North Korea has continued late last week and over the weekend to denounce recent attribution of WannaCry to Pyongyang as "grave political provocation," "reckless" and "baseless." Pyongyang has also promised unspecified retaliation (which may be a matter of routine form) and demanded that its accusers produce their evidence. The US is most commonly mentioned in these dispatches, although the UK was the first to officially call out the DPRK, and the US and UK were quickly joined by the three other Five Eyes: Australia, Canada, and New Zealand.
Proofpoint reports that the DPRK-linked Lazarus Group has expanded its targets from financial institutions to point-of-sale networks and individuals.
The Satori botnet, a Mirai successor that surfaced at the end of November and became relatively quiet after a takedown, may be reforming for a comeback. Netlab observed a spike in scanning of ports 52869 and 37215, which may represent an attempt by the botnet's controller to resume activity. That controller, "Nexus Zeta," is said by Checkpoint to be a script kiddie and an amateur (in the descriptive, non-pejorative sense).
The GoAhead webserver, widely used in IoT devices, was found vulnerable to remote code execution. The vendor, Embedthis, has patched.
Edward Snowden's got a privacy app out called "Haven," which CNET describes as "like a baby monitor on steroids."
WikiLeaks impressario Julian Assange's Twitter account went offline Christmas Eve but returned hours later with a video of a "bouncing corgi." (His followers did drop below 10,000, corgi lovers having yet to weigh in.)