\/\u2026<\/a> (not a big problem)\n<ul>\n<li><a href=\"https:\/\/cyberinsider.com\/mullvad-confirms-vpn-fingerprinting-flaw-says-fix-is-on-the-way\/\">Mullvad confirms VPN fingerprinting flaw, says fix is on the way \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Notable News<\/h2>\n<ul>\n<li>You may want to contribute: <a href=\"https:\/\/cyberinsider.com\/tor-launches-crowdfunding-campaign-to-support-internet-freedom-projects\/\">Tor launches crowdfunding campaign to support internet freedom projects \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>Some notable enforcement actions:\n<ul>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/cyberinsider.com\/california-hits-gm-with-record-12-75m-fine-for-selling-driver-location-data\/\">California hits GM with record $12.75M fine for selling driver location data \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/cyberinsider.com\/fcc-moves-to-impose-know-your-customer-rules-for-voip-providers\/\">FCC moves to impose \u201cKnow Your Customer\u201d rules for VoIP providers \u2014 cyberinsider.com\/\u2026<\/a> (aim is to tackle robocalls)<\/li>\n<li>\ud83c\uddfa\ud83c\uddf8 <a href=\"https:\/\/cyberinsider.com\/texas-sues-netflix-for-profiling-children-and-selling-data-to-advertisers\/\">Texas sues Netflix for profiling children and selling data to advertisers \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Some nice cybersecurity updates and enhancements\n<ul>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/microsoft\/microsoft-edge-to-stop-loading-cleartext-passwords-in-memory-on-startup\/\">Microsoft backpedals: Edge to stop loading passwords into memory \u2014 www.bleepingcomputer.com\/\u2026<\/a> (this should never have needed to fixed, but at least it is now being fixed)<\/li>\n<li><a href=\"https:\/\/thehackernews.com\/2026\/05\/microsoft-open-sources-rampart-and.html\">Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development \u2014 thehackernews.com\/\u2026<\/a> (developer tooling)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/android-adds-intrusion-logging-system-to-detect-spyware-attacks\/\">Android adds \u2018Intrusion Logging\u2019 system to detect spyware attacks \u2014 cyberinsider.com\/\u2026<\/a> (An enhancement to <em>Android Advanced Protection Mode<\/em> developed in collaboration with Amnesty International&#8217;s security lab)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/whatsapp-launches-incognito-chat-for-private-ai-conversations\/\">WhatsApp launches \u201cIncognito Chat\u201d for private AI conversations \u2014 cyberinsider.com\/\u2026<\/a> (Not a recommendation from Bart suggesting anyone start using WhatApp or Meta&#8217;s AI, but if you feel you want to, this is at least less risky)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/signal-begins-testing-automatic-key-verification-for-encrypted-chats\/\">Signal begins testing automatic key verification for encrypted chats \u2014 cyberinsider.com\/\u2026<\/a> (still in beta, not yet rolled out to users)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/discord-enables-e2ee-by-default-for-all-voice-and-video-communications\/\">Discord enables E2EE by default for all voice and video communications \u2014 cyberinsider.com\/\u2026<\/a> (E2EE is End-to-End-Encryption)<\/li>\n<li><a href=\"https:\/\/cyberinsider.com\/proton-pass-adds-new-protections-for-ai-agents-with-account-access\/\">Proton Pass adds new protections for AI agents with account access \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<li><em>&#8220;A new Proton Pass feature allows users to securely share credentials with AI agents via &#8216;AI access tokens,&#8217; aiming to reduce the security risks posed by autonomous AI tools accessing private accounts.&#8221;<\/em><\/li>\n<li><strong>Related:<\/strong> <a href=\"https:\/\/cyberinsider.com\/proton-pass-rated-well-above-par-in-independent-security-audit\/\">Proton Pass rated \u201cwell above par\u201d in independent security audit \u2014 cyberinsider.com\/\u2026<\/a><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Interesting Insights<\/h2>\n<aside class=\"small-aside\">High-quality opinion and editorial content recommended by Bart.<\/aside>\n<ul>\n<li>Apple have published a fascinating writeup on their App Store protections: <a href=\"https:\/\/www.apple.com\/ie\/newsroom\/2026\/05\/the-app-store-stopped-over-2-point-2-billion-usd-in-fraudulent-transactions-in-2025\/\">The App Store stopped over $2.2 billion in potentially fraudulent transactions in 2025 \u2014 \ud83d\udce3 Apple PR<\/a>\n<ul>\n<li><strong>Editorial by Bart:<\/strong> What stands out most to me is how often Apple stress that their process is a partnership between people and AI \u2014 AI as a force-multiplier, not as a replacement for people!