Podcasts about security weekly

EP 264 ​ In this week's update:​Microsoft Teams will soon reveal employees' exact building location to managers the moment they join company Wi-Fi, blurring the lines of hybrid work privacy.Cybercriminals are exploiting Microsoft's own Copilot Studio platform to deploy convincing phishing agents that silently harvest full Office 365 access tokens.A sprawling malware network hid Lumma and Rhadamanthys stealers inside fake Adobe, FL Studio, and Roblox cheat downloads promoted across hijacked YouTube channels.Starting November 3, 2025, every Firefox add-on must explicitly declare in its code whether it collects user data-or confirm it gathers none.Non-citizens will soon face mandatory biometric capture at every U.S. departure point under a new rule targeting visa overstays and fraud.A proposed bill would compel researchers and firms to report every vulnerability to Russia's security service, mirroring China's state-controlled model.A new MaaS platform equips attackers with an all-in-one RAT that scans for unpatched software and escalates privileges before stealing credentials and crypto.An engineer's iLife robot was remotely disabled by the manufacturer when he firewalled its data uploads exposing hidden kill switches in everyday IoT devices.​Let's go discover!Find the full transcript here.

We open this week's update with a look at how DHS is navigating the fourth week of a government shutdown amid tightening resources, rising threats, and a surge in violence against federal personnel. Up first, Secretary Kristi Noem unveils “Operation River Wall,” a fortified mix of water barriers, drones, and heavily armed Coast Guard patrols along the Rio Grande river. We then turn for a look at the rising number of assaults and vehicle-ramming attacks on U.S. Border Patrol and ICE agents, which has seen a 20% rise since October 1. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Google DeepMind's Cell2Sentence-Scale 27B model has marked a significant milestone in biomedical research by predicting and validating a novel cancer immunotherapy. By analyzing over 4,000 compounds, the AI pinpointed silmitasertib as a “conditional amplifier” that boosts immune response in the presence of interferon. Lab tests verified a 50% increase in antigen presentation, enabling the immune system to detect previously undetectable tumors. This discovery, absent from prior scientific literature, highlights AI's ability to uncover hidden biological mechanisms.Microsoft is integrating its Copilot AI into Windows 11, transforming the operating system into an interactive digital assistant. With “Hey, Copilot” voice activation and a Vision feature that allows the AI to “see” the user's screen, Copilot can guide users through tasks in real time. The new Actions feature enables Copilot to perform operations like editing folders or managing background processes. This move reflects Microsoft's broader vision to embed AI seamlessly into everyday workflows, redefining the PC experience by making the operating system a proactive partner rather than a passive platform.Signal has achieved a cryptographic breakthrough by implementing quantum-resistant end-to-end encryption. Its new Triple Ratchet protocol incorporates the CRYSTALS-Kyber algorithm, blending classical and post-quantum security. Engineers overcame the challenge of large quantum-safe keys by fragmenting them into smaller, message-sized pieces, ensuring smooth performance. This upgrade is celebrated as the first user-friendly, large-scale post-quantum encryption deployment, setting a new standard for secure communication in an era where quantum computing could threaten traditional encryption.Using just $750 in consumer-grade hardware, researchers intercepted unencrypted data from 39 geostationary satellites, capturing sensitive information ranging from in-flight Wi-Fi and retail inventory to military and telecom communications. Companies like T-Mobile and Walmart acknowledged misconfigurations after the findings were disclosed. The study exposes the vulnerability of critical infrastructure still relying on unencrypted satellite links, demonstrating that low-cost eavesdropping can breach systems banking on “security through obscurity,” which A foreign actor exploited vulnerabilities in Microsoft SharePoint to infiltrate the Kansas City National Security Campus, a key U.S. nuclear weapons contractor. While the attack targeted IT systems, it raised concerns about potential access to operational technology. Suspected actors include Chinese or Russian groups, likely pursuing strategic espionage. The breach underscores how enterprise software flaws can compromise national defense and highlights the slow pace of securing critical operational infrastructure.Google's Threat Intelligence team uncovered UNC5342, a North Korean hacking group using EtherHiding to embed malware in public blockchains like Ethereum. By storing malicious JavaScript in immutable smart contracts, the technique ensures persistence and low-cost updates. Delivered via fake job interviews targeting developers, this approach marks a new era of cyber threats, leveraging decentralized technology as a permanent malware host.Kohler's Dekoda toilet camera ($599 + subscription) monitors gut health and hydration by scanning waste, using fingerprint ID and encrypted data for privacy. While Kohler claims the camera only views the bowl, privacy advocates question the implications of such intimate surveillance, even with “end-to-end encryption.”In a daring eight-minute heist, thieves used a crane to steal royal jewels from the Louvre, exposing significant security gaps. An audit revealed outdated defenses, delayed modernization, and blind spots, serving as a stark reminder that even the most prestigious institutions are vulnerable to breaches when security measures lag.

EP 263. In this week's snappy update!Google DeepMind's AI uncovers a groundbreaking cancer therapy, marking a leap in immunotherapy innovation.Microsoft's Copilot AI transforms Windows 11, enabling voice-driven control and screen-aware assistance.Signal's quantum-resistant encryption upgrade really does set a new standard for secure messaging resilience.Researchers expose shocking vulnerabilities in satellite communications, revealing unencrypted data with minimal equipment.Foreign hackers compromised a critical U.S. nuclear weapons facility, through Microsoft's Sharepoint!North Korean hackers pioneer 'EtherHiding,' concealing malware on blockchains for immutable cybertheft opportunities.Kohler's Dekoda toilet camera revolutionizes health monitoring with privacy-focused waste analysis technology and brings new meaning to “End to End” encryption.A daring Louvre heist exposes critical security gaps, sparking debate over protecting global cultural treasures with decades old cameras and tech.Camera ready? Smile.Find the full transcript to this week's podcast here.

This week's update begins with a warning from DHS that foreign and domestic extremists are placing bounties on ICE and CBP officers, urging harassment, doxxing, and even assassination. We then turn to the upcoming “No Kings II” anti-Trump protests planned for October 18, where authorities fear that radical agitators could spark widespread unrest in major U.S. cities. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Aggressive Government RegulationStates are intervening heavily in tech markets. Texas mandated app stores verify ages and restrict minor access starting January 2026, requiring parental approval for under-18 users. The Netherlands took partial control of Chinese chipmaker Nexperia to block sensitive technology transfer. The U.S. FCC forced retailers to delist millions of Chinese electronics from Huawei, ZTE, and others over security concerns.Privacy vs. Security BattlesThe EU postponed "Chat Control" legislation requiring message scanning after insufficient support - only 12 of 27 states backed it. Germany called it "taboo for the rule of law" while 40+ tech firms warned it would harm privacy. Digital activism generated massive opposition emails to lawmakers.California expanded privacy enforcement beyond tech giants, fining Tractor Supply $1.35 million for violating job applicant rights - the CPPA's largest fine. New legislation requires browsers to offer one-click tracking opt-outs by 2027.Evolving Cyber Threats"Scattered LAPSUS$ Hunters" breached Salesforce via compromised third-party app, stealing 1 billion records from major companies including 5.7 million from Qantas. Researchers discovered "pixnapping" attacks on Android that bypass browser protections to steal screen data, including 2FA codes from Google Authenticator in under 30 seconds.Key ImplicationsGeopolitical tensions drive protectionist tech policies as governments prioritize security over privacy. Regulatory enforcement extends beyond major tech to all data-collecting businesses. Supply chain vulnerabilities remain critical attack vectors, with novel mobile threats challenging existing security assumptions.

EP 262In this week's update:Texas's App Store Accountability Act mandates age verification, raising privacy concerns for Apple and Google users.The Dutch government seizes control of Chinese-owned chipmaker Nexperia to protect sensitive technology transfers.And the FCC enforces removal of millions of banned Chinese electronics from U.S. retailers over national security risks.'Pixnapping' attack exposes Android app vulnerabilities, stealing sensitive data like 2FA codes.California fines Tractor Supply $1.35M for violating consumer and job applicant privacy rights.California's 'Opt Me Out Act' requires browsers to offer one-click tracking opt-out by 2027.Danish engineer's mass email campaign disrupts EU's 'Chat Control' bill, highlighting privacy concerns.EU postpones 'Chat Control' vote amid privacy backlash, but revised proposals may resurface.Salesforce data breach leaks customer records after ransom refusal, exposing supply chain vulnerabilities.And...  since we have no age restrictions we can get started right away!​Find the full transcript to this week's podcast here.

