Fake Google Job Offer Email Scam Targets Workspace and Microsoft 365 Users
Cybersecurity firm Sublime Security details a new credential phishing scam impersonating Google Careers to steal login details from Google Workspace and Microsoft 365 users.
Privacy
Digital ID: Danes and Estonians find it ‘pretty uncontroversial’
Citizens have enrolled with little opposition, albeit with some concerns over security and privacy, as UK plans systemKeir Starmer to look at India’s digital ID system during visit to MumbaiFor Danish teenagers, getting enrolled for MitID (my ID) has b…
The Trump Administration’s Increased Use of Social Media Surveillance
This chilling paragraph is in a comprehensive Brookings report about the use of tech to deport people from the US:
The administration has also adapted its methods of social media surveillance. Though agencies like the State Department have gathered millions of handles and monitored political discussions online, the Trump administration has been more explicit in who it’s targeting. Secretary of State Marco Rubio announced a new, zero-tolerance “Catch and Revoke” strategy, which uses AI to monitor the public speech of foreign nationals and revoke visas…
What if your privacy tools could learn as they go?
A new academic study proposes a way to design privacy mechanisms that can make use of prior knowledge about how data is distributed, even when that information is incomplete. The method allows privacy guarantees to stay mathematically sound while impro…
What Chat Control means for your privacy
The EU’s proposed Chat Control (CSAM Regulation) aims to combat child sexual abuse material by requiring digital platforms to detect, report, and remove illegal content, including grooming behaviors. Cybersecurity experts warn that such measures could …
ShinyHunters Leak Alleged Data from Qantas, Vietnam Airlines and Other Major Firms
ShinyHunters and its affiliate hackers have leaked data from 6 firms, including Qantas and Vietnam Airlines, after claiming to breach 39 companies via a Salesforce vulnerability.
OpenAI’s Guardrails Can Be Bypassed by Simple Prompt Injection Attack
Just weeks after its release, OpenAI’s Guardrails system was quickly bypassed by researchers. Read how simple prompt injection attacks fooled the system’s AI judges and exposed an ongoing security concern for OpenAI.
Invoicely Database Leak Exposes 180,000 Sensitive Records
Cybersecurity researcher Jeremiah Fowler discovered nearly 180,000 files, including PII and banking details, left exposed on an unprotected database linked to the Invoicely platform. Read about the identity theft and financial fraud risks for over 250,…
SonicWall Says All Firewall Backups Were Accessed by Hackers
SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations.
Fake TikTok and WhatsApp Apps Infect Android Devices with ClayRat Spyware
Zimperium’s zLabs warns of ClayRat, a fast-spreading Android spyware targeting Russia. It hides in fake apps like TikTok and steals texts, calls records, and camera photos.