Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
A peculiar cybersecurity mystery is unfolding around unexplained iPhone crashes. While the situation could pose a serious threat to national security, Apple has firmly denied any claims linking the incidents to targeted attacks, particularly from Chinese hackers.
Ivan Krstić, Apple’s Head of Security Engineering, stated in a message to WIRED that the company “strongly disagrees with the claims of a targeted attack against our users.” The flaw, first brought to light by iVerify, involved a messaging bug that caused iPhones to crash when the sender changed their nickname and avatar. However, Apple maintains this was merely a “conventional software bug” and not an exploitation attempt.
This denial is particularly notable, given Apple’s previous aggressive responses to real cyber threats—such as its lawsuit against NSO Group for targeting iPhone users.
Thus, what could have been a critical intelligence crisis has instead become an unresolved and unsettling puzzle for the cybersecurity community.
Unqualified Intern Appointed to Key Homeland Security Role
In another eyebrow-raising development, Thomas Fugate, a 22-year-old recent graduate and former intern at the Heritage Foundation with no formal experience in national security, has reportedly been named to a significant role at the Department of Homeland Security (DHS).
According to an investigation by ProPublica, Fugate now leads the Center for Prevention Programs and Partnerships (CP3), a DHS office responsible for distributing millions in grants to prevent politically motivated violence, including domestic terrorism and school shootings.
Fugate replaced Bill Braniff, a seasoned national security expert and Army veteran, who resigned after funding and staffing cuts under the Trump administration.
CP3’s latest report to Congress revealed it has supported over 1,100 initiatives to counter violent extremism. The appointment comes at a time when the U.S. is grappling with a series of high-profile domestic terror events, such as a car bombing in California and the shooting of Israeli Embassy staff in Washington, D.C.
Cybersecurity Naming Chaos Gets Partial Clarity
In cybersecurity, hacker group names are notoriously inconsistent. Each security company typically creates its own naming system to avoid false equivalence with others’ findings, resulting in a chaotic taxonomy: for instance, “Fancy Bear” is also known as “APT28,” “Strontium,” and “Forest Blizzard.”
Now, in an attempt to reduce confusion, companies like Google, Microsoft, CrowdStrike, and Palo Alto Networks have started aligning their threat group glossaries. While they haven’t agreed on a unified naming convention, there’s now more consensus on which aliases refer to the same threat actors.
So, cybersecurity writers can now say “Sandworm, also known as Telebots, Voodoo Bear, Hades, Iron Viking, Electrum, or Seashell Blizzard” with a bit more authority.
Corellium Founder, Pardoned Hacker, Sells to Cellebrite
Chris Wade, founder and CTO of the mobile reverse-engineering firm Corellium, has led a controversial and dramatic career path. Convicted in 2005 for enabling spammers through proxy services, Wade avoided prison by cooperating with law enforcement. In 2020, he received a surprising presidential pardon from Donald Trump.
Wade’s company later settled a major copyright lawsuit with Apple after building tools that allow users to emulate iOS and Android devices for security testing.
Now, Corellium is being acquired for $200 million by Cellebrite, an Israeli firm known for developing phone-hacking tools for law enforcement agencies around the world (source). This marks a major payday for Wade—an entrepreneur who has shifted from hacker to respected vendor in the digital forensics space.
