E-Evidence and the Limits of Jurisdiction: What Really Protects Your Email

E-Evidence and the Limits of Jurisdiction: What Really Protects Your Email

E-Evidence and the Limits of Jurisdiction: What Really Protects Your Email On 12 March 2026, Germany enacted the law implementing the EU “E-Evidence package” — a pair of European instruments (Regulation (EU) 2023/1543 and Directive (EU) 2023/1544) that quietly redraws the map of how law enforcement agencies across the European Union can obtain digital evidence … Read more

The Mandatory Eye: Driver Monitoring Becomes Infrastructure

tracking - red padlock on black computer keyboard

Driver monitoring systems with eye tracking are transitioning from premium features to mandatory safety equipment on two continents. The regulatory justification is safety. The architectural question is what happens to data when cameras become required.

Age Verification Laws Create Pointless Risk at Scale

pointless - red padlock on black computer keyboard

Age verification laws have proliferated across jurisdictions in 2025-2026, creating a distributed identity infrastructure that collects biometric and government ID data at scale without demonstrably protecting minors.

GitHub Breach: How a Malicious VS Code Extension Exposed 3,800 Internal Repositories

breached - A padlock rests on a computer keyboard.

GitHub confirmed on May 20, 2026 that a malicious VS Code extension on an employee device led to the exfiltration of roughly 3,800 internal repositories. The breach reveals less about one compromised endpoint than about the structural costs of platform centralization.

The CISA GitHub Leak: What Six Months of Exposed Credentials Tell Us About Systemic Security Failures

leak - A padlock rests on a computer keyboard.

A contractor for the U.S. Cybersecurity and Infrastructure Security Agency maintained a public GitHub repository containing AWS GovCloud credentials, plaintext passwords, and DevSecOps files for six months before researchers intervened.

Emergency Data Requests and Law Enforcement Impersonation: Onion Mail’s Position

Emergency Data Requests and Law Enforcement Impersonation: Onion Mail's Position

In recent years, a new category of abuse has emerged in the cybersecurity landscape: the impersonation of law enforcement officers and government agencies by organized criminal groups, carried out through the use of compromised or look-alike government email domains. The objective of these attacks is to obtain user data from online service providers through what … Read more

BitLocker Bypass Shows Encryption Without Architecture Fails

encryption - red padlock on black computer keyboard

On May 12, 2026, a researcher published YellowKey, a Windows Recovery Environment bypass allowing physical-access attackers to unlock BitLocker-protected drives on Windows 11 systems. The vulnerability exposes the difference between cryptographic strength and systemic trust architecture.