Zero-Day Sweep, Helsinki Goes Nuclear, Epstein's Files Go Public
ShinyHunters breached 100+ organisations via Oracle PeopleSoft zero-day CVE-2026-35273 including the Council of Europe; a Fortinet …
Recent Work
Bear Gap, Patch Tuesday, and Gates Under Oath
Issue 019 covers Norway’s unanimous Storting defense vote (NOK 11B+, 6 submarines, 5 frigates), the Narvik Agreement placing Norway under French …
Smoke and mirrors: the disclosure hype is conveniently timed
Disclosure Day in theaters, Sleeping Dog on the podcast circuit, eight explosive videos in Washington... the attention machinery is at full throttle …
Extend the thinking, do not substitute it
Three pillars for using AI honestly in study and security work, and what a hardened lab actually taught me.
A Stolen Registry, a Nuclear Umbrella, and a Royal Reckoning
Lithuania’s state land registry was stolen, more than 600,000 records covering close to a fifth of the population, with politicians openly …
OWA, Glasswing, and a Refused Ransom
A critical Exchange OWA cross-site scripting flaw (CVE-2026-42897) is being exploited via crafted email, CISA pushed it to KEV inside 24 hours. …
What We Do
Investigations
In-depth research into fraud, disclosure violations, and consumer harm. Evidence-based, publicly documented, filed with relevant authorities.
View investigationsSecurity Digest
Weekly threat intelligence and breach analysis. OSINT-driven, focused on Nordic region. Actionable insights for defenders.
Read the digestSignals
Short-form observations on emerging threats, regulatory developments, and industry patterns. Quick reads, timely intel.
View signals