#surveillanceware-exploitation
#surveillanceware-exploitation

Privacy technologies

How Push Notifications Can Betray Your Privacy (and What to Do About It)

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

fromKqed

What Is the Point of California's Privacy Laws if Big Tech Ignores Them? | KQED

Google's non-compliance with the Global Privacy Control opt-out signal is evident in network traffic.

4 hours ago

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.

How Push Notifications Can Betray Your Privacy (and What to Do About It)

Push notifications can reveal personal information, and both Apple and Google have restrictions on sharing this data with law enforcement.

fromMIT Technology Review

Building trust in the AI era with privacy-led UX

Well-designed consent experiences enhance trust and business performance, evolving privacy into an ongoing relationship rather than a one-time transaction.

fromKqed

What Is the Point of California's Privacy Laws if Big Tech Ignores Them? | KQED

Google's non-compliance with the Global Privacy Control opt-out signal is evident in network traffic.

Information security

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

13 hours ago

Software development

Claude Opus wrote a Chrome exploit for $2,283

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

8 hours ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

fromLondon Business News | Londonlovesbusiness.com

7 hours ago

The rising cost of data breaches: Why backup and cyber protection must go hand in hand - London Business News | Londonlovesbusiness.com

Cyber incidents now lead to significant financial and reputational damage, necessitating a unified strategy for backup and cyber protection.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

2 hours ago

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.

Software development

13 hours ago

Claude Opus wrote a Chrome exploit for $2,283

Anthropic withheld its Mythos model due to security concerns, while Opus 4.6 was used to create a functional exploit for Chrome's V8 engine.

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

8 hours ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.

fromLondon Business News | Londonlovesbusiness.com

7 hours ago

The rising cost of data breaches: Why backup and cyber protection must go hand in hand - London Business News | Londonlovesbusiness.com

Cyber incidents now lead to significant financial and reputational damage, necessitating a unified strategy for backup and cyber protection.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

more#cybersecurity

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.

Clothing Retailer Patches Website Flaw Exposing Customer Data

A flaw in Express's website allowed unauthorized access to customer data through sequential order IDs in URLs.

House extends surveillance powers for 10 days

The House voted to extend a controversial surveillance program, FISA 702, until April 30 amid ongoing debates about privacy and national security.

With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance | TechCrunch

Section 702 of FISA, allowing warrantless surveillance, is set to expire, with lawmakers divided on extending it without changes to protect privacy rights.

US politics

12 hours ago

House extends surveillance powers for 10 days

The House voted to extend a controversial surveillance program, FISA 702, until April 30 amid ongoing debates about privacy and national security.

With US spy laws set to expire, lawmakers are split over protecting Americans from warrantless surveillance | TechCrunch

Section 702 of FISA, allowing warrantless surveillance, is set to expire, with lawmakers divided on extending it without changes to protect privacy rights.

A New Kind of Scandal Is Growing Online. It's Ruining Careers-and Aimed at the Wrong Target.

A.I. detection controversies highlight concerns over authorship and the impact of technology on writing.

Philosophy

fromPsychology Today

What AI Can't Calculate About a Human Life

Human life is a singular, unrepeatable event, contrasting with AI's reliance on patterns and probabilities.

Cryptocurrency

fromBitcoin Magazine

19 minutes ago

When Quantum Computers Come For Your Bitcoin: What Classical Property Law Says Happens Next

Bitcoin's future is challenged by quantum computing, raising questions about ownership and legality of coins accessed through quantum-derived keys.

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

Marketing tech

fromAP News

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

Marketing tech

fromSFGATE

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech giants like Google to enhance their defenses against these threats.

Marketing tech

fromAP News

AI is a gold mine for spammers and scammers, but Google is using it as a tool to fight back

Generative AI tools have intensified online spam and scams, prompting tech companies like Google to enhance their defenses against malicious ads.

more#generative-ai

#artificial-intelligence

SF politics

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of 'Destruction' Followed

Lawmakers expressed significant concerns about the implications of artificial intelligence on government operations, military actions, and societal impacts.

From Molotov cocktails to data center shutdowns, the AI backlash is turning revolutionary | Fortune

Recent violent incidents against AI leaders highlight escalating tensions surrounding artificial intelligence and its perceived threats to humanity.

