#zero-knowledge-threat-actors
#zero-knowledge-threat-actors

The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought

AI-generated deepfake nude images are impacting nearly 90 schools and over 600 students globally, causing severe emotional distress among victims.

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

fromFinbold

Kraken insider extortion reveals remote work security blind spot

Kraken experienced an insider security breach affecting 2,000 client accounts, highlighting vulnerabilities in remote-first working models.

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

more#kraken

fromZDNET

A data removal service helped me reclaim my privacy - see if you need one, too

Personal data is collected and sold by brokers, making removal services essential for protecting sensitive information.

3 days ago

Relics Of A Revolution, Part II: False Profits And Freedom

Revolutions leave behind artifacts - not always weapons or flags, but the quieter objects that carried a message before anyone knew how far it would travel. A wheat-pasted broadside on a Los Angeles overpass. A hand-lettered cardboard sign held up in the snow outside a Tokyo office building.

Arts

#ai

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromTechzine Global

Information security

Runtime security becomes critical as AI accelerates threats

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Artificial intelligence

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromTechzine Global

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

3 Paths Ahead: Kraken Maps Warsh-Led Fed Scenarios That Could Shift Crypto out of Range

Monetary policy expectations are tied to a potential Federal Reserve leadership shift, impacting liquidity and risk assets in crypto markets.

UK gov's Mythos AI tests help separate cybersecurity threat from hype

Mythos outperformed previous models in TLO tests, showing capability in attacking vulnerable systems but still facing limitations in complex scenarios.

17 hours ago

Justin Sun Unveils Tron Post-Quantum Plan as Crypto Security Debate Grows

Tron is launching a post-quantum upgrade to enhance security against future quantum computing threats.

#privacy

Privacy technologies

What If Your VPN, Phone Number, And AI Chat Left Zero Trace? Meet Nadanada.me - The "Nothing At All" Privacy Revolution

LNVPN has evolved into a comprehensive privacy infrastructure service offering anonymous eSIM data plans, disposable phone numbers, and AI chat tools.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

What If Your VPN, Phone Number, And AI Chat Left Zero Trace? Meet Nadanada.me - The "Nothing At All" Privacy Revolution

LNVPN has evolved into a comprehensive privacy infrastructure service offering anonymous eSIM data plans, disposable phone numbers, and AI chat tools.

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

New Rowhammer Attacks on NVIDIA GPUs Enable Full System Takeover

New Rowhammer attacks target NVIDIA GPUs, escalating from memory corruption to full system compromise, highlighting significant hardware security risks.

#bitcoin

20 hours ago

Cryptocurrency

Bitcoin Developers Propose Freezing Coins That Skip Quantum-Safe Migration Under BIP-361

Cryptocurrency

Presidio Bitcoin Releases Quantum Readiness Paper

Cryptocurrency

Bitcoin Policy Institute Warns Quantum Advances Are Compressing Timeline For Network Upgrades

Cryptocurrency

Bitcoin Could Be Quantum-Safe Without Protocol Changes

Bitcoin Developer Unveils Quantum-Resistant Wallet Rescue Prototype

A prototype by Lightning Labs enables bitcoin users to recover funds from wallets threatened by quantum computing.

NYT Claims Bitcoin Creator Satoshi Nakamoto Is British Cryptographer Adam Back

Satoshi Nakamoto remains unidentified; Adam Back is the closest match based on stylometric analysis, but he denies being Satoshi multiple times.

20 hours ago

Bitcoin Developers Propose Freezing Coins That Skip Quantum-Safe Migration Under BIP-361

BIP-361 proposes a five-year timeline for Bitcoin holders to migrate funds from legacy addresses to avoid permanent freezing due to quantum threats.

Presidio Bitcoin Releases Quantum Readiness Paper

Presidio Bitcoin launched a GitHub repository to track research on Bitcoin's quantum vulnerability and potential mitigation strategies.

Bitcoin Policy Institute Warns Quantum Advances Are Compressing Timeline For Network Upgrades

Recent quantum computing advancements may threaten Bitcoin's cryptography sooner than expected, but developers are actively preparing solutions.

