Matthijs R. Koot

The official microG OS project (lineage.microg.org) leaked their private keys for logging into their servers and signing releases:

github.com/lineageos4mi...

We make our official builds on local machines. Our signing machine's keys aren't ever on any storage unencrypted.

Intellexa Founder, Three Others Sentenced to 8 Years in Prison Over Greek Spyware Scandal - The Citizen Lab A Greek court sentenced four Intellexa executives to prison for their role in a 2022 scandal that involved the use of Predator spyware against more than 90 public figures in the country. Citizen Lab r...

Intellexa Founder, Three Others Sentenced to 8 Years in Prison Over Greek Spyware Scandal (5 March 2026) citizenlab.ca/intellexa-fo... by @citizenlab.ca

A suite of government hacking tools targeting iPhones is now being used by cybercriminals | TechCrunch Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They warned of an emerging market for "second hand" exploits.

Security researchers say exploits used by governments to hack into Apple iPhones have been found used by cybercriminals. They warned of an emerging market for "second hand" exploits.

phrack.org/issues/68/2#...
Another legend has crossed over. Thank you @fxv2.bsky.social for being your kind, brilliant self, whose contributions are too many to name, not just in hacking, but in being a superconnector who I now know is responsible for so many friendships & marriages. You are missed.

Anonymous credentials: an illustrated primer This post has been on my back burner for well over a year. It’s been sitting here unwritten, not because the topic is unimportant — in fact, with every single month that goes by, I become mor…

I wrote a new post on anonymous credentials and how to build them. All of this is in service on a longer future post on how these will fit into age verification systems. blog.cryptographyengineering.com/2026/03/02/a...

How Russia’s fatalities compare with Ukraine’s After four years of fighting, our modelling reveals a grim toll

On the anniversary of the Russian invasion of Ukraine, our modelling suggests that Vladimir Putin is losing more men than he can recruit. Our charts explain the toll

Treasury sanctions Russian zero-day broker accused of buying exploits stolen from U.S. defense contractor | TechCrunch The U.S. Treasury announced it was imposing sanctions against a Russian broker of zero-day exploits, its founder and two affiliates, citing a threat to U.S. national security. Another affiliated zero-...

NEW: The U.S. government is sanctioning Russian zero-day broker Operation Zero and its founder, alleging it acquired stolen hacking tools from U.S. defense contractor L3Harris Trenchant.

The U.S. said former Trenchant boss Peter Williams stole and sold these exploits to Operation Zero.

Reverse engineering Realtek RTL8761B* Bluetooth chips, to make better Bluetooth security tools & classes | Dark Mentor LLC We hold this truth to be self-evident&#58; SUFFERING BUILDS STRENGTH! In this talk I will walk you through the trials, tribulations, and triumph(!) of the worst debugging setup I've ever hacked together, which I used to reverse engineer the Realtek RTL8761B* family of Bluetooth chips.<p>This work was done because Bluetooth security tools are in an abominable state. We use "CSR4" (Cambridge Silicon Radio) dongles that don't support packets newer than Bluetooth 4.0 (released in 2010!), just to be able to spoof the Bluetooth Device Address (BDADDR) for MitM attacks.<p>Veronica Kovah & I have been creating Bluetooth security classes for <a href="https://ost2.fyi/">OpenSecurityTraining2</a>. And we wanted to use better hardware; ideally something that supports BT 5.4 (released in 2023). So I bought a bunch of cheap dongles off Amazon, and found that most of them used the same RTL8761B chip. So the goal was clear&#58; at a minimum, figure out a way to spoof the BDADDR on these dongles. But I also a set out a nice-to-have stretch goal - to figure out how to use these dongles to send custom LMP packets (which are architecturally not meant to be under full user control.) That way, could replace a bulky and expensive $55 dev board (that is only used for BT Classic), with a cheap and small $14 USB dongle (which has a better antenna to boot!) This would make Blue2thprinting (released at Hardwear.io 2023), and thus Bluetooth reconnaissance & vulnerability assessment, cheaper & better.<p>Bloodied (but not broken) by the ordeal, I achieved my goals and stretch goals. And given that there are no public descriptions of how Realtek Bluetooth chips work, I look forward to sharing hitherto-unknown information about how to navigate and understand these mostly-16-bit-MIPS-code systems. And I'll discuss how their ROM-"patch"ing firmware update mechanism works, how you can patch it to change its code too, and the security implications thereof.