SF politics

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of 'Destruction' Followed

Lawmakers expressed significant concerns about the implications of artificial intelligence on government operations, military actions, and societal impacts.

more#artificial-intelligence

From Molotov cocktails to data center shutdowns, the AI backlash is turning revolutionary | Fortune

Recent violent incidents against AI leaders highlight escalating tensions surrounding artificial intelligence and its perceived threats to humanity.

Social media marketing

fromwww.socialmediatoday.com

Facebook wants to scan users' camera rolls for content

Facebook introduces a new opt-in feature to recommend photos from users' camera rolls for sharing and editing.

fromPrivacy International

Voter Disenfranchisement: A Privacy Issue

Democratic institutions face challenges in privacy protection and voter disenfranchisement during elections, exacerbated by technology and data usage.

Music production

Everything we like is a psyop | TechCrunch

Geese's rise in popularity is attributed to strategic marketing efforts rather than purely musical merit.

DevOps

fromSecuritymagazine

Democratized Software, Democratized Risk: Who's Accountable When Everyone Codes?

AI-driven coding tools enable non-technical teams to create software, but they introduce vulnerabilities and require clear ownership and governance.

Digital life

fromwww.dw.com

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.

Careers

This CEO pirated video games as a teen and became a hacker for the Air Force. Now he's built a $3 billion cyber firm | Fortune

Gen Z should trust instincts in career paths, as demonstrated by Kyle Hanslovan's unconventional journey to CEO of a $3 billion cybersecurity firm.

Education

The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought

AI-generated deepfake nude images are impacting nearly 90 schools and over 600 students globally, causing severe emotional distress among victims.

Digital Hopes, Real Power: The Rise of Network Shutdowns

In 2024 alone, authorities imposed 304 internet shutdowns across 54 countries - the highest number ever recorded. This reflects a growing trend of governments treating connectivity as a weapon.

World politics

US news

Law enforcement is trying to combat abusive AI. Experts say easier said than done

An Ohio man was convicted under the 2025 Take It Down Act for creating and distributing AI-generated abusive sexual images.

Roam Research

fromThe Hacker News

Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data

Webloc is a global geolocation surveillance system used by various law enforcement agencies, providing access to data from millions of mobile devices.

fromAbove the Law

438 Experts Said Age Verification Is Dangerous. Legislators Are Moving Forward With It Anyway. - Above the Law

Age verification mandates for the internet are technically flawed, threaten privacy, and may cause more harm than good, according to 438 researchers from 32 countries.

12 hours ago

Cursor AI Vulnerability Exposed Developer Devices

A vulnerability in Cursor AI allows attackers to hijack developer machines via malicious repositories without user interaction.

4 hours ago

AI cybersecurity capabilities require urgent international cooperation, AI godfather Bengio says | Fortune

Yoshua Bengio emphasizes the urgent need for international cooperation in addressing AI's risks, particularly with the release of Anthropic's Mythos model.

#surveillance

fromwww.aljazeera.com

14 minutes ago

US Congress extends controversial surveillance power under FISA for 10 days

The US Congress has temporarily extended a controversial surveillance law allowing intelligence agencies to collect foreign data, including interactions with US citizens.

Congress Turns Up Pressure on DHS Over Palantir's Role in Immigration Crackdown

Members of Congress demand DHS and ICE disclose details on surveillance tools used in immigration enforcement.

Selling Mass Surveillance | EFFector 38.7

Police surveillance technology often expands beyond its original purpose, leading to concerns about privacy and civil liberties.

fromwww.aljazeera.com

14 minutes ago

US Congress extends controversial surveillance power under FISA for 10 days

The US Congress has temporarily extended a controversial surveillance law allowing intelligence agencies to collect foreign data, including interactions with US citizens.

Congress Turns Up Pressure on DHS Over Palantir's Role in Immigration Crackdown

Members of Congress demand DHS and ICE disclose details on surveillance tools used in immigration enforcement.

Selling Mass Surveillance | EFFector 38.7

Police surveillance technology often expands beyond its original purpose, leading to concerns about privacy and civil liberties.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

US politics

38 minutes ago

Keep Pushing: We Get 10 More Days to Reform Section 702

Lawmakers are pushing for true reform and privacy protections regarding FBI access to information collected under Section 702.