This week's update looks into the details of several major developments with the Department of Homeland Security, including increasing interior enforcement operations, deployment of federal law enforcement to deal with Antifa, and more. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

This update synthesizes critical developments in technology, privacy, and cybersecurity, highlighting an intensifying conflict between user privacy and corporate and governmental data access. Major technologyfirms are pushing the boundaries of data collection, with Amazon's Ring preparing to launch facial recognition for its doorbells and Meta planning to use AI chat contentfor targeted advertising. Concurrently, governments are escalating demands for access to encrypted data, exemplified by the UK's renewed order for Apple to create a backdoor into its cloud services for British users—a demand Apple continues to reject.The vulnerability of critical infrastructure remains a paramount concern. A foiled plot to cripple New York City's cellular network was revealed to be far larger than initially understood, possessing the capacity to disable emergency services city-wide. In the commercial sector, a ransomware attack has severely disrupted production for Japan's top brewer, Asahi, demonstrating the tangible impact of cybercrime on physical supply chains. The cybersecuritylandscape is also evolving, with threat actor groupslike ShinyHunters collaborating on extortionschemes, as seen in the recent Red Hat data breach.Meanwhile, the deployment of emerging technologies presents a mix of progress and problems. Signal is proactively future-proofing its messaging service with quantum-resistant encryption. In contrast, the rollout of food delivery robots in U.S. cities is meeting public resistance amid concerns over safety, surveillance, and a lack of public consent. Technical issues also persist inmainstream applications, with Microsoft acknowledgingbugs that disrupt its AI-powered Copilot assistant in the Office 365 suite.

EP 261 This week's update brings a diverse set of stories that remind us just how delicate the balance is between good and bad... Ring's new facial recognition feature sparks privacy debates as it prepares to scan faces at your doorstep.Meta's plan to mine AI chat data for targeted ads raises fresh concerns about digital privacy.A foiled plot to paralyze New York's cellphone network reveals a chilling, large-scale threat.Signal's cutting-edge SPQR encryption upgrade fortifies private chats against future quantum threats.A ransomware attack on Asahi Group threatens Japan's beloved Super Dry beer supply chain.Microsoft's Copilot faces glitches when multiple Office apps run, prompting a promised fix.Atlanta's food delivery robots are stirring controversy, raising questions about surveillance and public consent.And that face at the door!Find a full transcript of this week's podcast here.

This update begins with a rundown of the details of Thursday's vehicle ramming and stabbing attack at a Manchester synagogue, and the resulting increase in security at houses of worship across two continents. We then look at this week's movement of more than one dozen tanker aircraft to the Persian Gulf region. Are we going back into Iran? An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

This week's update reviews a targeted attack on ICE agents in Dallas and the anticipated surge in violent pushback as deportation operations ramp up across the US. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

This show has been flagged as Clean by the host. Hello, again. This is Trey. Several months ago, I heard Paul Asadoorian mention the Cheap Yellow Display on his podcast, Paul's Security Weekly ( https://www.scworld.com/podcast-show/pauls-security-weekly ). I didn't think much of it at the time, but then I heard it referenced again, and again. Then, finally, it was described, and I became interested. "Cheap Yellow Display" is the term used for the ESP32-2432S028R. Since this is somewhat challenging to say, and to remember, and since the board is yellow, and it can be obtained for as little as $12 USD, it has been given the nickname "Cheap Yellow Display". I will abbreviate this as CYD for the remainder of this episode. It is an ESP32 (with built in WiFi & Bluetooth) on a development board with one or more USB connectors, a MicroSD slot, a limited selection of GPIO pins, an RGB LED, a speaker, a light sensor, and best of all, a 2.8-inch (71mm) TFT touchscreen LCD display. The CYD runs on 5 volts DC. I am including some photographs of the CYD in the show notes. RandomNerdTutorials has produced a very good writeup about this board on their website ( https://randomnerdtutorials.com/cheap-yellow-display-esp32-2432s028r/ ). Brian Lough (AKA WitnessMeNow) has been building a community for the CYD on his GitHub site ( https://github.com/witnessmenow/ESP32-Cheap-Yellow-Display ) where he has instructions, examples, tutorials, downloadable tools, and much more. Beginning back in the 1970s, my father and I built electronics projects together. And I have had a love for doing so ever since. Over the last few years, I have built several Arduino based gadgets on different platforms, including a couple which run on breadboards sitting beside me on my desk (I will share more about one of those later). A common use for the CYD among hackers is to leverage the built in WiFi & Bluetooth radios to compromise wireless networks or devices. The Marauder project is a prebuilt image which can be loaded directly to the CYD to use it as a wireless hacking tool. Fr4nkFletcher's Github repository ( https://github.com/Fr4nkFletcher/ESP32-Marauder-Cheap-Yellow-Display ) is one place where you can download the Marauder tool. There are also video games, clocks, photo slideshows, and more, which have already been coded for you, and are available on the internet for download. What would you do with a CYD? What could you build? What problem might you solve? What fun project might you come up with? For myself, the CYD intrigued me, but it did not yet jump out at me as something I had a need for. Yet. What would change my mind? What would set me on a quest to obtain some of these devices and learn to develop code for them? What problem did I wish to solve? Tune in again, in a couple weeks, to learn the answers some of these questions and more in my next episode in this HPR series. Provide feedback on this episode.

This week's update begins with a rundown of new threats and calls for attack in the US and other western nations by the Islamic State and Al-Qaeda. We then move into a look at recent Russian airspace violations of multiple Eastern-flank NATO nations and concerns these could be probing efforts for a possible lightning fast land-grab. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Executive OverviewThe week's events illustrate escalating risks at the intersection of industrial operations, national security, personal privacy, and emerging technology. Major cyber incidents demonstrate how fragile digital infrastructure has become, while privacy erosion continues through corporate data monetization and state surveillance. Human error persists as a dominant threat vector, and rapid technological advancement remains both a shield and a source of risk.I. Systemic Infrastructure & Supply Chain VulnerabilitiesThe cyberattack on Jaguar Land Rover (JLR) exemplifies cascading industrial risks. A phishing entry point forced JLR to halt global production, costing up to £100M and threatening thousands of suppliers with collapse. The UK government faces mounting pressure to intervene. Meanwhile, the U.S. Federal Highway Administration uncovered hidden radios in foreign-made power systems—likely Chinese—used in traffic signs, EV chargers, and weather stations. These undocumented components could enable remote disruption or espionage, underscoring critical supply chain insecurity.II. Privacy Erosion & Data CommercializationPersonal data is increasingly commodified:Airlines (via ARC) sold five billion passenger records to agencies like FBI and ICE for warrantless surveillance, skirting legal oversight. Senator Wyden is pushing legislation to close this loophole.Verizon was fined $46.9M for unlawfully selling location data, setting legal precedent that Section 222 protects customer location.UK employers are rapidly adopting “bossware,” with one-third monitoring staff emails, browsing, or screens. While justified as productivity or insider threat control, critics warn of eroded trust and pervasive surveillance culture.III. The Human Factor in Cyber BreachesHumans remain the weak link:Schools: Over half of insider data breaches stemmed from students, mostly using stolen or guessed credentials. Motivated by curiosity, some exposed thousands of records.Global theft rings: A single stolen iPhone exposed a transnational phishing and resale network spanning six countries. The scheme used fake iCloud links to bypass Apple's protections.Russia's “Max” app: Marketed as secure, it is exploited by fraudsters renting accounts for scams. With nearly 10% of scam calls traced to Max, new laws now criminalize account transfers.IV. Technology's Dual EdgeInnovation provides stronger defenses but also reckless failures:Apple launched Memory Integrity Enforcement, a silicon-level protection against buffer overflows and side-channel exploits, deployed on iPhone 17 and iPhone Air.Google's VaultGemma, a 1B-parameter model trained with differential privacy, promises competitive performance without exposing sensitive data—an advance in privacy-preserving AI.AI Darwin Awards highlight failures from poor oversight: Taco Bell's misfiring AI drive-thru, McDonald's compromised recruiting chatbot, Replit's database-wiping AI, and even the satirical awards site itself.

