Detailed Timeline

July 2023: The SEC's cybersecurity incident disclosure requirements rule is implemented.

Sometime before May 2025: Google Quantum AI researchers achieve algorithmic improvements that reduce the estimated qubits needed to crack RSA-2048 with a quantum computer.

Sometime before May 27, 2025: Suspected InfoStealer malware data breach exposes over 184 million logins and passwords. Security researcher Jeremiah Fowler discovers the exposed database.

Sometime before May 27, 2025: Jeremiah Fowler contacts the hosting provider regarding the exposed database.

Sometime before May 27, 2025: The exposed database discovered by Jeremiah Fowler is removed.

Sometime before May 27, 2025: Socket's threat research team discovers 60 malicious packages on NPM that collect host and network data.

Sometime before May 27, 2025: Socket reports the malicious NPM packages for removal.

Sometime before May 27, 2025: Researchers drop a Proof-of-Concept (PoC) for the Fortinet vulnerability CVE-2025-32756.

Sometime before May 27, 2025: The Open MPIC project, an open-source tool to defend against BGP attacks on certificate validation, is developed and released.

Sometime before May 27, 2025: Micah Lee develops and shares the TeleMessage Explorer, a new open-source research tool for journalists.

Sometime before May 27, 2025: The Vibe coding company reports that using Claude 4 reduced syntax errors by 25% and sped up coding by 40%.

Sometime before May 27, 2025: YouTube announces that its Content ID system has paid out $12 billion to rightsholders.

Sometime in 2024: Over 90% of copyright claims on YouTube are monetized rather than removed.

Sometime before May 27, 2025: Cybercriminals create deceptive AI-generated TikTok videos that spread Vidar and StealC malware.

May 27, 2025: The TLDR Information Security newsletter is published, summarizing the events and discoveries mentioned in the source.

By 2029 (Predicted): Experts predict that quantum computers will be able to break asymmetric cryptography.

Ongoing: ThreatLocker offers the "100 Days to Secure Your Environment" tactical series.

Ongoing: American banking groups, led by the ABA, advocate for the SEC to rescind cybersecurity incident disclosure requirements.

Cast of Characters

Jeremiah Fowler: A security researcher who discovered a publicly exposed, unencrypted, and password-less database containing over 184 million logins and passwords.

Socket's threat research team: A team of researchers who discovered 60 malicious packages on NPM designed to collect sensitive host and network data.

Researchers (Fortinet PoC): Unspecified researchers who developed and released a Proof-of-Concept (PoC) for the Fortinet vulnerability CVE-2025-32756.

Micah Lee: A journalist who developed and shared the open-source tool TeleMessage Explorer to help journalists analyze leaked TeleMessage data.

Prasanna Gautam, Eric Fernandez, & Sammy Tbeile: Individuals associated with the TLDR Information Security newsletter, likely contributing to its creation and distribution.

ThreatLocker: A company offering a security series called "100 Days to Secure Your Environment."

American banking groups (led by the ABA): Organizations advocating for the SEC to remove cybersecurity incident disclosure requirements.

Google Quantum AI: A research group within Google that conducted research showing algorithmic improvements for cracking RSA-2048 with a quantum computer.

Vibe coding company: A company that utilizes the Claude 4 AI in their coding tools and reported positive results.

YouTube: A video sharing platform that uses the Content ID system for copyright management and revenue sharing.

Cybercriminals (TikTok malware): Individuals or groups creating deceptive AI-generated TikTok videos to spread malware like Vidar and StealC.