Nishant Kaushik (@nishantkaushik.com)

Look What You Made Us Patch: 2025 Zero-Days in Review | Google Cloud Blog Our analysis of 90 zero-day vulnerabilities tracked in 2025, focusing on techniques and how AI will accelerate the vulnerability landscape.

"For the first time since we began tracking zero-day exploitation, we attributed more zero-days to commercial surveillance vendors than to traditional state-sponsored cyber espionage groups."

Love to see the stats backing up my hunch.

cloud.google.com/blog/topics/...

05.03.2026 19:43 👍 77 🔁 33 💬 4 📌 0

The Blast Radius Problem: Stolen Credentials Are Weaponizing Agentic AI IBM threat report reveals a 4x surge in supply chain attacks, fueled by startling reality: 56% of vulnerabilities require no authentication.

This doesn’t help.

04.03.2026 13:16 👍 0 🔁 0 💬 0 📌 0

Software vulnerabilities are being weaponized faster than ever A report by VulnCheck shows threat groups are exploiting a small percentage of critical flaws well before security teams can mitigate.

Time is never on the side of the #cybersecurity defenders.

04.03.2026 13:06 👍 0 🔁 0 💬 1 📌 0

13 years later and the story of Aaron Swartz still fills me with anger and sadness

02.03.2026 11:04 👍 196 🔁 57 💬 0 📌 4

Lip Sync Battle - Tom Holland YouTube video by Comedy Central Latinoamérica

Time to share this again. You know why I'm sharing this.

02.03.2026 13:35 👍 0 🔁 0 💬 0 📌 0

A VC and some big-name programmers are trying to solve open source's funding problem, permanently | TechCrunch A group of well-known open source programmers and a VC have launched the Open Source Endowment. They hope this new method will provide funding for good.

One can only hope it operates with altruistic intentions as opposed to controlling intentions.

01.03.2026 15:41 👍 0 🔁 0 💬 0 📌 0

RP ID deep dive | web.dev Learn how to configure your RP ID and platform associations to enable seamless passkey authentication across subdomains, multiple sites, and mobile applications.

Understanding RP IDs (Relying Party IDs) is critical to deploying passkeys correctly and gaining the benefit of phishing-resistant authentication. This post by Eiji Kitamura is a good deep-dive for those looking to #UsePasskeys.
#Passkeys #PhishingResistance @fidoalliance.bsky.social

27.02.2026 13:55 👍 0 🔁 1 💬 0 📌 0

I'm not entirely sure how they did it, but they've completely cleared the streets around my office in Midtown #NYC.

They paid a lot of people good wages to do the job effectively, thank you for coming to my socialism talk

24.02.2026 12:38 👍 15628 🔁 2745 💬 0 📌 1

‘Starkiller’ Phishing Service Proxies Real Login Pages, MFA Most phishing websites are little more than static copies of login pages for popular online destinations, and they are often quickly taken down by anti-abuse activists and security firms. But a stealt...

We should obviously pay attention to anything that Brian Krebs refers to as "a remarkable evolution in phishing". The imperative to modernize the security stack gets clearer every day. #UsePasskeys #DBSC #Signals

23.02.2026 22:01 👍 0 🔁 0 💬 0 📌 0

A prominent Bluesky elder already hosts Jeopardy

16.02.2026 20:29 👍 20679 🔁 1497 💬 204 📌 61

I can be angry about rising fascism and also angry about facial recognition built into surveillance glasses at the same time, not only because these things are directly related, but because I contain fucking multitudes and all them are mad all the goddamn time.

13.02.2026 22:23 👍 446 🔁 98 💬 7 📌 4

How to Stop Using Passwords and Start Using Passkeys Passkeys were built to enable a password-free future. Here's what they are and how you can start using them.

Excellent, approachable article about passkeys. "Passwords suck" indeed.
(Also, I ❤️ @wired.com)
#UsePasskeys #PasswordsMustDie #HumanCentricSecurity
www.wired.me/story/how-pa...

13.02.2026 19:28 👍 0 🔁 0 💬 0 📌 0

Chadwick Boseman and James van der Beek both died in their 40s of an illness that's treatable if a colonoscopy catches it but almost no insurer covers them for people under 45, this is what Engels meant by "social murder"

12.02.2026 19:08 👍 8326 🔁 2543 💬 0 📌 149

Integrating FIDO Standards into Secure OT Connectivity — A Practical Path to Resilience | FIDO Alliance Operational Technology (OT) environments — from industrial control systems to critical infrastructure networks — have traditionally prioritized safety and

In my latest blog for the @fidoalliance.bsky.social, I explore how open, phishing-resistant authentication (#passkeys), FIDO Device Onboard (#FDO), and emerging Bare Metal Onboarding (#BMO) support the principles laid out in the UK NCSC’s Secure Connectivity Principles for OT guidance. #Resilience

12.02.2026 14:27 👍 0 🔁 1 💬 0 📌 0

What’s a “State Endorsed Digital Identity” and Why is Utah Creating One? Utah is introducing a State Endorsed Digital Identity to modernize trust online. Explore how SEDI works and why it’s a model for privacy-first digital ID.

A couple of weeks ago, at the @makeidbetter.bsky.social + @fidoalliance.bsky.social “Identity, Authentication and the Road Ahead 2026” policy forum, the Chief Privacy Officer for the State of Utah gave a talk about #SEDI, and it's potential within the #DigitalIdentity and #Privacy ecosystem.