Bitcoin Could Be Quantum-Safe Without Protocol Changes

A new proposal introduces Quantum Safe Bitcoin to protect transactions from quantum attacks without altering Bitcoin's core rules.

Bitcoin Developer Unveils Quantum-Resistant Wallet Rescue Prototype

A prototype by Lightning Labs enables bitcoin users to recover funds from wallets threatened by quantum computing.

fromTall, Snarky Canadian

NYT Claims Bitcoin Creator Satoshi Nakamoto Is British Cryptographer Adam Back

Satoshi Nakamoto remains unidentified; Adam Back is the closest match based on stylometric analysis, but he denies being Satoshi multiple times.

more#bitcoin

Python

Why pylock.toml includes digital attestations

Using trusted publishing with digital attestations can enhance security for Python projects on PyPI.

ZachXBT Says Apple App Store Fake Ledger App Stole $9.5M From 50+ Victims in One Week

ZachXBT linked $9.5M theft from a fake Ledger Live app to over 150 Kucoin deposit addresses.

3 days ago

Polkadot Price Dips 6% Following 1 Billion Token Minting Breach on Ethereum

A hacker exploited the Hyperbridge gateway to mint 1 billion unauthorized DOT tokens, causing a temporary price drop.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

ZachXBT Says Apple App Store Fake Ledger App Stole $9.5M From 50+ Victims in One Week

ZachXBT linked $9.5M theft from a fake Ledger Live app to over 150 Kucoin deposit addresses.

3 days ago

Polkadot Price Dips 6% Following 1 Billion Token Minting Breach on Ethereum

A hacker exploited the Hyperbridge gateway to mint 1 billion unauthorized DOT tokens, causing a temporary price drop.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

more#cryptocurrency

fromWIRED

Using a VPN May Subject You to NSA Spying

Using commercial VPNs may expose Americans to foreign surveillance laws, risking their constitutional protections against warrantless government spying.

fromFortune

Bitcoin mining giant Foundry adds new pool for privacy-focused ZCash | Fortune

Foundry launched a Zcash mining pool, reflecting institutional interest in privacy coins and marking a significant endorsement for Zcash.

#cybersecurity

fromNextgov.com

Information security

Treasury debuts effort to share cyber threat intel with crypto firms

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

AI Speeds Attacks, But Identity Remains Cybersecurity's Weakest Link

Identity, pace, and geopolitical influences are primary concerns for cybersecurity teams today.

fromNextgov.com

Treasury debuts effort to share cyber threat intel with crypto firms

The Treasury Department will share cyber threat intelligence with cryptocurrency firms to enhance their cybersecurity measures against increasing threats.

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

AI Speeds Attacks, But Identity Remains Cybersecurity's Weakest Link

Identity, pace, and geopolitical influences are primary concerns for cybersecurity teams today.

Is Ripple (XRP) Quantum-Safe? A Top XRPL Validator Just Published a Full Audit

Quantum computing poses a significant risk to cryptocurrency encryption, with Bitcoin being more vulnerable than XRP.

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

No Consensus Changes Needed: Starkware CPO Builds Quantum-Safe Bitcoin Transactions From Existing Rules

Quantum Safe Bitcoin (QSB) enables secure bitcoin transactions against quantum attacks without protocol changes, costing $75 to $150 per transaction.

Adam Back Says Quantum Threat To Bitcoin Is Decades Away

Quantum computing poses no immediate threat to Bitcoin's cryptographic security, but preparation for future risks is essential.

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption

Google's Quantum AI warns that cryptocurrencies are more vulnerable to quantum attacks than previously believed, shortening the timeline for potential threats.

Shrinking PQC timeline highlights immediate risk to data security | Computer Weekly

Google's accelerated timeline for post-quantum cryptography highlights urgent data security risks posed by quantum computers that need immediate attention.

from24/7 Wall St.

4 days ago

Is Ripple (XRP) Quantum-Safe? A Top XRPL Validator Just Published a Full Audit

Quantum computing poses a significant risk to cryptocurrency encryption, with Bitcoin being more vulnerable than XRP.