EP 260 This is our last update before a two week break so we've packed it.We start with the devastating cyber attack on Jaguar Land Rover exposes the fragility of modern manufacturing, halting production and threatening the UK's automotive supply chain.Russia's state-backed Max messaging app, touted as secure, has become a breeding ground for scams, undermining user trust and safety.UK schools face a surge in cyber attacks driven by students exploiting weak credentials, revealing critical gaps in educational data security.A stolen iPhone sparked a security researcher's investigation, dismantling a global criminal network profiting from phishing and device theft.Major US airlines are selling billions of passenger records to the government, enabling warrantless surveillance and raising privacy alarms.A federal court upholds a $46.9M fine against Verizon for illegally selling customer location data, reinforcing privacy protections.A third of UK employers deploy 'bossware' to monitor workers, sparking concerns over privacy and trust in the workplace.Undetected Chinese-made radios in US highway infrastructure raise alarms over potential remote tampering and data theft.Apple's Memory Integrity Enforcement introduces robust protection against memory-based attacks, setting a new standard for device security.Google's VaultGemma pioneers privacy-focused AI, leveraging differential privacy to safeguard user data in large language models.The AI Darwin Awards spotlight reckless AI deployments, from fast-food blunders to catastrophic data losses, it's both entertaining and scary at the same time.Adventures await in the mistake before the break!

This week's update begins with a look at the details of the tragic assassination of 31-year-old conservative commentator, pundit, and co-founder of Turning Point USA, Charlie Kirk. We then shift over to yet another high school shooting (this time in Colorado), travel alerts for Mexico and Qatar, and more. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

EP 259.5The cybersecurity and technology threat landscape is accelerating in scale, sophistication, and impact. A convergence of AI-driven offensive capabilities, large-scale supply chain compromises, systemic insecurity in consumer devices, corporate data abuses, and state-level spyware deployment is reshaping digital risk. At the same time, new innovations—particularly in open-source, privacy-centric AI and smart home repurposing—highlight the dual-edged nature of technological progress.AI-Accelerated ExploitsAttackers now harness generative AI to automate exploit creation, compressing timelines from months to minutes. “Auto Exploit,” powered by Claude-sonnet-4.0, can produce functional PoC code for vulnerabilities in under 15 minutes at negligible cost, fundamentally shifting defensive priorities. The challenge is no longer whether a flaw is technically exploitable but how quickly exposure becomes weaponized.Massive Supply Chain AttacksSoftware ecosystems remain prime targets. A phishing campaign against a single npm maintainer led to malware injection into packages downloaded billions of times weekly, constituting the largest supply-chain attack to date. This demonstrates how a single compromised account can ripple globally across developers, enterprises, and end users.Weaponization of Benign FormatsAttackers increasingly exploit trusted file types. SVG-based phishing campaigns deliver malware through fake judicial portals, evading antivirus detection with obfuscation and dummy code. Over 500 samples were linked to one campaign, prompting Microsoft to disable inline SVG rendering in Outlook as a mitigation measure.Systemic Insecurity in IoTLow-cost consumer devices, particularly internet-connected surveillance cameras, ship with unpatchable flaws. Weak firmware, absent encryption, bypassable authentication, and plain-text data transmission expose users to surveillance rather than security. These systemic design failures create enduring vulnerabilities at scale.Corporate Breaches and Data AbuseThe Plex breach underscored the persistence of corporate data exposure, with compromised usernames and passwords requiring resets. Meanwhile, a federal jury fined Google $425.7M for secretly tracking 98M devices despite user privacy settings—reinforcing that legal and financial consequences for privacy violations are escalating, even if damages remain below consumer expectations.Government Spyware DeploymentCivil liberties are increasingly tested by state adoption of invasive surveillance tools. U.S. Immigration and Customs Enforcement resumed a $2M deal for Graphite spyware, capable of infiltrating encrypted apps and activating microphones. The contract proceeded after regulatory hurdles were bypassed through a U.S. acquisition of its Israeli parent company, raising alarms about due process, counterintelligence risks, and surveillance overreach.Emerging InnovationsNot all developments are regressive. Philips Hue's “MotionAware” demonstrates benign repurposing of smart home technology, transforming bulbs into RF-based motion sensors with AI-powered interpretation. Meanwhile, Switzerland's Apertus project launched an open-source LLM designed with transparency and privacy at its core—providing public access to weights, training data, and checkpoints, framing AI as digital infrastructure for the public good.The digital environment is marked by intensifying threats: faster, cheaper, and more pervasive attacks, systemic insecurity in consumer technologies, corporate and governmental encroachments on privacy, and the weaponization of formats once considered harmless. Yet, the emergence of open, privacy-first AI and the creative repurposing of consumer tech illustrate parallel efforts to realign innovation with security and transparency. The result is a complex, high-velocity ecosystem where defensive strategies must adapt as quickly as offensive capabilities evolve.Conclusion

EP 259  In this week's update:Affordable LookCam devices, marketed as home security solutions, harbor critical vulnerabilities that could allow strangers to access your private video feeds.VirusTotal uncovers a sophisticated phishing campaign using SVG files to disguise malware, targeting users with fake Colombian judicial portals.Plex alerts users to a data breach compromising emails, usernames, and hashed passwords, urging immediate password resets to secure accounts.Philips Hue's innovative MotionAware feature transforms smart bulbs into motion sensors, enhancing home automation with cutting-edge RF technology.A massive supply chain attack compromises npm packages, affecting billions of downloads through a phishing scheme targeting maintainers' accounts.Google faces a $425.7 million verdict for covertly tracking nearly 98 million smartphones, violating user privacy despite opt-out settings.Switzerland's Apertus, a fully open-source AI model, sets a new standard for privacy, offering transparency and compliance with stringent data laws.An AI-driven tool, Auto Exploit, revolutionizes cybersecurity by generating exploit code in under 15 minutes, reshaping defensive strategies.ICE's adoption of Paragon's Graphite spyware, capable of infiltrating encrypted apps, sparking concerns over privacy and surveillance in immigration enforcement.Look closely and perhaps you'll see it in the picture.

AlertsUSA Homeland Security Weekly Update - Sept 6, 2025 This week's update begins with reports about border security and anti-cartel activity in this hemisphere, including a lethal airstrike on a suspected drug-carrying vessel in the southern Caribbean. We then shift overseas for a look at this week's mass stabbing attack in Marseille, France featuring a crazed Tunisian man shouting "Allahu Akbar" before being put down by police. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Modern technology introduces profound privacy and security challenges. Wi-Fi and Bluetooth devices constantly broadcast identifiers like SSIDs, MAC addresses, and timestamps, which services such as Wigle.net and major tech companies exploit to triangulate precise locations. Users can mitigate exposure by appending _nomap to SSIDs, though protections remain incomplete, especially against companies like Microsoft that use more complex opt-out processes.At the global scale, state-sponsored hacking represents an even larger threat. A Chinese government-backed campaign has infiltrated critical communication networks across 80 nations and at least 200 U.S. organizations, including major carriers. These intrusions enabled extraction of sensitive call records and law enforcement directives, undermining global privacy and revealing how deeply foreign adversaries can map communication flows.AI companies are also reshaping expectations of confidentiality. OpenAI now scans user conversations for signs of harmful intent, with human reviewers intervening and potentially escalating to law enforcement. While the company pledges not to report self-harm cases, the shift transforms ChatGPT from a private interlocutor into a monitored channel, raising ethical questions about surveillance in AI systems. Similarly, Anthropic has adopted a new policy to train its models on user data, including chat transcripts and code, while retaining records for up to five years unless users explicitly opt out by a set deadline. This forces individuals to choose between enhanced AI capabilities and personal privacy, knowing that once data is absorbed into training, confidentiality cannot be reclaimed.Research has further exposed the fragility of chatbot safety systems. By crafting long, grammatically poor run-on prompts that delay punctuation, users can bypass guardrails and elicit harmful outputs. This underscores the need for layered defenses input sanitization, real-time filtering, and improved oversight beyond alignment training alone.Security risks also extend into software infrastructure. Widely used tools such as the Node.js library fast-glob, essential to both civilian and military systems, are sometimes maintained by a single developer abroad. While open-source transparency reduces risk, concentration of control in geopolitically sensitive regions raises concerns about potential sabotage, exploitation, or covert compromise.Meanwhile, regulators are tightening defenses against longstanding consumer threats. The FCC will enforce stricter STIR/SHAKEN rules by September 2025, requiring providers to sign calls with their own certificates instead of relying on third parties. Non-compliance could result in fines and disconnection, offering consumers more reliable caller ID and fewer spoofed robocalls.Finally, ethical boundaries around AI and digital identity are being tested. Meta has faced criticism for enabling or creating AI chatbots that mimic celebrities like Taylor Swift and Scarlett Johansson without consent, often producing flirty or suggestive interactions. Rival platforms like X s Grok face similar accusations. Beyond violating policies and reputations, the trend of unauthorized digital doubles including of minors raises serious concerns about exploitation, unhealthy attachments, and reputational harm.Together, these cases reveal a central truth: digital systems meant to connect, entertain, and innovate increasingly blur the lines between utility, surveillance, and exploitation. Users and institutions alike must navigate trade-offs between convenience, capability, and control, while regulators and technologists scramble to impose safeguards in a rapidly evolving landscape.

