CISA flags data-theft bug in NSA-built OT networking tool
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough
The National Security Agency (NSA) is a U.S. intelligence authority whose guidance supports cybersecurity defense and cryptographic practice.
Search across headline titles and summaries.
Background for this topic.
NSA is the U.S. National Security Agency, responsible chiefly for signals intelligence (SIGINT)—collecting and analyzing foreign electronic communications and other signals—and for cybersecurity of U.S. national security systems. Its cybersecurity work includes cryptography, secure communications, technical standards and guidance, and coordinated advisories about threats and vulnerabilities. The tag may also cover the agency’s intelligence authorities and disclosures.
For practitioners, NSA advisories can provide threat indicators, exploit details, mitigations, and hardening advice, but their scope and authority matter: many recommendations target classified or other national-security systems rather than ordinary enterprise environments, and are not automatically legal or regulatory requirements. NSA activities can also raise privacy and governance questions around surveillance, vulnerability handling, and access to sensitive systems. Organizations should validate applicability, prioritize mitigations through vulnerability management, and protect NSA-derived threat intelligence and cryptographic guidance from unauthorized disclosure.
Weekly headline count for the current query.
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…
Four former NSA bosses walk onto the stage at RSAC… rsac 2026 There's a theoretical red line with cyber warfare. Cross it, and the US will respond with a physical attack like missile strikes. And that line "is whatever the President says it is," according to former NSA boss retired General Paul Nakasone.…
'It freakin' worked' says Rob Joyce - and shows how relentless AI agents can find holes humans miss RSAC 2026 The now-infamous Anthropic report about Chinese cyberspies abusing Claude AI to automate cyberattacks was a Rorschach test for the infosec community, according to former NSA cyber boss Rob Joyce.…
Follows suggestions iPhone-pwning toolset bears hallmarks of zero-days that targeted Russian diplomats Russian cybersecurity outfit Kaspersky is waving away claims that an iPhone exploit kit recently uncovered by Google was developed by the same people who were behind a group of zero-days that allegedly compromised thousands of Russian diplomats in a 2023 campaign.…
Plus: Google clears up Gmail concerns, NSA drops SBOM bomb, Texas sues PowerSchool, and more Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese networking biz TP-Link are under active attack and need to be fixed – but there's another flaw being exploited as well.…
In misinformation, Russia might be the top dog but the Chinese are coming warns former NSA boss DEF CON A cache of documents uncovered by Vanderbilt University has revealed disturbing details about how a Chinese company is building up a database of US politicians and influencers with whom to share propaganda.…
PLUS: Doxxers jailed; Botnets bounce back; CISA questioned over app-vetting program closure; And more Infosec in Brief If a cyberattack hit critical infrastructure in the US, it would likely crumble, former deputy national security adviser and NSA cybersecurity director Anne Neuberger said last week.…
Plus, Co-op tells The Reg: 'we took early and decisive action' to block the crooks INTERVIEW The call came into the help desk at a large US retailer. An employee had been locked out of their corporate accounts. …
For now it's a potential bug-finder and friend to defenders RSAC Former NSA cyber-boss Rob Joyce thinks today's artificial intelligence is dangerously close to becoming a top-tier vulnerability exploit developer.…
Homeland Security boss Noem added as last-minute keynote, mind you RSAC There's a notable absence from this year's RSA Conference that kicked off today in San Francisco: The NSA's State of the Hack panel.…
Bake in security now or pay later, says Mike Rogers AI engineers should take a lesson from the early days of cybersecurity and bake safety and security into their models during development, rather than trying to bolt it on after the fact, according to former NSA boss Mike Rogers.…
Beijing claims NSA went for gold in offensive cyber, got caught in the act China's state-run press has taken its turn in trying to highlight alleged foreign cyber offensives, accusing the US National Security Agency of targeting the 2025 Asian Winter Games.…
Intelligence chief booted after less than two years on the job President Trump today fired the head of the NSA and US Cyber Command and his deputy.…
Plus AI in the infosec world, why CISA should know its place, and more Interview Russia appears to be having second thoughts on how aggressively, or at least how visibly, it attempts to influence American elections, according to a former head of the NSA.…
Cue deepening existential European dread as Rest of World contemplates Trump turning off the info tap If the United States stopped sharing cyber-threat intel with Ukraine, its European allies and the rest of the Five Eyes nations wouldn't be able to provide all the info Uncle Sam collects, according to former chief of US Cyber Command and the NSA General Paul Nakasone.…
Would 'destroy a pipeline of top talent essential for hunting' Chinese spies in US networks, Congress told Video Looming staffing cuts to America's security and intelligence agencies, if carried out, would "have a devastating effect on cybersecurity and our national security," former NSA bigwig Rob Joyce has told House representatives.…
Rob Joyce explains how it's done Video In 2018, Rob Joyce, then Donald Trump's White House Cybersecurity Coordinator, gave a surprise talk at the legendary hacking conference Shmoocon about his hobby.…
Chipzilla says it obeys the law ... which could mean anything Intel has responded to Chinese claims that its chips include security backdoors at the direction of America's NSA.…
Chipzilla uses WeChat post to defend record of following local laws Intel has roundly rebutted Chinese accusations that its chips include security backdoors at the direction of the US National Security Agency (NSA).…