The Retroactive Decryption Trap: Why Post-Quantum Upgrades Can't Save Your Past Privacy

Google's whitepaper on quantum threats urges immediate post-quantum preparations, shifting the migration deadline to 2029 and highlighting vulnerabilities in blockchain security.

No Consensus Changes Needed: Starkware CPO Builds Quantum-Safe Bitcoin Transactions From Existing Rules

Quantum Safe Bitcoin (QSB) enables secure bitcoin transactions against quantum attacks without protocol changes, costing $75 to $150 per transaction.

Adam Back Says Quantum Threat To Bitcoin Is Decades Away

Quantum computing poses no immediate threat to Bitcoin's cryptographic security, but preparation for future risks is essential.

Google Slashes Quantum Resource Requirements for Breaking Cryptocurrency Encryption

Google's Quantum AI warns that cryptocurrencies are more vulnerable to quantum attacks than previously believed, shortening the timeline for potential threats.

Shrinking PQC timeline highlights immediate risk to data security | Computer Weekly

Google's accelerated timeline for post-quantum cryptography highlights urgent data security risks posed by quantum computers that need immediate attention.

more#quantum-computing

fromNextgov.com

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.

fromWIRED

Signal's Creator Is Helping Encrypt Meta AI

Moxie Marlinspike's privacy platform Confer will integrate its encryption technology into Meta's AI systems to protect user data in AI conversations.

Naoris Protocol Deploys Post-Quantum Mainnet to Secure Global Digital Infrastructure

Naoris Protocol launched its Layer 1 mainnet for decentralized post-quantum security, processing over 106 million transactions to combat quantum computing threats.

Breez SDK Launches Passkey Login For Seedless Bitcoin Wallets

Breez SDK now enables self-custodial Bitcoin wallets using passkey authentication instead of seed phrases, reducing barriers to self-custody adoption.

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

World ID wants you to put a cryptographically unique human identity behind your AI agents

World ID's Agent Kit enables AI agents to prove human authorization through iris-verified identity tokens, allowing websites to distinguish legitimate automated requests from malicious Sybil attacks.

Crypto ATM Giant Discloses $3.7 Million Bitcoin Theft Following Cyberattack

Bitcoin Depot lost over 50 bitcoins in a cyberattack, prompting a review of IT security and potential regulatory implications.

fromTechCrunch

British cryptographer Adam Back denies NYT report that he is Bitcoin creator Satoshi Nakamoto | TechCrunch

I'm not Satoshi, but I was early in laser focus on the positive societal implications of cryptography, online privacy and electronic cash, hence my ~1992 onwards active interest in applied research on ecash, privacy tech on cypherpunks list which led to hashcash and other ideas.

Cryptocurrency

fromenglish.elpais.com

AI ends online anonymity: the ease of unmasking pseudonymous accounts

Artificial intelligence language models can identify 68% of anonymous social media users with 90% precision, fundamentally undermining online anonymity and privacy protections.

Bitgo CEO Proposes Using a Public Blockchain as the Ultimate Solution for Government Fraud

Mike Belshe proposes using a public blockchain to combat state and federal fraud, potentially addressing losses of up to $521 billion annually.

REAL and Redstone Collaborate to Enhance Data Integrity for Tokenized Assets

REAL partners with Redstone to enhance data transparency and risk intelligence in its ecosystem for tokenized assets.

Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT

A coordinated theft involved phishing tactics, rapid asset transfers, and laundering of approximately $1.8 million in ether through decentralized protocols.

Bitgo CEO Proposes Using a Public Blockchain as the Ultimate Solution for Government Fraud

Mike Belshe proposes using a public blockchain to combat state and federal fraud, potentially addressing losses of up to $521 billion annually.

REAL and Redstone Collaborate to Enhance Data Integrity for Tokenized Assets

REAL partners with Redstone to enhance data transparency and risk intelligence in its ecosystem for tokenized assets.

Kraken User Loses $18.2M in Crypto Social Engineering Attack as Funds Move via Thorchain: ZachXBT

A coordinated theft involved phishing tactics, rapid asset transfers, and laundering of approximately $1.8 million in ether through decentralized protocols.