13 hours ago

53 DDoS Domains Taken Down by Law Enforcement

Law enforcement in 21 countries coordinated to disrupt DDoS-for-hire services, resulting in arrests and the takedown of numerous domains.

Software development

fromZDNET

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.

Social media marketing

fromAdExchanger

Rewards App Faces Data Broker Accusations; Apple Loves Advertising, Apparently | AdExchanger

Freecash faced allegations of extracting sensitive user data while promoting itself as a rewards app, leading to its removal from the App Store.

Digital life

fromCbsnews

5 days ago

Is your phone listening to you?

Phones are not listening to conversations; targeted ads are based on user behavior and interests.

#ai

US news

How AI is getting better at finding security holes

Make bad moves on AI and face voter backlash, govts warned

The UK government must demonstrate AI benefits to the public to mitigate backlash and concerns over job losses and risks associated with the technology.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

US news

How AI is getting better at finding security holes

Make bad moves on AI and face voter backlash, govts warned

The UK government must demonstrate AI benefits to the public to mitigate backlash and concerns over job losses and risks associated with the technology.

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

OpenAI Widens Access to Cybersecurity Model After Anthropic's Mythos Reveal

OpenAI launched GPT-5.4-Cyber, a cybersecurity AI model, expanding access to verified defenders and enhancing capabilities for vulnerability analysis.

more#ai

fromFuturism

There Are Signs of a Massive AI Backlash

Public outrage against the tech industry's AI focus is escalating, leading to protests and political backlash against data centers and AI development.

fromExtremeTech

Google, Microsoft, and Meta Ignore Your Ad Tracking Opt-Outs, Audit Reveals

Google, Microsoft, and Meta track users' browsing habits despite opt-out requests, violating privacy regulations.

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.

Software development

Anthropic's Project Glasswing CVE count is still guesswork

Anthropic's Mythos model is under testing by select companies to identify security vulnerabilities, but actual findings remain uncertain.

fromPrivacy International

What is digital fingerprinting: Is my device ever truly anonymous?

Digital fingerprinting is a tracking technique that monitors how browsers and devices communicate online.

fromPrivacy International

Recent advances push Big Tech closer to the Q-Day danger zone

Organizations are transitioning to new algorithms to replace RSA and elliptic curves due to vulnerabilities exposed by quantum computing threats.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

10 hours ago

Welcome to agentic AI. Welcome to per-agent licensing | Computer Weekly

AI monetization remains a challenge despite high public awareness and competition among major tech players.

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

The UK is at risk due to over-reliance on US tech companies for critical infrastructure, impacting national security.

US politics

ICE acknowledges it is using powerful spyware

ICE is using spyware tools to intercept encrypted messages to combat fentanyl trafficking.

#openai

Attacks on Sam Altman's home are extreme. But the AI backlash is going mainstream | Fortune

OpenAI faces increasing public concern and backlash over AI's societal impacts, highlighted by recent violent incidents involving its CEO.

fromAxios

Information security

OpenAI expands access to cyber AI as hacking risks grow

Attacks on Sam Altman's home are extreme. But the AI backlash is going mainstream | Fortune

OpenAI faces increasing public concern and backlash over AI's societal impacts, highlighted by recent violent incidents involving its CEO.

fromAxios

OpenAI expands access to cyber AI as hacking risks grow

OpenAI is shifting to a model that emphasizes identity verification for access to sensitive cybersecurity tools while expanding availability.

Over 75 Privacy Orgs Urge Meta to Not Develop Facial Recognition Feature

Meta's development of AI-powered facial recognition for smart glasses has sparked privacy concerns, prompting 77 organizations to urge its halt.

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.

fromDigital Trends

Damning report finds Apple and Google's app stores boosting nudify apps

Apple and Google are promoting harmful nudify apps through their search and advertising systems, despite policies against adult content.

#data-privacy

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

fromZDNET

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

Google Broke Its Promise to Me. Now ICE Has My Data.

Google provided user data to ICE without notification, violating a promise to users.

fromZDNET

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.