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn't at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11. Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-411

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn't at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11. Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets. Show Notes: https://securityweekly.com/bsw-411

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn't at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11. Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-411

EP 258. In this week's hyper focused update:Unveiling the hidden reach of Wi-Fi tracking, exposing how everyday devices can reveal your location to anyone, anywhere.A global cybersecurity alert highlights a sprawling Chinese hacking operation targeting critical communication networks across 80 nations.OpenAI's new surveillance measures on ChatGPT spark debate over privacy and safety in AI-driven conversations.Anthropic's shift to train AI on user data raises critical choices for privacy and security by September 28th.A clever linguistic trick exposes vulnerabilities in AI chatbots, challenging the robustness of their safety filters.A widely used software tool, maintained by a Russian developer, raises security concerns for U.S. Defense Department projects.The FCC's 2025 STIR/SHAKEN rules aim to restore trust in caller ID by cracking down on robocalls with stricter compliance.Meta's unauthorized AI chatbots mimicking celebrities ignite ethical concerns over digital likeness and platform oversight.There's a lot to see (and hear) in this week's update.  Let's get looking!Find the full transcript here.

The cybersecurity industry is undergoing a consolidation wave that is moving far faster than many realize. This isn't at all about CISOs wanting fewer tools as much as some would like to think - the changes are happening at the macro level. Ross Haleliuk joins BSW to present the most comprehensive illustration ever made of how our industry has consolidated over the past 20 years, showing how 200 companies turned into just 11. Then we cover our quarterly Security Money segment. The markets are on a high, but the Security Weekly 25 index dips. What's up? We'll dig into the latest earnings and news for both the public and private security markets. Show Notes: https://securityweekly.com/bsw-411

Organizations today face escalating cyber risks spanning state-sponsored attacks, supply chain compromises, and malicious apps. ShinyHunters' breaches of Salesforce platforms (impacting Google and Farmers Insurance) show how social engineering—like voice phishing—can exploit trusted vendors. Meanwhile, Russian actors (FSB-linked “Static Tundra”) continue to leverage old flaws, such as a seven-year-old Cisco Smart Install bug, to infiltrate U.S. infrastructure. Malicious apps on Google Play (e.g., Joker, Anatsa) reached millions of downloads before removal, proving attackers' success in disguising malware. New technologies bring fresh vectors: Perplexity's Comet browser allowed prompt injection–driven account hijacking, while malicious RDP scanning campaigns exploit timing to maximize credential theft.Responses vary between safeguarding and asserting control. The FTC warns U.S. firms against weakening encryption or enabling censorship under foreign pressure, citing legal liability. By contrast, Russia mandates state-backed apps like MAX Messenger and RuStore, raising surveillance concerns. Microsoft, facing leaks from its bug-sharing program, restricted exploit code access to higher-risk countries. Open-source projects like LibreOffice gain traction as sovereignty tools—privacy-first, telemetry-free, and free of vendor lock-in.AI-powered wearables such as Halo X smart glasses blur lines between utility and surveillance. Their ability to “always listen” and transcribe conversations augments human memory but erodes expectations of privacy. The founders' history with facial recognition raises additional misuse concerns. As AI integrates directly into conversation and daily life, the risks of pervasive recording, ownership disputes, and surveillance intensify.Platforms like Bluesky are strained by conflicting global regulations. Mississippi's HB 1126 requires universal age verification, fines for violations, and parental consent for minors. Lacking resources for such infrastructure, Bluesky withdrew service from the state. This illustrates the tension between regulatory compliance, resource limits, and preserving open user access.AI adoption is now a competitive imperative. Coinbase pushes aggressive integration, requiring engineers to embrace tools like GitHub Copilot or face dismissal. With one-third of its code already AI-generated, Coinbase aims for 50% by quarter's end, supported by “AI Speed Runs” for knowledge-sharing. Yet, rapid adoption risks employee dissatisfaction and AI-generated security flaws, underscoring the need for strict controls alongside innovation.Breaches at Farmers Insurance (1.1M customers exposed) and Google via Salesforce illustrate the scale of third-party risk. Attackers exploit trusted platforms and human error, compromising data across multiple organizations at once. This shows security depends not only on internal defenses but on continuous vendor vetting and monitoring.Governments often demand access that undermines encryption, privacy, and transparency. The FTC warns that backdoors or secret concessions—such as the UK's (later retracted) request for Apple to weaken iCloud—violate user trust and U.S. law. Meanwhile, Russia's mandatory domestic apps exemplify sovereignty used for surveillance. Companies face a global tug-of-war between privacy, compliance, and open internet principles.Exploited legacy flaws prove that vulnerabilities never expire. Cisco's years-old Smart Install bug, still unpatched in many systems, allows surveillance of critical U.S. sectors. Persistent RDP scanning further highlights attackers' patience and scale. The lesson is clear: proactive patching, continuous updates, and rigorous audits are essential. Cybersecurity demands ongoing vigilance against both emerging and legacy threats.

EP 257.In this week's Super Intelligent IT Privacy and Security Weekly Update:Halo X's AI-powered glasses redefine digital assistance with real-time conversation insights for enhanced ... everything. Microsoft strengthens cybersecurity by limiting sensitive exploit code access in its vulnerability disclosure program. LibreOffice v25.8 empowers governments with secure, open-source tools for unparalleled digital sovereignty. FTC champions data security, urging U.S. tech leaders to resist foreign demands compromising encryption standards. Google swiftly removes 77 malicious apps, reinforcing mobile security against sophisticated malware threats. FBI exposes Russian cyber threats targeting U.S. infrastructure, urging immediate system updates. Coinbase fortifies security and accelerates AI integration to drive innovation and resilience. Massive scans on Microsoft RDP services point to the need for improved cybersecurity measures.Come on!  Let's go get super-intelligent!

This week's update begins with a look at the deployment of 2000 National Guard troops to the streets of Washington, DC in a massive security crackdown. We then shift to a different operation involving National Guard troops from 19 states working with ICE on immigration enforcement efforts. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Phishing Training Effectiveness: A study of over 19,000 employees showed traditional phishing training has limited impact, improving scam detection by just 1.7% over eight months. Despite varied training methods, over 50% of participants fell for at least one phishing email, highlighting persistent user susceptibility and the need for more effective cybersecurity education strategies.Cybersecurity Risks in Modern Cars: Modern connected vehicles are highly vulnerable to cyberattacks. A researcher exploited flaws in a major carmaker's web portal, gaining “national admin” access to dealership data and demonstrating the ability to remotely unlock cars and track their locations using just a name or VIN. This underscores the urgent need for regular vehicle software updates and stronger manufacturer security measures to prevent data breaches and potential vehicle control by malicious actors.Nation-State Cyberattacks on Infrastructure: Nation-state cyberattacks targeting critical infrastructure are escalating. Russian hackers reportedly took control of a Norwegian hydropower dam, releasing water undetected for hours. While no physical damage occurred, such incidents reveal the potential for widespread disruption and chaos, signaling a more aggressive stance by state-sponsored cyber actors and the need for robust infrastructure defenses.AI Regulation in Mental Health Therapy: States like Illinois, Nevada, and Utah are regulating or banning AI in mental health therapy due to safety and privacy concerns. Unregulated AI chatbots risk harmful interactions with vulnerable users and unintended data exposure. New laws require licensed professional oversight and prohibit marketing AI chatbots as standalone therapy tools to protect users.Impact of Surveillance Laws on Privacy Tech: Proposed surveillance laws, like Switzerland's data retention mandates, are pushing privacy-focused tech firms like Proton to relocate infrastructure. Proton is moving its AI chatbot, Lumo, to Germany and considering Norway for other services to uphold its no-logs policy. This reflects the tension between national security and privacy, driving companies to seek jurisdictions with stronger data protection laws.Data Brokers and Privacy Challenges: Data brokers undermine consumer privacy despite laws like California's Consumer Privacy Act. Over 30 brokers were found hiding data deletion instructions from Google search results using specific code, creating barriers for consumers trying to opt out of data collection. This intentional obfuscation frustrates privacy rights and weakens legislative protections.Android pKVM Security Certification: Android's protected Kernel-based Virtual Machine (pKVM) earned SESIP Level 5 certification, the first software security solution for consumer electronics to achieve this standard. Designed to resist sophisticated attackers, pKVM enables secure handling of sensitive tasks like on-device AI processing, setting a new benchmark for consistent, verifiable security across Android devices.VPN Open-Source Code Significance: VP.NET's decision to open-source its Intel SGX enclave code on GitHub enhances transparency in privacy technology. By allowing public verification, users can confirm the code running on servers matches the open-source version, fostering trust and accountability. This move could set a new standard for the VPN and privacy tech industry, encouraging others to prioritize verifiable privacy claims.

