Ravi Nayyar

JOURNALISTS AND SUB-EDITORS OUT THERE, PLEASE DO NOT SAY ‘CYBER-WEAPONS’.

WE DON’T CALL EXPLOITS THAT.

CHEERS.

I’m not a Doctor until the degree’s officially conferred, but it is a blessing that we’re substantively done. Blimey teddy, what a ride this has been.

If you would like to read my thesis, please DM me.

Maa Saraswati Jayate!

A massive thank you to Mum and Dad, my wonderful supervisors (Cary truly is my divine charioteer), my fabulous interviewees and all of you mob for your wisdom, humour and encouragement.

It truly takes a village and I’m privileged to count youse all as part of mine.

ॐ श्रीं ह्रीं सरस्वत्यै नमः।

Om Shrīm Hrīm Sarasvatyai Namah

With this mantra, I invoke the Hindu goddess of learning and the arts, Maa Saraswati, and lay my now-approved PhD thesis at Her feet.

Sydney Metro quietly abandoned M1 5G network hopes Exclusive: Seeking buyer for unused fibre backhaul.

'Supply-side constraints, including long preform manufacturing lead times, raw material export restrictions and cautious capacity expansion by manufacturers, suggest this tightness will persist for at least 18–24 months ...'
www.itnews.com.au/news/sydney-...

'... supply shortage since late 2025. Prices for mainstream optical fibre products have increased significantly, driven primarily by massive AI data centre buildouts, concurrent government broadband programs and submarine cable expansion.

'The three leading glass manufacturers in the United States are experiencing challenges in meeting this heightened demand. Notably, one manufacturer has already sold all of its fibre inventory through the year 2026 ...

Under Pressure: Exploring the effect of legal and criminal threats on security researchers and journalists – DataBreaches.Net "Dissent Doe," DataBreaches.net admin@databreaches.net Zack Whittaker, this.weekinsecurity.com this@weekinsecurity.com February 2026. [ Download .pdf version ]

On the reading list.
databreaches.net/2026/02/02/u...

In Broad Daylight: U.S. Grid Exposed to Risk from PRC-Manufactured Inverter Equipment - Strider Intel The People’s Republic of China (PRC) is systematically targeting America’s critical infrastructure as part of a long-term strategy to gain leverage i...

'... nearly half of all inverters and BESS imported into the United States between 2015 and 2024 came from a high-risk PRC manufacturer ... 86% of [surveyed] U.S. utilities ... (... about 12% of installed U.S. capacity) rely on at least one risky PRC supplier'.
www.striderintel.com/resources/in...

Default ICS Credentials Exploited in Destructive Attack on Polish Energy Facilities Poland’s CERT has published a report detailing the recent attack by Russia-linked hackers on the country’s power grid.

Basics not getting implemented means your CNI is basically not in a good place.
www.securityweek.com/default-ics-...

'Moxa NPort serial device servers ... exposed web interfaces and default credentials to access the systems and then reset them to factory settings, changed their login password, and assigned IP addresses that prevented legitimate users from accessing them'.

'... wipers on Windows machines hosting the HMI software, which, on devices protected by default local admin credentials, caused damage.

'... Hitachi Relion protection and control relays ... failure to disable a default FTP account (the vendor recommends disabling this account) and the use of default credentials.

'... RTUs and [HMIs] ... made by Mikronika ...protected with default credentials ...

'... [Hitachi Energy] RTU560 [RTUs] .... default credentials ... a security feature meant to prevent malicious firmware updates had not been enabled, but even if it had been enabled the devices were affected by CVE-2024-2617, a known flaw allowing unsigned firmware updates.

'... each of the targeted facilities had Fortinet FortiGate devices exposed to the internet, using default credentials and lacking [MFA] ... the initial attack vector.

Software and AI Agent Identity and Authorization | NCCoE For well over a decade, code-based systems have been used to enable automation, cloud workloads, and the deployment of APIs. However, with the advancement of software and AI agents—systems that have t...

'... standards-based approaches to identify, manage, and authorize access and actions taken by software agents, including AI agents, and provide practical guidelines for organizations to securely implement AI agents ...'

Consultation's on.
www.nccoe.nist.gov/projects/sof...

By the way, cricket fans, 'The Edge' is a fantastic doco on the Andy Flower period for the England Men's team.
www.cisa.gov/news-events/...

'... CISA developed an EOS Edge Device List ... This Directive requires federal agencies to use this information to identify and remediate vulnerabilities within the first three months ... also specifies long-term requirements ...'

'This Directive aligns with OMB’s Circular A-1301, Managing Information as a Strategic Resource ... A-130 requires that “unsupported information systems and system components are phased out as rapidly as possible ...”

Strengthening supply-chain security in Open VSX The Open VSX Registry is core infrastructure in the developer supply chain, delivering extensions developers download, install, and rely on every day. As the ecosystem grows, maintaining that trust ma...

[Awesome to see OpenSSF back this security uplift for a crucial part of the OSS community.]
blogs.eclipse.org/post/christo...

'Move toward enforcement in March, once we’re confident the system behaves predictably and fairly

'We would also like to thank Alpha-Omega for supporting this work, and for their broader support of the Eclipse Foundation’s security initiatives'.

'Together, we’re introducing a new, extensible verification framework.

'Begin monitoring newly published extensions in February, without blocking publication

'Use this monitoring period to tune checks, reduce false positives, and improve feedback

'The Open VSX Registry is core infrastructure in the developer supply chain, delivering extensions developers download, install, and rely on every day.

'To address this, we are taking a more proactive approach by adding security checks before extensions are published ...

Risky Bulletin: Plone CMS stops supply-chain attack In other news: France raids Twitter's offices; OpenClaw malicious skills explode; Notepad++ incident linked to Chinese APT.

'It is unclear how the attacker gained access to the compromised dev's personal access token, but the user said the attacker had access to the token for two months before the force-push operations'.
news.risky.biz/risky-bullet...

'The attacker managed to get their hands on the developer's GitHub personal access token and force-pushed the malicious code hidden after a lot of whitespace.

'... the code targeted other developers working with Plone, and not visitors of Plone-based websites.

'A threat actor inserted malicious code in five of the organization's repositories but the modifications were spotted before they made it to any official release.

Commission strengthens EU cybersecurity resilience and capabilities Europe faces daily cyber and hybrid attacks on essential services and democratic institutions, carried out by sophisticated state and criminal groups. The European Commission has today proposed a new ...

'ENISA will also develop a Union approach to provide better vulnerabilities management services to stakeholders. It will operate the single-entry point for incident reporting proposed in the Digital Omnibus'.
ec.europa.eu/commission/p...

'[ENISA] issuing early alerts of cyber threats and incidents. In cooperation with Europol and Computer Security Incident Response Teams, it will support companies in responding to and recovering from ransomware attacks.

'... simplify jurisdictional rules, streamline the collection of data on ransomware attacks and facilitate the supervision of cross-border entities with ENISA's reenforced coordinating role.

'Targeted amendments to the NIS2 Directive aim to increase legal clarity ... new category of small mid-cap enterprises to lower compliance costs for 22,500 companies ...