Cyber News 26NOV2025
General
- Windows 11 Administrator Protection quietly reverted, till some unspecified later time.
Administrator protection will be available on Windows 11 devices soon. The feature previously listed in the October 2025 non-security update (KB5067036) has been reverted and will roll out at a later date.
- More amazing code quality from Microsoft - Exchange Online is causing issues for those using the classic Outlook Desktop interface - connectivity and search.
- Case study on Capita's ransomware incident, and resultant UK Information Commissioner's Office's largest ever fine. Kevin Beaumont goes through the ICO's findings in depth.
- Watchtowr Labs digs into code-formatting websites (JSONFormatter and CodeBeautify), and caching of what people paste in there. Yes, it's full of secrets.
- Useful tool from Grey Noise, to check if your IP has been tagged as a source of suspicious traffic.
For the geeks:curl -s https://check.labs.greynoise.io/for a JSON response.
Getting Techy
- Ensuring cryptographic functions don't leak key material via timing attacks. Trail of Bits has added constant-time support to the LLVM compiler, to ensure the compiler doesn't 'optimise' code that has been carefully constructed to always take the same time (not dependant on the value of the key). These optimisations make the code faster, but then provide a way for an attacker to guess the key's value.
Geo-Politics
- [RU] Be careful what you say, and what you attack - 21 year old "tech entrepreneur" arrested on treason charges.
Timur Kilin may have drawn official ire after publicly criticizing the state-owned messaging app Max and the government’s anti-cybercrime legislation.
- [US] ICE has significantly bumped up the limits - or scrapped some entirely - on its outsourced surveillance 'pilot'.
Contractors were guaranteed as little as $250 and could earn no more than $90 million each, with the overall program capped at $180 million
ICE has removed the program’s spending cap ... Contractors may now earn up to $281.25 million individually and are guaranteed an initial task order worth at least $7.5 million.
- (Wired) https://archive.is/1b5Bu
- [US] What AI has really meant for the US economy...and the potential danger of an AI-led crunch, when that circular funding bites.
- (Washington Post) https://archive.is/b6XhD
AI
- Anthropic have released their latest model - the 4.5 version of Opus (the largest in the suite). Useful improvements, but nothing earth-shattering. The most welcome point is a large drop in pricing.
Pricing: Input US$5 / Output US$25 per million tokens (down from (US$15/US$75 for Opus 4.0)
Context: 200,000 tokens
Output: 64,000 tokens
Knowledge cut-off: March 2025 - With Gemini 3, came the Antigravity Integrated Development Environment (IDE), based upon Google's licensing of the Windsurf codebase.
Unfortunately, it didn't come with fixes for previously known Windsurf vulnerabilities. "Issue #2: Antigravity Follows Hidden Instructions" is especially concerning when looking at someone else's codebase - the malicious instructions are completely invisible. - Interesting trick, from Cato Networks, to attack AI Browsers. Hash Fragments (after a
#symbol at the end of a URL) are normally used to target part of a page, and are processed by the browser locally (not sent to the server).
By putting malicious prompts in these fragments, the Browser's AI sees them, but upstream security controls (e.g. proxies) do not. - Just for fun
“Another, and make it a double!” He said, sliding his glass toward the barman.
“Don’t you think you’ve had enough?”
The question obviously riled the disheveled patron, who locked eyes with the barman.
“My executive team asked me today how we can leverage AI as part of our quantum strategy,” he began. “We don’t even have an asset register.”
“My god. This one’s a triple, and it’s on the house.”