<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Palate Cleansers<\/h2>\n<aside class=\"small-aside\">Anything upbeat and nerdy Bart and\/or Allison think you might enjoy.<\/aside>\n<ul>\n<li><strong>From Allison:<\/strong> <a href=\"https:\/\/platform.leolabs.space\/visualizations\/leo#view=originCountry\">LeoLabs \u2014 platform.leolabs.space\/\u2026<\/a>\n<ul>\n<li>Cool animation of current satellites, instruments, and debris. You can zoom in and select a specific satellite and follow along in its path, and (if you turn off debris) you can see satellites by country of origin. Mesmerizing while also frightening.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2>Legend<\/h2>\n<p>When the textual description of a link is part of the link, it is the title of the page being linked to, when the text describing a link is not part of the link, it is a description written by <a href=\"https:\/\/bartb.ie\/\">Bart<\/a>.<\/p>\n<table>\n<thead>\n<tr>\n<th align=\"center\">Emoji<\/th>\n<th align=\"left\">Meaning<\/th>\n<\/tr>\n<\/thead>\n<tbody>\n<tr>\n<td align=\"center\">\ud83c\udfa7<\/td>\n<td align=\"left\">A link to <strong>audio content<\/strong>, probably a podcast.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\u2757<\/td>\n<td align=\"left\">A <strong>call to action<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\"><em>flag<\/em><\/td>\n<td align=\"left\">The story is particularly relevant to people living in a <strong>specific country<\/strong>, or, the organisation the story is about is affiliated with the government of a specific country.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcca<\/td>\n<td align=\"left\">A link to <strong>graphical content<\/strong>, probably a chart, graph, or diagram.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83e\uddef<\/td>\n<td align=\"left\">A story that has been <strong>over-hyped<\/strong> in the media, or, <em>&#8220;no need to light your hair on fire&#8221;<\/em> \ud83d\ude42<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udcb5<\/td>\n<td align=\"left\">A link to an article behind a <strong>paywall<\/strong>.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83d\udccc<\/td>\n<td align=\"left\">A <strong>pinned<\/strong> story, i.e. one to keep an eye on that&#8217;s likely to develop into something significant in the future.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa9<\/td>\n<td align=\"left\">A <strong><em>tip of the hat<\/em><\/strong> to thank a member of the community for bringing the story to our attention.<\/td>\n<\/tr>\n<tr>\n<td align=\"center\">\ud83c\udfa6<\/td>\n<td align=\"left\">A link to <strong>video content<\/strong>.<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p>Feedback &amp; Followups Listener and community feedback, developments in recently covered stories, and developments in long-running stories we&#8217;re tracking over time. More Mythos developments: From Anthropic: Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software \u2014 thehackernews.com\/\u2026 Aided by Mythos Preview, Researchers Announce macOS Kernel Exploit Circumventing M5 Memory Integrity Enforcement \u2014 daringfireball.net\/\u2026 [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":28385,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[147],"tags":[7728,8221,2060,233,114,50,569,4586],"class_list":["post-35984","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-posts","tag-agentic-ai","tag-google-api","tag-malware","tag-microsoft","tag-privacy","tag-security","tag-security-bits","tag-vulnerability"],"jetpack_featured_media_url":"https:\/\/www.podfeet.com\/blog\/wp-content\/uploads\/2023\/05\/Security-Bits-Logo_1040x520.png","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35984","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/comments?post=35984"}],"version-history":[{"count":2,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35984\/revisions"}],"predecessor-version":[{"id":35986,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/posts\/35984\/revisions\/35986"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media\/28385"}],"wp:attachment":[{"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/media?parent=35984"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/categories?post=35984"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.podfeet.com\/blog\/wp-json\/wp\/v2\/tags?post=35984"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}