Onion Mail 
Most people judge an email service by what they can see: the inbox, the buttons, the way a message looks when it lands. But the part of an email platform that actually protects your privacy is usually the part you never notice. It works quietly in the background, before a message is ever shown to … Read more
GitHub confirmed on May 20, 2026 that a malicious VS Code extension on an employee device led to the exfiltration of roughly 3,800 internal repositories. The breach reveals less about one compromised endpoint than about the structural costs of platform centralization.
A contractor for the U.S. Cybersecurity and Infrastructure Security Agency maintained a public GitHub repository containing AWS GovCloud credentials, plaintext passwords, and DevSecOps files for six months before researchers intervened.
You get the notification: your email address has been found in a data breach. Maybe it came from a service you’ve never heard of. Maybe from one you trusted. Either way, the instinct is the same—how do I fix this? The uncomfortable truth is that you can’t, not really. A data breach is a permanent … Read more
In recent years, a new category of abuse has emerged in the cybersecurity landscape: the impersonation of law enforcement officers and government agencies by organized criminal groups, carried out through the use of compromised or look-alike government email domains. The objective of these attacks is to obtain user data from online service providers through what … Read more
On May 12, 2026, a researcher published YellowKey, a Windows Recovery Environment bypass allowing physical-access attackers to unlock BitLocker-protected drives on Windows 11 systems. The vulnerability exposes the difference between cryptographic strength and systemic trust architecture.
On May 15, Mozilla submitted a response to a UK government consultation that proposes age-restricting VPNs. The submission argues that such measures address symptoms rather than root causes of online harm.
Onion email services route communication through the Tor network using .onion addresses. This guide explains how they work, what they protect, and where they fit in the anonymous email landscape.
California residents filed federal class actions this week alleging OpenAI transmitted ChatGPT queries to Google and Meta via standard analytics pixels, arguing that automated interception of AI chat violates wiretap law.
Onion Mail has been criticized publicly over the years for login failures, Tor connection issues, mobile app problems, and concerns about security architecture. Most of those criticisms were written between 2015 and 2023. This article documents what has changed since then, what has not, and how the service operates today — with verification paths for … Read more