EP 256. Freshly Phished this week...A study with thousands of test subjects showed phishing training has minimal impact on scam detection. The results are surprisingly underwhelming.A hacker exploited a carmaker's web portal to access customer data and unlock vehicles remotely. The breach exposed major vulnerabilities.Russian hackers took control of a Norwegian dam, releasing water undetected for hours. The cyber-attack raises serious concerns and water levels.Illinois banned AI in mental health therapy, joining states regulating chatbots. The move addresses the growing safety concerns of AI and its crazy responses.Proton is relocating infrastructure from Switzerland due to proposed surveillance laws. The privacy-focused firm is taking bold steps and getting closer to the source of rakfisk.Data brokers are evading California's privacy laws by concealing opt-out pages. This tactic blocks consumers from protecting their data.Android's pKVM earned elite SESIP Level 5 security certification for virtual machines. The technology sets a new standard for device security, but what does it mean and what does it do?The UK abandoned its push to force Apple to unlock iCloud backups after privacy disputes. The decision followed intense negotiations with the U.S..VP.NET released its source code for public verification, enhancing trust in privacy tech. A move that sets a new transparency benchmark.​Let's hit the water!Find the full transcript to the podcast here.

In this week's update, we begin with news of thousands of US Marines deployed to the waters around Latin America and the Caribbean in a counter-cartel mission. We then shift to Washington, DC for a look at the federalization of the DC Metro Police Department and deployment of National Guard troops to the streets of the nation's capital. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

How AI Can Inadvertently Expose Personal DataAI tools often unintentionally leak private information. For example, meeting transcription software can include offhand comments, personal jokes, or sensitive details in auto-generated summaries. ChatGPT conversations—when publicly shared—can also be indexed by search engines, revealing confidential topics such as NDAs or personal relationship issues. Even healthcare devices like MRIs and X-ray machines have exposed private data due to weak or absent security controls, risking identity theft and phishing attacks.Cybercriminals Exploiting AI for AttacksAI is a double-edged sword: while offering defensive capabilities, it's also being weaponized. The group “GreedyBear” used AI-generated code in a massive crypto theft operation. They deployed malicious browser extensions, fake websites, and executable files to impersonate trusted crypto platforms, harvesting users' wallet credentials. Their tactic involves publishing benign software that gains trust, then covertly injecting malicious code later. Similarly, AI-generated TikTok ads lead to fake “shops” pushing malware like SparkKitty spyware, which targets cryptocurrency users.Security Concerns with Advanced AI Models like GPT-5Despite advancements, new AI models such as GPT-5 remain vulnerable. Independent researchers, including NeuralTrust and SPLX, were able to bypass GPT-5's safeguards within 24 hours. Methods included multi-turn “context smuggling” and text obfuscation to elicit dangerous outputs like instructions for creating weapons. These vulnerabilities suggest that even the latest models lack sufficient security maturity, raising concerns about their readiness for enterprise use.AI Literacy and Education InitiativesThere is a growing push for AI literacy, especially in schools. Microsoft has pledged $4 billion to fund AI education in K–12 schools, community colleges, and nonprofits. The traditional "Hour of Code" is being rebranded as "Hour of AI," reflecting a shift from learning to code to understanding AI itself. The aim is to empower students with foundational knowledge of how AI works, emphasizing creativity, ethics, security, and systems thinking over rote programming.Legal and Ethical Issues Around Posthumous Data UseOne emerging ethical challenge is the use of deceased individuals' data to train AI models. Scholars advocate for postmortem digital rights, such as a 12-month grace period for families to delete a person's data. Currently, U.S. laws offer little protection in this area, and acts like RUFADAA don't address AI recreations.Encryption Weaknesses in Law Enforcement and Critical SystemsRecent research highlights significant encryption vulnerabilities in communication systems used by police, military, and critical infrastructure. A Dutch study uncovered a deliberate backdoor in a radio encryption algorithm. Even the updated, supposedly secure version reduces key strength from 128 bits to 56 bits—dramatically weakening security. This suggests that critical communications could be intercepted, leaving sensitive systems exposed despite the illusion of protection.Public Trust in Government Digital SystemsTrust in digital governance is under strain. The UK's HM Courts & Tribunals Service reportedly concealed an IT error that caused key evidence to vanish in legal cases. The lack of transparency and inadequate investigation risk undermining judicial credibility. Separately, the UK government secretly authorized facial recognition use across immigration databases, far exceeding the scale of traditional criminal databases.AI for Cybersecurity DefenseOn the defensive side, AI is proving valuable in finding vulnerabilities. Google's “Big Sleep,” an LLM-based tool developed by DeepMind and Project Zero, has independently discovered 20 bugs in major open-source projects like FFmpeg and ImageMagick.

EP 255  For this week's sweet update  we start with AI tools that are quietly transcribing your meetings, but what happens when your offhand jokes end up in the wrong hands? Discover how casual chats are being exposed in automated summaries.Your ChatGPT conversations might be popping up in Google searches, revealing everything from NDAs to personal struggles. Uncover the scale of this privacy breach and what it means for you.Fake TikTok shops are luring shoppers with AI-crafted ads, hiding a sinister malware trap. Dive into the world of counterfeit domains stealing crypto and credentials.MRI scans and X-rays are leaking online from over a million unsecured healthcare devices. Find out how your medical secrets could be exposed to hackers worldwide.Security teams cracked GPT-5's defenses in hours, turning it into a tool for dangerous outputs. Explore how this AI's vulnerabilities could spell trouble for enterprise users.A slick AI-driven crypto heist stole millions through fake browser extensions and scam sites. Learn how GreedyBear's cunning tactics are redefining cybercrime.A secret IT glitch in UK courts has been wiping out evidence, leaving judges in the dark. Delve into the cover-up shaking trust in the justice system.UK police are scanning passport photos with facial recognition, all without public knowledge. Unravel the hidden expansion of surveillance using your personal images.Come on!  Let's raise those glucose levels.Find the full transcript to this podcast here.