Circle Announces Quantum-Resistant Roadmap to Secure Future Digital Asset Infrastructure

Circle's Arc platform will launch with post-quantum signature support to secure institutional assets against quantum threats.

E-Commerce

How a Third-Party Leak Fueled Phishing Against Ledger Users

A breach at an e-commerce partner can expose customers' order and contact details, enabling highly convincing phishing that leverages real purchase context.

Miscellaneous

The Core Issue: Libsecp256k1, Bitcoin's Cryptographic Heart

Libsecp256k1 evolved from a hobby project into essential consensus-critical software protecting Bitcoin's multi-trillion dollar network through secure elliptic curve cryptography implementation.

fromwww.independent.co.uk

USDC Freeze Controversy: ZachXBT Says Circle Froze 16 Legitimate Wallets, Missed Real Hacks

ZachXBT identified 15 cases of over $420M in illicit USDC flows that Circle failed to freeze promptly since 2022.

How your entire identity could be sold for 30 on the dark web

British identity packages, including an ID scan, a selfie, and a dossier of personal data, can be purchased by criminals on the dark web for as little as 30, new research suggests. As identity theft continues to rise, experts have discovered the sale of national identity documents, driving licences, credit card details and 2,000 UK frequent traveller passports. The information can be exploited in multiple ways and used to apply for credit cards, mortgages, car loans, or to open bank accounts.

UK news

Gadgets

fromThe Verge

Ring can verify videos now, but that might not help you with most AI fakes

Ring Verify attaches a digital security seal to Ring cloud downloads and confirms a video is unmodified since download; any edit causes verification to fail.

Business

fromFortune

Crypto is facing an identity crisis-but it's hardly the first time | Fortune

A shirtless spectator's crypto ad stunt at the Super Bowl worsened public perception amid a major crypto sell-off and internal industry disillusionment.

fromTechzine Global

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

Artificial intelligence

fromInfoWorld

Zero-trust data governance needed to protect AI models from slop

By 2028, 50% of organizations will adopt a zero-trust data governance posture due to widespread, unverified AI-generated data.

#ai-deanonymization

fromFuturism

Privacy technologies

AI Can Mass-Unmask Pseudonymous Accounts, Research Paper Finds

fromThe Verge

Privacy technologies

AI can unmask your secret accounts

fromFuturism

AI Can Mass-Unmask Pseudonymous Accounts, Research Paper Finds

AI language models can now easily deanonymize pseudonymous internet users at scale, successfully unmasking two-thirds of tested users across multiple platforms.

fromThe Verge

AI can unmask your secret accounts

AI systems can effectively deanonymize online accounts by analyzing writing patterns and biographical details at scale, outperforming traditional computational techniques.

more#ai-deanonymization

ECB DeFi Governance Study: A16z Is Uniswap's Top Voter, One-Third of Voters Unidentifiable

Governance token concentration in DeFi protocols shows over 80% controlled by top holders, with significant influence from exchanges and unidentified voters.

SIM Swaps Expose a Critical Flaw in Identity Security

SIM swap attacks exploit structural weaknesses in mobile-based identity verification, allowing criminals to intercept authentication codes and take over accounts by transferring victims' phone numbers to attacker-controlled SIM cards.

The Core Issue: Beneath The Binary, Verifying Trust

Bitcoin Core's build system emphasizes decentralization, transparency, and verifiability, allowing users to verify software without trusting intermediaries.

How a 'Wrong Number' Message Turned Into a $3.4M Crypto Scam

This $3.4 million scam illustrates the rise of social engineering in crypto fraud, focusing on emotional manipulation over technical exploits.

fromFast Company

This crypto ring certifies your digital self with real-life handshakes

Identity spoofing against older adults alone grew by 8x between 2020 and 2024, driven in part by convincing AI impersonations of friends and loved ones. It's a problem costing people in the U.S. nearly half a billion dollars a year with no end in sight.