Video released for "Reverse engineering Realtek RTL8761B* Bluetooth chips, to make better Bluetooth security tools & classes" (from @hardwear-io.bsky.social). Slides & video link here:
darkmentor.com/publication/...

Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say Palo Alto Networks opted not to tie China to a global cyberespionage campaign the firm exposed last week over concerns that the cybersecurity company or its clients could face retaliation from Beijing, according to two people familiar with the matter.

Exclusive: Palo Alto chose not to tie China to hacking campaign for fear of retaliation from Beijing, sources say reut.rs/4ae6Uw2

The general counsel uploaded a picture on Linkedin showing the web panel of Paragon's spyware.

The panel shows a phone number in Czechia, Apps, Accounts, media on the phone, the interception status and numbers extracted from social media applications.

DOJ says Trenchant boss sold exploits to Russian broker capable of accessing 'millions of computers and devices' | TechCrunch The former boss of the L3Harris-owned hacking and surveillance tools maker Trenchant faces nine years in prison for selling several exploits to a Russian broker, which counts the Russian government am...

NEW: U.S. prosecutors say the hacking tools that Peter "Doogie" Williams stole from defense contractor L3Harris Trenchant could have been used against "millions of computers and devices" worldwide.

Williams said he didn't know the tools could end up in the hands of Russia or other governments.

Hacker linked to Epstein removed from Black Hat cyber conference website | TechCrunch Emails published by the Justice Department revealed cybersecurity veteran Vincenzo Iozzo emailed, and arranged to meet, Jeffrey Epstein multiple times between 2014 and 2018.

NEW: Cybersecurity veteran Vincenzo Iozzo, whowas linked to Epstein, has been removed from the webpage of the Black Hat conference review board.

Iozzo was in touch with Epstein 2014 to 2018, including after new stories came out about Epstein's sex trafficking crimes in late 2018, emails show.

Gladys Mae West obituary: mathematician who pioneered GPS technology Nature - She made key contributions to US cold-war science despite facing huge barriers as a Black woman.

Obituary: Gladys Mae West (1930-2026) mathematician who pioneered GPS technology

go.nature.com/469BlAW

Jeff Bezos’s wealth has increased an average of $70 million every day of 2026, meaning that he could have offset The Post’s losses with what he’s made since Monday.

Spyware maker is hijacking diplomatic efforts to limit commercial hacking, civil society warns Spyware maker NSO Group trumpeted the company’s participation in the Pall Mall Process, which drew criticism from civil society leaders and government officials who called out human rights abuses.

UK and French govts say they "didn't invite" NSO to participate in Pall Mall after spyware maker trumpets its participation in annual "transparency report." French officials note "extremely serious" allegations involving Pegasus in France

therecord.media/spyware-make...

To: Jeffrey Epsteinfjeevacation@gmail.com] From: Sent: Wed 5/28/2014 3:23:21 AM Subject: Before being freed, hacker Sabu was 'extraordinary' FBI informant - Los Angeles Times Hire this kid. Im serious. http://www.latimes.com/nation/la-na-hacker-sentencing-20140528-story.html

Well shit, here we go again with the latest Epstein files drop.

Here’s an email from someone to Jeffrey Epstein telling him that he should hire Anonymous snitch sabu.
www.justice.gov/epstein/file...

Somebody used spoofed ADSB signals to raster the meme of JD Vance over Mar-a-Lago using AF2 ICAO identity This, if it is still visible: Via: Next up, age verification for ADSB?