Most of you are rejecting AI. The data shows you're running out of time | Fortune

A significant majority of workers are avoiding AI tools despite expectations for AI integration in financial applications.

Google Chrome lacks browser fingerprinting defenses

Chrome's safety features do not protect against browser fingerprinting, a prevalent tracking method used online.

from404 Media

Google, Microsoft, Meta All Tracking You Even When You Opt Out, According to an Independent Audit

Microsoft, Meta, and Google may be violating California privacy laws by failing to honor user opt-out requests for ad cookies.

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

11 hours ago

Information security

ZionSiphon Malware Targets ICS in Water Facilities

Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

5 hours ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.

11 hours ago

ZionSiphon Malware Targets ICS in Water Facilities

ZionSiphon is a new malware targeting water treatment plants in Israel, designed to manipulate chlorine levels and pressure in these facilities.

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.

Microsoft faces fresh Windows Recall security concerns

A new tool, TotalRecall Reloaded, extracts data from Microsoft's redesigned Recall feature, raising ongoing security and privacy concerns.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

fromThe Verge

Microsoft faces fresh Windows Recall security concerns

A new tool, TotalRecall Reloaded, extracts data from Microsoft's redesigned Recall feature, raising ongoing security and privacy concerns.

fromComputerworld

Microsoft's Windows Recall still allows silent data extraction

Microsoft needs to enhance code integrity for AIXHost.exe to prevent injection attacks.

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.

fromFuturism

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

fromSecuritymagazine

20 hours ago

How CSOs Can Win Board Support for Gunshot Detection Technology

CSOs must effectively frame gunshot detection technology to gain executive support and align it with corporate risk priorities.

fromwww.bbc.com

Palantir defends its record as MPs demand more scrutiny of data use

Palantir defends its NHS data contracts amid scrutiny, emphasizing its role in integrating fragmented healthcare systems and ensuring data security.

fromPopular Science

How to stop your smart TV from tracking you

Smart TVs are capable of tracking user data, including viewing habits and app usage, which can lead to personalized advertising and content recommendations. Users may prefer to limit this tracking to protect their privacy.

Privacy technologies

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

fromThe Verge

Privacy advocates want Google to stop handing consumer data over to ICE

Google is being investigated for allegedly failing to notify users before disclosing their data to law enforcement.

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

McGraw-Hill Confirms Data Exposure, Hackers Claim 45M Salesforce Records Leaked

Unauthorized access to limited internal data at McGraw-Hill was linked to a Salesforce misconfiguration, raising concerns about potential identity fraud and harassment.

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

100 Chrome Extensions Steal User Data, Create Backdoor

Over 20,000 users installed malicious Chrome extensions that steal information, provide backdoors, or inject ads, as reported by cybersecurity firm Socket.

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Aonan Guan exploited prompt injection attacks to hijack AI agents from Anthropic, Google, and Microsoft, stealing sensitive API keys and tokens.

fromTechzine Global

Information security

Dutch government warns against controversial Anthropic Mythos model

Anthropic, Google, Microsoft paid AI bug bounties - quietly

Security researchers exploited prompt injection attacks on AI agents to steal sensitive data without vendor disclosure of vulnerabilities.

fromTNW | Anthropic

Anthropic, Google, and Microsoft paid AI agent bug bounties, then kept quiet about the flaws

Aonan Guan exploited prompt injection attacks to hijack AI agents from Anthropic, Google, and Microsoft, stealing sensitive API keys and tokens.

fromTechzine Global

Dutch government warns against controversial Anthropic Mythos model

Anthropic's Mythos AI model detects vulnerabilities and builds attack chains, achieving a 72.4% exploit success rate, while access is limited to defensive use.

Anthropic, Google, Microsoft paid AI bug bounties - quietly

Security researchers exploited prompt injection attacks on AI agents to steal sensitive data without vendor disclosure of vulnerabilities.

'By Design' Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

MCP's architectural flaw allows adversarial takeover of user systems, exposing sensitive data and enabling malware installation.

Ancient Excel bug comes out of retirement for active attacks

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

2 months ago

How Data Brokers Can Fuel Violence Against Public Servants

Comprehensive state consumer privacy laws fail to protect public servants, enabling a data-to-violence pipeline by allowing public-source personal data to be sold and exposed.