Privacy technologies

Bitcoin's Quantum Risk May Be Real, But The Network Is Preparing: Report

Quantum computing poses a long-term threat to Bitcoin's security through elliptic curve cryptography, but developers are actively building protective solutions before the technology becomes viable.

Why Privacy Coins Often Appear in Post-Hack Fund Flows

Privacy coins act as a temporary black box in a broader laundering pipeline after hacks, reducing traceability and delaying enforcement while facilitating cash-out attempts.

The Core Issue: Your Node Vs. The Digital Wilderness

Bitcoin's peer-to-peer networking layer is its most vulnerable attack surface, requiring Core to prevent denial-of-service vectors while enabling safe node communication in adversarial Internet environments.

fromwww.scientificamerican.com

How do you prove you know a secret without spilling the beans?

Zero-knowledge proofs can convince others without revealing secrets, and showing a simulator's potential existence can suffice to establish zero-knowledge in some cases.

fromTheregister

AI takes a swing at online anonymity

Large language models can efficiently deanonymize internet users across multiple platforms by automating the process of connecting anonymous posts to identify individuals with high precision.

Bitcoin's Quantum Defense Plan: What BIP-360 Actually Changes

BIP-360 formally adds quantum resistance to Bitcoin's roadmap through Pay-to-Merkle-Root, reducing elliptic curve exposure by eliminating Taproot key path spending while preserving smart contract flexibility.

Why Address Poisoning Works Without Stealing Private Keys

Address poisoning steals funds by manipulating transaction history and exploiting users copying lookalike addresses, not by stealing private keys.

6 months ago

Applied MEV protection via Shutter's threshold encryption

MEV is especially notorious on Ethereum, where it continues to be extracted at a rate equivalent to 11% of block rewards. Data shows that nearly $300,000 was lost in sandwich attacks in September. This reveals that MEV is a recurring hidden fee, not a minor inefficiency, hitting large trades hardest in volatile markets.

Cryptocurrency

fromDataBreaches.Net

How crypto criminals stole $700 million from people - often using age-old tricks - DataBreaches.Net

As well as millions of customer names and contact details, the databases show how much money people had spent at the stores. The hacker the BBC spoke to says he purchased the spreadsheets for $300,000 (£224,000) in order to target the biggest spenders. He claims to have used the information along with details from another stolen database to scam multiple Coinbase users out of at least $1.5m (£1.1m) in crypto.

Information security

Security in the Dark: Recognizing the Signs of Hidden Information

Withholding accurate or complete data undermines security decisions and increases organizational risk.

fromEmptywheel

"Tor Stinks" ... because It Requires Manual (Digital) Tails

Tor resists systematic de-anonymization; NSA can de-anonymize only a very small fraction manually and cannot reliably combine Tor attacks with passive SIGINT.

fromThe Hacker News

Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown

Aeternum C2 botnet uses Polygon blockchain for command-and-control infrastructure, making it resistant to traditional takedown methods by storing instructions on immutable public ledgers.

How a Third-Party Leak Fueled Phishing Against Ledger Users

In early January 2026, some Ledger customers were notified that personal and order information related to Ledger.com purchases had been accessed during a security incident involving Global-e, a third-party e-commerce partner that acts as the "merchant of record" for certain orders. Ledger stressed that its own hardware and software systems were not breached. However, the exposed purchase data was enough to spark a familiar second act: highly targeted phishing attempts that appear legitimate because they reference real-world details.

Webinar Today: Identity Under Attack - Strengthen Your Identity Defenses

Adopt an identity-first security strategy to protect sensitive data, meet compliance requirements, and balance security, user experience, and operational efficiency against identity threats.

fromSecuritymagazine

Privilege Disruption: The Key Choke Point for Cyber Deterrence

Privilege disruption early in the attack chain shifts adversary risk-benefit by imposing cost, risk, and uncertainty to deter and deny cyber operations.

fromwww.scientificamerican.com

How digital forensics could prove what's real in the age of deepfakes

Cryptographic hashing and careful forensic handling verify digital-evidence integrity and prevent unnoticed tampering when evaluating AI-generated or manipulated media.

fromLondon Business News | Londonlovesbusiness.com