#browser-safety
#browser-safety

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

fromwww.bbc.com

Privacy technologies

UK cyber chiefs say it's time to ditch passwords for passkeys - what are they?

Privacy technologies

NCSC: Passkeys now good enough to be the default standard

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

Key cybersecurity developments include a hacker's probation, UK military deployment for internet protection, and Lovable's data exposure issue.

5 hours ago

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

A new campaign targets Chinese-speaking individuals using a trojanized SumatraPDF to deploy AdaptixC2 Beacon for remote access via VS Code tunnels.

fromMail Online

How to create secure passwords - it might be time to switch to passkey

Using unique passwords and transitioning to passkeys enhances online security and reduces the risk of cyber threats.

What is a passkey, how does it work and why is it better than a password?

The UK's National Cyber Security Centre recommends using passkeys instead of passwords for secure digital logins.

fromwww.bbc.com

UK cyber chiefs say it's time to ditch passwords for passkeys - what are they?

People in the UK are encouraged to use passkeys instead of passwords for better online security.

NCSC: Passkeys now good enough to be the default standard

The NCSC endorses passkeys as the default authentication standard, urging consumers to abandon passwords for enhanced security.

In Other News: Unauthorized Mythos Access, Plankey CISA Nomination Ends, New Display Security Device

Key cybersecurity developments include a hacker's probation, UK military deployment for internet protection, and Lovable's data exposure issue.

5 hours ago

Tropic Trooper Uses Trojanized SumatraPDF and GitHub to Deploy AdaptixC2

A new campaign targets Chinese-speaking individuals using a trojanized SumatraPDF to deploy AdaptixC2 Beacon for remote access via VS Code tunnels.

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.

#google

fromSearch Engine Roundtable

Google Now Won't Use Spam Reports With Personally Identifying Information

Google updated its spam report policy to protect personally identifying information after receiving backlash from users.

fromPCWorld

Google will soon penalize sites that hijack your browser's back button

Google will penalize websites that hijack the browser's back button to improve user experience and eliminate frustrating redirects.

2 weeks ago

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

fromSearch Engine Roundtable

Google Now Won't Use Spam Reports With Personally Identifying Information

Google updated its spam report policy to protect personally identifying information after receiving backlash from users.

fromPCWorld

Google will soon penalize sites that hijack your browser's back button

Google will penalize websites that hijack the browser's back button to improve user experience and eliminate frustrating redirects.

2 weeks ago

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromWRAL.com

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but poses privacy and security risks in public spaces.

fromAP News

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but comes with privacy and security risks when working in public spaces.

fromSFGATE

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work in public spaces offers flexibility but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.

fromWRAL.com

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but poses privacy and security risks in public spaces.

fromAP News

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work offers flexibility but comes with privacy and security risks when working in public spaces.

fromSFGATE

fromwww.socialmediatoday.com

One Tech Tip: Logging on at a cafe? Privacy and security guidelines for remote workers

Remote work in public spaces offers flexibility but poses privacy and security risks that require precautions.

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.

Cryptocurrency

fromThe Village Voice

17 hours ago

Which VPN makes sense for crypto traders in 2026? - The Village Voice

Crypto traders must choose VPNs based on technical fundamentals like protocol choices, logging policies, and security features to protect their activities.

#meta

Parenting

fromaction.consumerreports.org

Meta will let parents see their teens' AI queries

Meta's update allows parents to view their teens' AI chatbot queries, providing transparency on topics without specific details.

Online marketing

Hold Meta accountable for fraudulent ads

fromFuturism

Meta Installing Software on Employee Computers to Track Everything They Do, Feed the Data to AI

Meta is implementing tracking software on employees' computers to gather data for AI training, raising ethical and privacy concerns.

fromwww.socialmediatoday.com

Meta staff protest surveillance software on work PCs

Meta is implementing surveillance software on employee computers to gather data for improving AI models.

Parenting

fromaction.consumerreports.org

Meta will let parents see their teens' AI queries

Meta's update allows parents to view their teens' AI chatbot queries, providing transparency on topics without specific details.

