Aardwolf Security

18/05/2026

Symantec’s Threat Hunter Team has confirmed Fast16 malware was built to sabotage nuclear weapon simulations. The framework dates back to roughly 2005, around two years before Stuxnet was active.

https://aardwolfsecurity.com/fast16-malware-the-pre-stuxnet-tool-built-to-sabotage-nuclear-weapon-simulations/

18/05/2026

Symantec’s Threat Hunter Team has confirmed Fast16 malware was built to sabotage nuclear weapon simulations. The framework dates back to roughly 2005, around two years before Stuxnet was active.

Fast16 malware targeted nuclear weapon simulations years before Stuxnet, with rule-level precision attacks on LS-DYNA and AUTODYN software.

11/05/2026

https://aardwolfsecurity.com/north-korea-laptop-farm-crackdown-what-two-us-convictions-teach-it-teams/

28/04/2026

LayerX Security found 82 browser extensions openly selling user data, hitting at least 6.5 million people across the Chrome Web Store. Streaming tools, ad blockers and productivity add-ons are all caught up in it, and 29 of them target business browsing on corporate systems. Most users never read privacy policies, so the practice stays hidden in plain sight.

Full article:

New LayerX research found browser extensions selling user data. Chrome extension privacy is at risk for 6.5m people.

09/04/2026

https://aardwolfsecurity.com/microsoft-developer-account-lockout-leaves-millions-of-windows-users-without-security-updates/

Microsoft developer account lockout blocks updates for VeraCrypt, WireGuard and Windscribe. Open source security tools left exposed.

10/03/2026

FBI Wiretap Breach Highlights Critical Weaknesses in U.S. Surveillance Systems

The FBI wiretap breach exploited a supply chain cyber attack through a vendor ISP. Here’s what security teams need to know.

14/02/2026

Police in Guadalupe, Mexico, have bought four robot dogs to boost robot dog security at the 2026 FIFA World Cup:

Robot dog security patrols will support World Cup 2026 surveillance at stadiums in Mexico. Here is what the K9-X unit can do.

03/02/2026

TLDR: Two security testers spent nearly 20 hours in jail in 2019. They had proper pe*******on testing authorisation from the Iowa Judicial Branch.

Seven years later, the county settled for $600,000. The case shows why pen test contracts need clear communication at every level.

Iowa County pays $600k after jailing pen testers with proper authorisation. Learn how pe*******on testing authorisation is vital in a pen test

03/02/2026

TLDR: Microsoft is finally pulling the plug on NTLM authentication by default. The company announced a three-phase plan to shift Windows environments towards Kerberos.

Microsoft NTLM deprecation begins with a three-phase plan. Learn how Kerberos authentication replaces legacy Windows protocols.

27/01/2026

Microsoft confirmed it provided BitLocker encryption keys to the FBI for a fraud investigation. Windows backs up recovery keys to Microsoft's cloud by default, making them accessible via legal orders.

Microsoft gave BitLocker encryption keys to the FBI. Learn why cloud key storage creates serious Windows encryption security risks.