Risky Bulletin Risky Bulletin: Domain resurrection attacks come to Canonical's Snap Store
16 snips
Jan 21, 2026 Discover how Canonical's Snap Store fell victim to domain resurrection attacks, allowing hackers to hijack developer accounts. Explore Russia's ambitious $30M AI initiative to detect VPN users and the response to increased surveillance laws in Ireland. Learn about Iranian hackers leveraging Starlink during internet outages and the surprising arrest of SMS spammers in Greece. Plus, delve into the latest on ransomware threats and efforts to reclaim lost funds in the tech world.
AI Snips
Chapters
Transcript
Episode notes
Expired Domains Enable Supply-Chain Hijacks
- Threat actors hijacked Snap Store developer accounts by reviving expired email domains to seize password resets.
- Similar domain resurrection attacks have hit GitHub, PyPI and NPM, showing a cross-ecosystem supply-chain risk.
AI To Police VPN Use In Russia
- Russia will spend nearly $30 million to build AI that detects VPN usage and has already blocked many VPN apps.
- Criminalizing sharing censorship-circumvention info and bank card blocks show growing online control measures.
Ransomware Hits Major Apple Assembler
- A major Apple assembler, Luxshare, suffered a ransomware claim that included six years of circuit board designs and internal documents.
- The incident highlights supply-chain exposure at large manufacturing partners.