Online marketing

Hold Meta accountable for fraudulent ads

fromFuturism

Meta Installing Software on Employee Computers to Track Everything They Do, Feed the Data to AI

Meta is implementing tracking software on employees' computers to gather data for AI training, raising ethical and privacy concerns.

Meta staff protest surveillance software on work PCs

Meta is implementing surveillance software on employee computers to gather data for improving AI models.

Apple stops weirdly storing data that let cops spy on Signal chats

Signal's patch deletes preserved notifications and prevents future preservation for deleted apps, but user concerns about privacy remain.

New Firefox update patches a whopping 271 bugs, thanks to Claude Mythos

Firefox 150 introduces enhanced features and fixes 271 security flaws.

Software development

Mozilla Fixes 271 Firefox Bugs Using Anthropic's Mythos AI

Firefox 150 includes patches for 271 security vulnerabilities identified using Anthropic's Claude Mythos Preview AI model.

Web frameworks

New Firefox update patches a whopping 271 bugs, thanks to Claude Mythos

Firefox 150 introduces enhanced features and fixes 271 security flaws.

Software development

Mozilla Fixes 271 Firefox Bugs Using Anthropic's Mythos AI

Firefox 150 includes patches for 271 security vulnerabilities identified using Anthropic's Claude Mythos Preview AI model.

more#firefox

#agentic-ai

8 hours ago

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.

3 hours ago

Information security

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

8 hours ago

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.

fromwww.independent.co.uk

3 hours ago

Why Cybersecurity Must Rethink Defense in the Age of Autonomous Agents

Agentic AI is transforming cybersecurity, presenting both opportunities for defenders and risks for attackers, necessitating a strategic response from the industry.

more#agentic-ai

UK news

Which countries are restricting children's social media access and how

Australia becomes the first country to ban social media access for children under 16, reflecting concerns over children's health and safety.

EU data protection

18 hours ago

These are the countries moving to ban social media for children | TechCrunch

Countries are implementing social media bans for children to address risks like cyberbullying and mental health issues.

UK politics

fromwww.bbc.com

20 hours ago

Proxy attacks in UK a real and growing concern, says PM

The UK government is increasingly concerned about hostile states using proxies for attacks, particularly against the Jewish community.

Digital life

23 hours ago

AI sycophancy could be more insidious than social media filter bubbles

AI chatbots may use flattery to enhance user engagement, similar to social media algorithms, leading to potential distortions in judgment.

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Healthcare

fromNextgov.com

Former FBI official proposes terror designations for ransomware hackers targeting hospitals

Ransomware actors targeting critical infrastructure may be designated as terrorists, allowing for expanded legal actions against them.

Information security

Ransomware negotiator pleads guilty to helping ransomware gang | TechCrunch

Remote Desktop security beefed up with hard-to-read messages

Microsoft's Remote Desktop update has a bug preventing security warnings from displaying correctly for some users.

Another spyware maker caught distributing fake Android snooping apps | TechCrunch

Morpheus, a new malware identified by Osservatorio Nessuno, masquerades as a phone updating app and is capable of stealing a broad range of data from an intended target's device.

Privacy professionals

#artificial-intelligence

fromInfoQ

15 hours ago

Deepfakes, Disinformation, and AI Content Are Taking Over the Internet

AI has become ubiquitous in society, influencing various industries and products, but there are concerns about its overuse and effectiveness.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

fromFortune

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

fromInfoQ

15 hours ago

Deepfakes, Disinformation, and AI Content Are Taking Over the Internet

AI has become ubiquitous in society, influencing various industries and products, but there are concerns about its overuse and effectiveness.

5 AI Models Tried to Scam Me. Some of Them Were Scary Good

Artificial intelligence is increasingly capable of executing sophisticated social engineering attacks, as demonstrated by the DeepSeek-V3 model.

fromFortune

more#artificial-intelligence

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.

EU data protection

Some Interrail travellers told to cancel passports as hacked data posted online

Holidaymakers in Europe must replace passports after personal data was hacked and sold on the dark web, causing stress and financial burden.

Digital life

fromThe New Yorker

The Anguish of Data Loss

Data preservation is crucial, yet digital devices are fragile and often treated carelessly, leading to significant loss when data is not backed up.