Somebody used spoofed ADSB signals to raster the meme of JD Vance over Mar-a-Lago using AF2 ICAO identity
https://alecmuffett.com/article/143548
#adsb #trump

Only ninety-nine (99) days to go!! High time to submit your abstract(s) to the program committee. We are really looking forward to receive & review them! cfp.nluug.nl.

This is directly related to the case of Charles Edward Littlejohn who stole the tax records of Trump, Bezos and other billionaires and leaked them to ProPublica, which published a series of stories in 2021 about them

Hoepman, J.-H. (2025). Is Authenticity an Effective Antidote to Misinformation?. Weizenbaum Journal of the Digital Society, 5(4). https://doi.org/10.34669/WI.WJDS/5.4.3

❓Can digital signatures stop misinformation?

A new #WJDS paper by Jaap-Henk Hoepman argues they can’t ❌. Practical barriers exist, and there may be negative side effects.

💡Read: doi.org/10.34669/WI....

#Misinformation #DigitalTrust #Research

Boycott U.S. journals and conferences
blog.xot.nl/2026/01/21/b...

Telegram’s battle with European regulators could force it to hire thousands of content moderators to tackle illegal content. Documents obtained by Follow the Money show how Telegram is trying to fend off tougher oversight from Brussels.

www.ftm.eu/articles/tel...

Join | OCCRP We are supported by people like you. Support us by becoming a member today.

For the last few days, we’ve been fighting a DDoS attack from highly resourced actors trying to make OCCRP’s reporting inaccessible.

Your backing makes it possible for us to fight back more effectively. If you’d like to help strengthen our efforts, you can donate here: buff.ly/2BWJueR

Now you understand why every pro-Kremlin Twitter bot has spent 90% of its time over the past decade defending or pushing crypto and blockchain tech while randomly publishing some political tweet once in a while?

Spionage: BND hörte jahrelang US-Präsident Barack Obama ab Der deutsche Geheimdienst überwachte regelmäßig Telefonate des damaligen US-Präsidenten an Bord der Air Force One. Erlaubnis von Angela Merkel hatte der BND nicht.

Germany’s foreign intelligence agency (BND) intercepted phone conversations of former President Barack Obama while he was aboard Air Force One over several years. The interceptions exploited vulnerabilities in the aircraft’s encryption and known frequencies.

www.zeit.de/politik/ausl...

New addition

Report: Perceptions Of Counterintelligence In Corporate And Academic Sectors: Risks, Awareness, And Strategic Implications (published 22-11-2025)
https://zenodo.org/records/17681907

Resident.NGO has an excellent write-up of a case where a journalist was interrogated by the Belarusian KGB and then had spyware installed on their phone. The recommendations are sensible and practical resident.ngo/lab/writeups...

See also this @rsf.org report rsf.org/en/exclusive...

Belarusian KGB put spyware on phones of detained journalist.

Growing list of cases where authoritarian regimes use detention to implant spyware on phones:

🦠Belarus
🦠Kenya
🦠Serbia

And likely plenty more.

Important investigation & reminder that dictators don't always need zero-days.

Pope tells Italian spies not to smear politicians or journalists Pope Leo on Friday urged Italy's intelligence services to avoid smearing public figures and journalists, saying abuse of confidential material risked undermining democracy and public trust.

The Pope involves himself in Italy's spy scandal and asks intel officials to respect people's privacy and not leak data and smear people with hacked data

www.reuters.com/world/pope-t...

How Danes je nov dan helped stop dangerous spyware in Slovenia - European Digital Rights (EDRi) EDRi affiliate Danes je nov dan launched a multi-faceted campaign in response to a government proposal that would allow the Slovene Intelligence and Security Agency (SOVA) to use invasive spyware and ...

How EDRi affiliate @danesjenovdan.si helped stop dangerous spyware in Slovenia (11 December 2025) edri.org/our-work/how...