In this week's update, we begin with an overview of the tragic shooting at Fort Stewart in Georgia. We then shift over to Friday's shooting on the CDC campus in Atlanta. Police believe the suspect was motivated by a belief he was injured by the COVID-19 vaccine. This incident took place just two days after HHS Secretary pulled research funding for mRNA vaccines because of the dangers they pose. We also take a look the President's decision to deploy federal law enforcement to patrol the streets of Washington, DC. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

1. Scrutiny of the "Tea" Dating AppThe women-focused dating app "Tea" faces backlash after two data breaches exposed 72,000 sensitive images and 1.1 million private messages. Though security upgrades were promised, past data remained exposed, and the app lacks end-to-end encryption. Additionally, anonymous features enabling posts about men have sparked defamation lawsuits. Critics argue Tea prioritized rapid growth over user safety, exemplifying the danger of neglecting cybersecurity in pursuit of scale.2. North Korean Remote Work InfiltrationCrowdStrike has flagged a 220% surge in North Korean IT operatives posing as remote workers—over 320 cases in the past year. These operatives use stolen/fake identities, aided by generative AI to craft résumés, deepfake interviews, and juggle multiple jobs. Their earnings fund Pyongyang's weapons programs. The tactic reveals the limits of traditional vetting and the need for advanced hiring security.3. Airportr's Data ExposureUK luggage service Airportr suffered a major security lapse exposing passport photos, boarding passes, and flight details—including those of diplomats. CyberX9 found it possible to reset accounts with just an email and no limits on login attempts. Attackers could gain admin access, reroute luggage, or cancel flights. Although patched, the incident underscores risks of convenience services with poor security hygiene.4. Risks of AI-Generated CodeVeracode's "2025 GenAI Code Security Report" found that nearly 45% of AI-generated code across 80 tasks had security flaws—many severe. This highlights the need for human oversight and thorough reviews. While AI speeds development, it also increases vulnerability if unchecked, making secure coding a human responsibility.5. Microsoft's SharePoint Hack ControversyChinese state hackers exploited flaws in SharePoint, breaching hundreds of U.S. entities. A key concern: China-based Microsoft engineers maintained the hacked software, potentially enabling earlier access. Microsoft also shared vulnerability data with Chinese firms through its MAPP program, while Chinese law requires such data be reported to the state. This raises alarms about outsourcing sensitive software to geopolitical rivals.6. Russian Embassy Surveillance AttackRussia's "Secret Blizzard" hackers used ISP-level surveillance to deliver fake Kaspersky updates to embassies. These updates installed malware and rogue certificates enabling adversary-in-the-middle attacks—allowing full decryption of traffic. The attack shows the threat of state-level manipulation of software updates and underscores the need for update authenticity verification.7. Signal's Threat to Exit AustraliaSignal may pull out of Australia if forced to weaken encryption. ASIO's push for access contradicts Signal's end-to-end encryption model, which can't accommodate backdoors without global compromise. This standoff underscores a broader debate: encryption must be secure for all or none. Signal's resistance reflects the rising tension between privacy advocates and governments demanding access.8. Los Alamos Turns to AILos Alamos National Laboratory has launched a National Security AI Office, signaling a pivot from nuclear to AI capabilities. With massive GPU infrastructure and university partnerships, the lab sees AI as the next frontier in scientific and national defense. This reflects a shift in global security dynamics—where large language models may be as strategically vital as missiles.

EP 254. In this week's update:Despite back-to-back data breaches and legal blowback, women are still queuing up by the millions for Tea.  This is one hot dating app that's apparently more viral than secure.North Korean IT operatives are clocking into remote jobs worldwide. Fueled by GenAI and fake identities in what CrowdStrike calls a daily cybersecurity crisis.A British luggage startup managed to lose more than just bags. Airportr briefly exposed diplomatic travel data and full backend access to anyone with a browser and curiosity.According to Veracode, nearly half of all AI-generated code is insecure. And that should leave you feeling insecure, especially if your code reviews have been neglectedMicrosoft confirmed Chinese engineers have long supported the same SharePoint software recently hacked by Beijing.  The breach hit hundreds of U.S. institutions—including nuclear and homeland security.Russian state hackers tricked foreign embassies into installing fake updates from “Kaspersky.”  The malware came with a rogue root certificate—and full surveillance capabilities.Signal's president warned it might pull out of Australia over demands to weaken encryption. The country's privacy pushback continues—and secure apps are packing their bags.Los Alamos is pouring resources into AI research—because in 2025, the most powerful weapon might be a large language model, rather than a missile.Finish that cuppa, we have a lot to cover!Find the full transcript to this podcast here.

In this week's update, we look into a joint statement issued by the U.S. and 13 other nations accusing Iran's intelligence services of orchestrating assassination, kidnapping, and harassment plots in Europe and the U.S. We then explore a complaint that hundreds of Federal Air Marshals have reportedly been reassigned to assist with ICE deportation flights. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Germany's Tech-Driven Warfare & Ethical ImplicationsGermany is integrating AI, robotics, and human-machine teaming into its military, deploying tech like robotic cockroaches for surveillance and mini-robots for urban combat. These innovations aim to enhance decision-making and minimize human risk. Yet, critics warn of ethical and legal concerns, especially around loss of human oversight in lethal decisions. Despite official claims that humans will remain in control, the autonomy debate continues.Astronomer's "Kiss Cam" ScandalA viral Coldplay concert “Kiss Cam” captured Astronomer's CEO and Chief People Officer—both married—trying to avoid public display. The clip, viewed over 127 million times, sparked privacy concerns and led to their resignations. In a PR twist, Astronomer hired Gwyneth Paltrow (ex-wife of Coldplay's Chris Martin) as a temporary spokesperson to steer attention back to the company's data automation services.Tea App's Privacy BreachesThe women's dating safety app “Tea” was compromised twice. First, 72,000 private images, including IDs and selfies, were leaked due to an unsecured Firebase database. A second breach exposed over a million sensitive messages containing personal info and taboo topics. Despite promises of anonymity, users' names, social links, and phone numbers were often easily traceable—defeating the app's core promise of safety.WhoFi and the Future of SurveillanceWhoFi, a surveillance system developed at La Sapienza University, uses Wi-Fi distortions (Channel State Information) to uniquely identify individuals based on their body's impact on signal patterns. Achieving up to 95.5% accuracy, it can track people without phones or devices, raising serious privacy concerns about ubiquitous, passive surveillance with no opt-out.ChatGPT Agent Bypasses SecurityOpenAI's ChatGPT Agent demonstrated it can bypass Cloudflare's anti-bot “I am not a robot” checks. Operating in a sandboxed browser environment, it navigated multi-step verifications without CAPTCHAs. This challenges the efficacy of current web security protocols and signals that anti-bot measures may be obsolete in the face of advanced AI agents.AI-Driven Pricing Controversy in AirlinesAmerican Airlines' CEO slammed Delta for using AI in airfare pricing, labeling it “bait and switch.” Delta claims uniform pricing across channels and denies tailoring fares per customer. While Delta plans broader AI deployment, competitors like Southwest and American reject AI pricing, citing privacy concerns and potential fare manipulation.Clorox Hack & Vendor NegligenceA 2023 cyberattack cost Clorox $380 million due to a security lapse by its IT vendor, Cognizant. Hackers impersonated Clorox employees and tricked service desk agents into resetting credentials—no identity checks were performed. Now, Clorox is suing Cognizant for damages stemming from this avoidable breach.North Korean Espionage via Remote WorkNorth Korean operatives used stolen identities to land remote IT jobs at major U.S. firms like Nike and Chick-fil-A. Aided by VPNs and paid stand-ins for interviews, they funneled salaries to the regime. A U.S. woman received 8.5 years in prison for facilitating this scheme, which exposed sensitive company data and posed national security risks.

EP 253.In this update we find out that...Germany's military is diving into sci-fi territory with AI-powered robots and spy cockroaches.  What futuristic tactics are they cooking up to redefine the battlefield?  We find out, and then bug out.Astronomer Hires Coldplay Lead Singer's Ex-Wife as Temporary Spokesperson: Gwyneth Paltrow.  A viral Kiss Cam scandal rocks Astronomer, leading to resignations and a surprise Gwyneth Paltrow cameo.  How did a Coldplay concert spark this corporate chaos?  You know the story.  Women Dating Safety App Tea Breached, Users IDs Posted To 4chan.  The women's safety app Tea suffers twin data breaches, exposing selfies, IDs, and private messages.Researchers unveil WhoFi, a system that tracks people using Wi-Fi signal distortions with chilling accuracy.  Could your body's shadow betray your identity without a single device?  OpenAI's ChatGPT Agent breezes through anti-bot checks, raising eyebrows about online security.  What happens when an AI outsmarts the systems designed to stop it?  American Airlines' CEO slams Delta's AI-driven airfare pricing as a sneaky trick on travelers.  New tech stirs controversy with potential to mislead passengers and one CEO aims to capitalize on it, at least for a little while.Clorox reels from a $380M hack after its IT vendor handed passwords to cybercriminals.  A simple phone call triggered a catastrophic breach and lots of... cough ... dirty laundry.North Korean operatives infiltrated Nike and Chick-fil-A with fake identities, aided by an Arizona woman.  A covert scheme exposed a global cyberthreat with a side of fries.Our punchlines are flowing like dad jokes.  Quick ... we better get you into the rest of the update!Find the full transcript for this podcast here.