#ai

Software development

Mythos found 271 Firefox flaws - none a human couldn't spot

fromEngadget

Artificial intelligence

Mozilla says it patched 271 Firefox vulnerabilities thanks to Anthropic's Claude Mythos

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

Information security

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

fromComputerworld

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.

fromInfoWorld

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.

Software development

Mythos found 271 Firefox flaws - none a human couldn't spot

Mythos AI model significantly improves bug detection, identifying 271 vulnerabilities in Firefox 150, marking a pivotal moment for software security.

fromEngadget

Mozilla says it patched 271 Firefox vulnerabilities thanks to Anthropic's Claude Mythos

Mozilla's use of Anthropic's Claude Mythos model successfully identified and patched 271 vulnerabilities in Firefox, showcasing AI's potential in cybersecurity.

Brace yourself for a flood of patches in all of your tech gadgets

Mythos, Anthropic's AI model, identifies software vulnerabilities, prompting urgent updates to prevent exploitation by hackers.

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.

fromComputerworld

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.

fromInfoWorld

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

AI has exposed hundreds of vulnerabilities in Mozilla's Firefox browser, highlighting both cybersecurity advancements and dual-use risks.

Now, even ransomware is using post-quantum cryptography

Kyber's use of PQC key-exchange algorithms serves more as a marketing tactic than a practical security measure against imminent quantum threats.

Meta tracking employee keystrokes to train AI is probably legal. Experts say that doesn't make it ethical

Meta Platforms is implementing software to track employee computer usage to train AI models, raising privacy concerns amid potential layoffs.

fromwww.businessinsider.com

The AI race is quietly rewriting what surveillance looks like at work

Companies are increasingly monitoring employee activities to gather data for training AI agents that can automate tasks and improve decision-making.

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Apple has released a software update to fix a flaw in iOS and iPadOS that retained deleted notifications on devices.

Apple

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats

Apple released updates to fix a vulnerability that allowed recovery of deleted messages on iOS and iPadOS devices.

Apple

Apple Patches iOS Flaw That Stored Deleted Signal Notifications in FBI Forensic Case

Apple has released a software update to fix a flaw in iOS and iPadOS that retained deleted notifications on devices.

Apple

Apple Patches iOS Flaw Allowing Recovery of Deleted Chats

Apple released updates to fix a vulnerability that allowed recovery of deleted messages on iOS and iPadOS devices.

The Top 8 Enterprise VPN Solutions

Secure remote connections are critical for businesses to prevent data breaches, with enterprise VPN solutions being a top priority.

23 hours ago

Proton CEO: Age checks turn internet into ID checkpoint

Age verification risks transforming the internet into a system requiring identification for all users, compromising anonymity and security.

Criminal gangs profiting as child sexual abuse websites double, experts say

The number of commercial child sexual abuse websites has doubled in a year, highlighting a significant increase in online exploitation by criminal gangs.

US Federal Agency's Cisco Firewall Infected With 'Firestarter' Backdoor

A US federal agency was infected with malware due to vulnerabilities in Cisco firewalls linked to a China-backed espionage campaign.

How the government is ramping up mass surveillance with AI-driven tech

Surveillance capitalism collects extensive personal data through various devices and technologies, often without user consent or effective opt-out options.

#privacy

fromSecuritymagazine

Privacy professionals

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks

Browser fingerprinting poses significant privacy risks in Chrome, with at least thirty techniques currently in use to track users without consent.

fromComputerWeekly.com

Privacy technologies

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

2 months ago

Privacy technologies

Just the Browser Is just the beginning

fromSecuritymagazine

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.

Chrome Privacy Concerns Rise as Expert Warns of Fingerprinting Risks

Browser fingerprinting poses significant privacy risks in Chrome, with at least thirty techniques currently in use to track users without consent.

fromComputerWeekly.com

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.

fromElectronic Frontier Foundation

2 months ago

Privacy technologies

Just the Browser Is just the beginning

more#privacy

#data-privacy

Privacy technologies

How ICE Got My Data | EFFector 38.8

Tech companies may compromise user data when pressured by the government, as seen in a case involving Google and ICE.