09.02.2026 14:35 👍 1 🔁 1 💬 0 📌 0

FOSDEM 2026 - Credentials for Linux: Bringing Passkeys to the Linux desktop

One of my open source colleagues presented on our current progress with passkeys on Linux!

https://www.fosdem.org/2026/schedule/event/838A8N-credentials-for-linux-bringing-passkeys-to-linux/

Thanks for presenting, Alfie! I'm glad to be working with you. :)

02.02.2026 23:39 👍 0 🔁 3 💬 0 📌 0

AI is Removing Bottlenecks to Effective Content Moderation at Scale Zentropi's Dave Willner says LLM-driven technology can now accomplish content classification at the scale necessary for moderation on large platforms.

@techpolicypress.bsky.social was kind enough to host my reflections on just how far we’ve already come with AI-assisted content moderation.

We’ve got a long way to go, but the difficulties that used to serve as (legitimate) excuses are fading fast.

www.techpolicy.press/ai-is-removi...

29.01.2026 16:38 👍 55 🔁 19 💬 5 📌 1

#BossMove

28.01.2026 21:52 👍 2 🔁 0 💬 0 📌 0

Banner for the Identity Policy Forum "Identity, Authentication and the Road Ahead", happening on Thursday, January 29, 2026 in Washington DC. Hosted by Better Identity Coalition, FIDO Alliance, and the Identity Theft Resource Center.

On the train to DC for the “Identity, Authentication and the Road Ahead 2026” policy forum, hosted by @makeidbetter.bsky.social, @fidoalliance.bsky.social, Identity Theft Resource Center. Join the discussion: www.betteridentity.org/event/identi...
#identity #authentication #security #IDPolicyForum

28.01.2026 20:32 👍 4 🔁 1 💬 0 📌 0

Beware! Fake ChatGPT browser extensions are stealing your login credentials If you've installed a browser extension to enhance your ChatGPT experience, you might want to think again.

Malicious browser extensions that steal account credentials and hijack sessions aren’t new.
But in the agentic era, this is about to become a design relied upon by good actors as well. It’s imperative that the #identity +
#security folks work on an alt. to #TokenHijacking & #SessionHijacking in #AI

28.01.2026 13:42 👍 1 🔁 0 💬 0 📌 0

Lines that go straight up in charts that track disease = VERY BAD.

28.01.2026 13:01 👍 983 🔁 260 💬 21 📌 12

Card showing the quote “Nurses are a unique kind. They have this insatiable need to care for others, which is both their greatest strength and fatal flaw.” By Jean Watson, American nurse theorist and nursing professor.

24.01.2026 22:17 👍 1 🔁 0 💬 0 📌 0

Ooh, what's that now? Jeremy Grant Tim C. 👨‍💻 Matthew Miller | Eric Mill Ooh, what's that now? Jeremy Grant Tim C. 👨‍💻 Matthew Miller

It is awesome to see one of the most vital parts to the world’s information ecosystem protected by passkeys. #WikipediaAt25 #UsePasskeys
www.linkedin.com/posts/eric-m...

23.01.2026 13:40 👍 2 🔁 2 💬 0 📌 0

WATCH — Are passkeys safer than passwords? Here’s how they work CBC Kids News contributor Jonnakae Hoskins explains what passkeys are and how they work #KNexplains

OK. This is pretty cool. #UsePasskeys

22.01.2026 19:30 👍 1 🔁 0 💬 0 📌 0

Libraries are amazing. And vital.

20.01.2026 15:00 👍 2 🔁 0 💬 0 📌 0

Seems to me that *any* technology that requires forced adoption and injection into every single arena, whether users want it or not, is the definition of not ready.
There is a lot of value in what has been built. Let folks figure out how to use it productively and in a way that creates actual value.

20.01.2026 14:56 👍 1 🔁 0 💬 0 📌 0

Behind that o-line, no one could survive.

19.01.2026 00:15 👍 0 🔁 0 💬 1 📌 0

👏🏽👏🏽👏🏽

12.01.2026 19:52 👍 0 🔁 0 💬 0 📌 0

"Paywalled" is the word you're looking for. They didn't turn it off. The only thing that changed is X now explicitly makes money off CSAM.

09.01.2026 11:57 👍 2710 🔁 934 💬 46 📌 16

Post from Amanda Gorman’s Instagram that says amandascgorman Minneapolis, Minnesota For Renee Nicole Good Killed by ICE. on January 7, 2026 by Amanda Gorman They say she is no more, That there her absence roars, Blood-blown like a rose. Iced wheels flinched & froze. Now, bare riot of candles, Dark fury of flowers, Pure howling of hymns. If for us she arose, Somewhere, in the pitched deep of our grief, Crouches our power, The howl where we begin, Straining upon the edge of the crooked crater Of the worst of what we've been. Change is only possible, & all the greater, When the labour & bitter anger of our neighbors Is moved by the love * better angels of our nature.

Amanda Gorman wrote this poem for Renee Good and that’s it for me tonight.

09.01.2026 02:54 👍 12618 🔁 4664 💬 145 📌 240

Nishant Kaushik

Latest posts by Nishant Kaushik @nishantkaushik.com