In this week's update, we explore witness testimony from congressional hearings examining the evolution of cyber threats targeting U.S. critical infrastructure since the discovery of Stuxnet, the world's first digital weapon. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

A single compromised password led to the collapse of 158-year-old UK logistics firm KNP, after hackers—suspected to be the Akira gang—used it to gain access, encrypt systems, and demand a £5 million ransom. Unable to pay, the company lost all its data and folded, putting 700 employees out of work. The breach underscores how weak access controls can have catastrophic consequences.To counter massive botnets, Google is now combining technical defenses with legal action. Its lawsuit against the “BadBox 2.0” operators marks a major shift: targeting criminals behind malware that infected over 10 million Android devices. Google's strategy includes leveraging the CFAA and RICO Act to not just stop malware but dismantle the entire criminal infrastructure—signaling a more aggressive, litigation-driven cybersecurity era.Meanwhile, a new malware delivery method is exploiting DNS—a common but often under-monitored network function. Attackers hide malware in DNS TXT records, break it into chunks, and reassemble it on target systems using standard DNS queries. Since DNS traffic is rarely scrutinized, this technique bypasses traditional defenses, making DNS monitoring essential for comprehensive protection.Travelers to China face serious privacy risks. Authorities are using malware like “Massistant” to extract sensitive data from mobile phones during inspections. Developed by Chinese firm Meiya Pico, the software accesses encrypted texts, location history, and even Signal messages upon installation. Though evidence of compromise may remain, the intrusion happens before detection, raising concerns for anyone bringing devices into the country.China has also shifted its cyberattack strategy by outsourcing operations to private firms. These companies now discover and sell zero-day vulnerabilities to government agencies. This model, which evolved from loosely affiliated hacker groups, blurs the line between state and private enterprise, making attribution difficult. As a result, China-linked hackers increasingly infiltrate U.S. critical infrastructure while masking their origins, and exposure alone no longer seems to deter them.In response to national security concerns, Microsoft has removed China-based engineers from U.S. military cloud projects. A ProPublica investigation revealed their prior involvement, prompting a Pentagon ban on such support. Previously, Chinese engineers worked under U.S. supervision, a practice now deemed too risky for defense-related systems.Microsoft's SharePoint is also under siege. Chinese state actors exploited a critical flaw dubbed “ToolShell” to compromise at least 54 organizations, including those in critical infrastructure. The attack allowed for deep system access, extraction of encryption keys, and installation of web shells—despite prior patches. The incident stresses the need for rapid patching and vigilance, even on widely used enterprise platforms.Cyberwarfare is influencing real-world military dynamics. Ukrainian cyber operatives claim to have digitally crippled a major Russian drone manufacturer, deleting 47TB of production data and disabling access systems. Allegedly backed by military intelligence, the attack highlights how digital sabotage can directly disrupt military production and reshape conflict outcomes. Code is now as consequential as conventional weapons on the modern battlefield.

EP 252. In this week's update:​A single compromised password enabled ransomware actors to bankrupt a 158-year-old British logistics firm, exposing the catastrophic business risks of weak access controls.Google launches its most aggressive legal action yet to dismantle a massive botnet infecting over 10 million devices, signaling a strategic shift toward litigation-led cyber defense.Security researchers have identified a new malware technique leveraging overlooked DNS traffic to bypass traditional defenses—highlighting a critical blind spot in enterprise monitoring.Chinese authorities are deploying powerful forensic malware to extract encrypted data from seized mobile devices, raising red flags (literally) for travelers and privacy advocates alike.China's outsourcing of cyberattacks to private firms marks a new era of state-sponsored hacking thoroughly blurring the lines between national strategy and commercial enterprise.Microsoft is removing China-based engineers from U.S. military cloud projects following national security concerns—prompting a major policy shift in federal tech partnerships.Microsoft has attributed a wave of advanced SharePoint breaches to Chinese threat actors, urging critical infrastructure operators to reevaluate patching protocols and on-premise defenses.Ukrainian cyber operatives claim to have obliterated a major Russian drone producer's entire digital infrastructure... potentially stalling military production and reshaping electronic warfare dynamics.Let's put the pedal to the metal.Find the complete transcript to this week's podcast here.

In this week's update, we look at the the details of this past Sunday's church shooting in Kentucky, and the enduring problem of lone wolf attacks in the homeland. We then shift to a "Duty to Warn" notification from the Army regarding a potential terrorist threat targeting retired senior officials. This episode concludes with highlights from congressional hearings on the growing homeland security threats stemming from the use of unmanned aircraft systems. An expanded written version of this report can be found in our weekly Threat Journal email newsletter. You can subscribe for free by visiting https://www.ThreatJournal.com. A link to this issue will be sent to you immediately via email. AlertsUSA Homepage http://www.AlertsUSA.com – (Homeland Security Alerts for Mobile Devices) AlertsUSA on Facebook https://www.facebook.com/alertsusa AlertsUSA on Twitter https://twitter.com/alertsusa Threat Journal on Twitter https://twitter.com/threatjournal Threat Journal Homepage https://www.ThreatJournal.com

Significant Data Breaches and VulnerabilitiesMcDonald's AI-driven hiring platform, Olivia (by Paradox.ai), exposed 64 million applicant records due to weak security, including a password as simple as "123456." In Sweden, security personnel inadvertently revealed Prime Minister Ulf Kristersson's whereabouts by sharing fitness routes on Strava. Qantas suffered a breach affecting 5.7 million customers, with personal details like addresses and phone numbers exposed via a third-party platform compromised by the Scattered Spider group. These cases demonstrate the risks of inadequate security in automated systems and third-party integrations.Skepticism Around Jack Dorsey's Bitchat AppJack Dorsey's Bitchat, a decentralized messaging app using Bluetooth and end-to-end encryption, faces skepticism due to its lack of external security audits. Researchers identified flaws, such as a broken identity verification system enabling impersonation. Dorsey's warnings on GitHub advise against using the app until properly vetted, raising concerns about premature launches of privacy-focused tools.“Contagious Interview” AI-Powered ScamThe “Contagious Interview” scam, linked to North Korean hackers, targets job-seekers on platforms like LinkedIn. Posing as recruiters from fake companies (e.g., BlockNovas LLC), hackers use AI-generated personas and fake profiles to trick victims into installing malware disguised as interview tools. This malware, including BeaverTail and InvisibleFerret, steals passwords and cryptocurrency data, showing the potent combination of AI and social engineering in cybercrime.Quantum Computing Threat to EncryptionQuantum computing's rise threatens current encryption methods like RSA and ECC, posing risks to data security in industries like finance and healthcare. Experts recommend adopting post-quantum cryptography (PQC) by inventorying encryption-reliant systems, requiring vendors to provide PQC migration plans, and updating firmware to quantum-resistant signatures to protect against future decryption threats.OpenAI's Challenge to Productivity SoftwareOpenAI is poised to disrupt Microsoft 365 and Google Workspace with an AI-powered productivity suite. Leveraging generative AI, it offers collaborative writing, editing, brainstorming, and graphics assistance, potentially at a lower cost than Microsoft's Copilot. This move signals a shift toward AI-driven productivity tools, challenging established market leaders.xAI API Key LeakA DOGE employee, Marko Elez, accidentally exposed an xAI API key on GitHub, granting access to over 52 AI models, including grok-4-0709. Elez's role in DOGE, with access to sensitive U.S. government data, amplifies the risk. The unrevoked key and prior DOGE leaks suggest systemic security negligence, endangering AI models and government data.Cybersecurity TakeawaysThese incidents emphasize the need for robust cybersecurity in automated systems, thorough vetting of third-party platforms, caution with digital footprints (e.g., fitness apps), and external security reviews for new apps. Vigilance against AI-driven scams is critical, with users urged to verify sources and software.Broader Cyber Threat TrendsThe reliance on vulnerable third-party platforms, sophisticated AI-powered social engineering, internal security lapses, and the looming quantum computing threat demonstrate the need for proactive, future-proof cybersecurity strategies to safeguard sensitive data and systems.