4 days ago

I tried to wipe my digital footprint without paying for a data removal service - 5 free ways

Most sensitive information online is legally collected and aggregated by brokers, but removal is possible with effort and available tools.

fromElectronic Frontier Foundation

How ICE Got My Data | EFFector 38.8

Tech companies may compromise user data when pressured by the government, as seen in a case involving Google and ICE.

4 days ago

I tried to wipe my digital footprint without paying for a data removal service - 5 free ways

Most sensitive information online is legally collected and aggregated by brokers, but removal is possible with effort and available tools.

more#data-privacy

UK government says 100 countries have spyware that can hack people's phones | TechCrunch

More than half of the world's governments now have access to commercial spyware, increasing risks for citizens and critical infrastructure.

1Password sees AI as both threat and tool

AI presents both risks and opportunities for password management, requiring firms to balance security with the potential for careless app development.

fromBGR

4 days ago

Should You Accept Or Reject Cookies From A Website? - BGR

Reject non-essential cookies to avoid data tracking and targeted ads while accepting essential cookies for website functionality.

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.

8 hours ago

Researchers find sabotage malware that may predate Stuxnet

Malware named fast16 aims to sabotage engineering and physics simulation software, predating Stuxnet and targeting high-precision tools.

Fake Google Antigravity Installer Can Steal Accounts in Minutes

A fake Google Antigravity download exposes user accounts to compromise by delivering malware alongside the legitimate application.

more#malware

fromTechzine Global

Lovable under fire over data breach

Lovable faced criticism for a vulnerability that exposed users' sensitive data, including source code and chat history, due to insufficient access controls.

They Built a Legendary Privacy Tool. Now They're Sworn Enemies

GrapheneOS is highly regarded for mobile security, but its creator, Daniel Micay, has a controversial and enigmatic reputation within the cybersecurity community.

fromTNW | Anthropic

Information security

Mozilla fixes 271 Firefox vulnerabilities found by Anthropic's Claude Mythos in a single evaluation pass

Mozilla's Firefox 150 fixes 271 security vulnerabilities identified by Anthropic's AI model, Mythos, showcasing the model's effectiveness in vulnerability detection.

fromSecuritymagazine

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.

Information security

Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say | TechCrunch

Two spying campaigns exploit telecom infrastructure weaknesses to track individuals' locations, revealing ongoing vulnerabilities in global phone networks.

Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign

Bitwarden CLI was compromised in the Checkmarx supply chain campaign, with malicious code stealing sensitive data from users.

Malicious TikTok Downloader Extensions Quietly Compromised 130K Users

Browser extensions disguised as TikTok video downloaders are compromising user data, highlighting vulnerabilities in enterprise security.

The shadowy SIM farms behind those incessant scam texts - and how to stay safe

SIM farms are used by cybercriminals for financial fraud, spam, phishing, and online product scalping.

fromArs Technica

Mozilla: Anthropic's Mythos found 271 zero-day vulnerabilities in Firefox 150

Computers were completely incapable of doing this a few months ago, and now they excel at it. We have many years of experience picking apart the work of the world's best security researchers, and Mythos Preview is every bit as capable.

Information security

fromEngadget

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

We're investigating a report claiming unauthorized access to Claude Mythos Previous through one of our third-party vendor environments.

Information security

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity's vulnerabilities have attracted both security researchers and cybercriminals, leading to risks of remote code execution and malware delivery.

1 month ago

You're being tracked online - 9 easy ways to stop the surveillance

Reducing online tracking is possible through careful browser choice, VPNs, and anti-tracking software.

fromBusiness Matters

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.

100 Chrome Extensions Steal User Data, Create Backdoor

Over 20,000 users installed malicious Chrome extensions that steal information, provide backdoors, or inject ads, as reported by cybersecurity firm Socket.

1 month ago

Do You Need an Identity Protection Service for Safe Browsing?

Identity theft protection services function as insurance products offering reactive compensation for damages rather than active prevention, with coverage details and sub-benefit caps critically affecting actual protection value.

fromthenextweb.com

1 month ago

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.