A Stolen Registry, a Nuclear Umbrella, and a Royal Reckoning
Lithuania’s state land registry was stolen, more than 600,000 records covering close to a fifth of the population, with politicians openly …
Recent Work
OWA, Glasswing, and a Refused Ransom
A critical Exchange OWA cross-site scripting flaw (CVE-2026-42897) is being exploited via crafted email, CISA pushed it to KEV inside 24 hours. …
From the Goblins to the Hearing
Two weeks at once. OpenAI hardcoded a system-prompt override to stop ChatGPT 5.1 from talking about goblins. DENIC broke the .de TLD with bad DNSSEC …
Goblins in the Machine, Holes in the Wire
OpenAI hardcoded a system-prompt override to stop ChatGPT 5.1 from talking about goblins. DENIC broke the .de TLD with bad DNSSEC signatures and …
Mines and Mythos
Trump ordered the Navy to shoot Iranian boats mining Hormuz. Voice phishing surged against IT helpdesks. The Vercel breach widened. India’s …
The Verse He Chose
King Charles III invoked Joel 3:10, the mobilisation verse, in his joint address to Congress on April 28. The verse he chose, not the verse he …
What We Do
Investigations
In-depth research into fraud, disclosure violations, and consumer harm. Evidence-based, publicly documented, filed with relevant authorities.
View investigationsSecurity Digest
Weekly threat intelligence and breach analysis. OSINT-driven, focused on Nordic region. Actionable insights for defenders.
Read the digestSignals
Short-form observations on emerging threats, regulatory developments, and industry patterns. Quick reads, timely intel.
View signals