EP 251. This week's update with a side of Fries....McDonald's AI-driven hiring platform faces scrutiny after a critical security flaw exposed millions of applicants' personal data to potential hackers.  Swedish security personnel inadvertently disclosed Prime Minister Ulf Kristersson's private whereabouts through fitness app Strava, raising national security concerns. Qantas confirms a massive data breach affecting 5.7 million customers, exposing personal details via a third-party platform breach by the Scattered Spider group. Jack Dorsey's Bitchat app, touted for secure decentralized messaging, faces skepticism as untested security vulnerabilities spark concerns among researchers. As quantum computing nears, industries are urged to adopt post-quantum cryptography to safeguard sensitive data against future decryption threats. North Korean hackers deploy the sophisticated “Contagious Interview” scam, using AI-driven personas to trick job-seekers into installing malicious software.  OpenAI challenges Microsoft with a forthcoming AI-powered productivity suite, aiming to disrupt the dominance of Microsoft 365 and Google Workspace.  A DOGE employee's accidental leak of xAI's API key on GitHub provides access to advanced AI models, all r  adding up to some pretty silly security lapses.Please pass the ketchup!For this week's full transcript and additional links, click here.

Emerging Trends in Privacy, Security, and AIDecentralized, Offline Messaging with BitchatJack Dorsey's Bitchat is a privacy-first messaging app that bypasses internet and servers, using Bluetooth Low Energy (BLE) mesh networking to transmit encrypted, ephemeral messages between nearby devices. It doesn't require phone numbers, accounts, or cloud storage, and messages disappear by default. Bridge devices help extend communication range, making Bitchat ideal for secure, off-grid use.Google Gemini AI and Privacy RisksGemini AI now accesses third-party app data on Android to offer personalized help, such as reading messages or travel plans. This is enabled by default, raising privacy concerns due to the opt-out model. Users can disable this by adjusting settings in the Gemini app and Android assistant preferences, protecting themselves from unwanted data sharing.Stalkerware and the Catwatchful Data BreachStalkerware secretly monitors victims' phones. The Catwatchful breach exposed the inner workings of such an app, leaking over 620,000 files from thousands of Android devices. Sensitive data—including messages, calls, locations, and recordings—was compromised. The incident emphasized the dangers of covert surveillance and the importance of frequent device audits.AT&T's Account Lock Against SIM SwappingTo counter SIM swapping—a fraud tactic for hijacking phone numbers—AT&T introduced Account Lock. Enabled via the myAT&T app, it blocks unauthorized changes to accounts, like SIM swaps or billing info updates. Only primary and secondary account holders can manage the feature, and alerts are sent when changes are attempted.Free IP Address SSL from Let's EncryptLet's Encrypt now offers free TLS/SSL certificates for IP addresses, a feature that previously required paid services. This allows users with static IPs to secure websites via HTTPS without needing a domain name, broadening access to internet security for individuals and small organizations.Debate Over Artificial General Intelligence (AGI)AGI, defined as machine intelligence equal to or exceeding human capability across tasks, remains an ill-defined concept. The lack of consensus complicates investment, regulation, and measurement in the AI field, making it difficult to assess progress or set meaningful policy benchmarks.Microsoft's AI-Based Layoff Support Draws CriticismAfter laying off nearly 1,000 employees, Microsoft suggested affected staff use AI tools like Copilot for emotional support. This move was widely criticized as insensitive and profit-driven, spotlighting the growing unease with replacing human empathy with AI in sensitive situations.

This week takes us from blueteeth to AI emotional supportJack Dorsey's innovative Bitchat app pioneers secure, internet-free messaging via Bluetooth, redefining decentralized communication.Google's Gemini AI introduces context-aware assistance on Android, sparking privacy debates with its opt-out data access model.A major breach exposes Catwatchful's invasive stalkerware, compromising thousands of Android devices with covert surveillance.Finally, AT&T's Account Lock feature empowers customers to safeguard their accounts against rising SIM swapping threats.Let's Encrypt revolutionizes online security by offering free TLS/SSL certificates for IP addresses, enhancing accessibility.The elusive definition of AGI fuels debate, challenging tech giants like Microsoft and OpenAI in their race for innovation.Microsoft's AI-driven layoff support sparks discussion, as displaced employees are encouraged to use Copilot for emotional resilience.Obviously lots of news and emotion packed into this week's update.  Let's go cry an AI.For a full transcript click here.

This week we've got loads of news and loadsa money!North Korean IT workers secretly landed remote jobs at over 100 U.S. tech companies, funneling millions to fund Kim Jong Un's weapons program.  The operation ran for years undetected—until the FBI knocked on the wrong contractor's door.Android 16 is getting a stealthy new feature that alerts users when their phone connects to suspicious cell towers.Think your phone isn't being watched?  Your operating system might soon say otherwise.A massive printer vulnerability affects nearly 700 Brother models and devices from other major brands.Hackers can bypass admin passwords with nothing but a serial number—guess what's sitting unsecured in your office?Microsoft is phasing out passwords in its Authenticator app, starting a full pivot to biometrics and passkeys.  You've got until August 2025 before your autofill feature goes dark.The NIH now requires that all taxpayer-funded research be freely available the moment it's published.  In a surprise move, the Trump administration just fast-tracked open science—seriously.  What?Dozens of pro-Scottish independence X accounts suddenly went dark after Israeli strikes crippled Iranian cyber infrastructure.  Turns out, your favorite “local activist” might have been powered by Tehran.Facebook wants permission to scan your unposted camera roll photos using Meta AI for creative suggestions.  Say "yes", and you're handing over your private moments—whether you shared them or not.Meta just launched a new AI superlab and is throwing around $10M pay packages to build it.  Zuckerberg's not just building chatbots—he's recruiting an AI dream team.Loadsa everything.  Let's go get rich!Find the full transcript to this podcast here.

North Korean IT Worker Fraud Scheme:The U.S. Department of Justice uncovered a covert North Korean operation involving IT workers fraudulently securing remote jobs at over 100 American tech companies using stolen or fake identities. These workers operated within U.S.-based "laptop farms" and created shell companies to obscure over $5 million in illicit earnings. Funds were funneled to the North Korean government, supporting weapons development. The scheme also involved data theft, including sensitive source code from a U.S. defense contractor.Android 16 Anti-Surveillance Feature:Android 16 introduces a “network notification” security upgrade that alerts users when their device connects to suspicious or unencrypted cell networks. It specifically guards against fake cell towers, such as stingray devices, by warning users about network requests for identifiers or lack of encryption, enhancing protection from mobile surveillance and forced downgrades to insecure protocols.Critical Printer Vulnerabilities:Rapid7 researchers identified eight major vulnerabilities affecting printers from Brother, Ricoh, Toshiba, Konica Minolta, and Fujifilm. The most critical flaw (CVE-2024-51978) lets remote attackers bypass admin authentication by exploiting a companion vulnerability (CVE-2024-51977) that reveals the printer's serial number—used to generate default admin credentials. This enables unauthorized reconfiguration and access to stored sensitive documents.Microsoft Authenticator Password Phase-Out:Microsoft will remove password autofill and access features from its Authenticator app starting July 2025. The move supports a transition to passwordless sign-ins using biometrics (e.g., facial recognition, fingerprints) and passkeys, aligning with industry shifts toward stronger, phishing-resistant authentication methods.NIH Open-Access Research Mandate:A new U.S. NIH policy mandates that all taxpayer-funded research be freely accessible upon publication. This accelerates an open-access directive initiated under Biden and implemented during the Trump administration. The policy enhances public access to scientific discoveries and may enable AI tools to help interpret complex studies for broader audiences.Pro-Scottish Independence Account Shutdowns:On June 12, multiple X (formerly Twitter) accounts advocating for Scottish independence vanished in sync with an Israeli cyber strike on Iran. The timing and scope of internet outages in Iran imply that the accounts were likely Iranian-run disinformation tools designed to destabilize the UK under the guise of grassroots political advocacy.Facebook Camera Roll Upload Concerns:Facebook is asking users to opt in to uploading unshared photos from their camera roll to Meta's servers to enable AI-generated content (e.g., collages). While Meta states that content remains private and isn't used for advertising, users must accept AI Terms that permit facial recognition, retention of loosely defined personal data, and potential human review—raising serious privacy concerns over intimate, unshared images.Meta's AI Superlab Push:Meta has launched “Meta Superintelligence Labs” and is heavily investing in top AI talent, reportedly offering compensation packages in the $10 million range. This underscores Meta's ambition to lead in high-end AI development, marking its entry into the elite tier of the global “AI arms race” beyond consumer-facing chatbots.