#deceptive-verification
#deceptive-verification

fromFortune

9 hours ago

Fortune

AI agents operate autonomously, creating governance gaps and enterprise risk as organizations struggle to manage their authority and actions.

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

fromnews.bitcoin.com

14 hours ago

Kraken Targeted by Extortion Group Threatening to Leak Internal Support Videos

Kraken will not pay ransom demanded by a criminal group threatening to release internal support videos.

fromBitcoin Magazine

Crypto Exchange Kraken Faces Extortion Attempt After Insider Access Incidents Involving Support Staff

Kraken experienced two insider-related security incidents but confirmed no systems were breached and no client funds were at risk.

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Marketing tech

fromAdExchanger

19 hours ago

AI Is Nothing Without Data Fidelity. Here's A Four-Step Approach to Protect It | AdExchanger

Data integrity is crucial for effective AI in advertising, as flawed data leads to poor outcomes.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators

Over 70 advocacy organizations demand Meta halt face recognition plans for smart glasses due to privacy and safety concerns.

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

fromWIRED

15 hours ago

Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators

Over 70 advocacy organizations demand Meta halt face recognition plans for smart glasses due to privacy and safety concerns.

Huge Group of Experts Warns Meta That Its Pervert Glasses Will Enable Terrible Crimes

Meta's Ray-Ban AI glasses face backlash for privacy violations and plans for facial recognition technology, prompting outrage from civil rights groups.

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromYahoo Tech

Privacy technologies

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Information security

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

20 hours ago

Information security

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

Information security

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

Silicon Valley

fromWIRED

20 hours ago

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

How AI could drive cyber investigation tools from niche to core stack

The rise of AI presents new cybersecurity risks, necessitating a shift from traditional defensive strategies to proactive measures against sophisticated threats.

20 hours ago

CPUID Hacked to Serve Trojanized CPU-Z and HWMonitor Downloads

The CPUID website was hacked, distributing malicious versions of popular hardware monitoring tools for approximately six hours.

fromInside Higher Ed | Higher Education News, Events and Jobs

CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads

CPUID was compromised to distribute malicious executables and deploy STX RAT for less than 24 hours.

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

Higher education

21 hours ago

The Best Defense Against AI Cheating (opinion)

Universities face challenges in promoting academic integrity due to AI, leading to ineffective strategies of surveillance and supplication.

#ai

fromwww.npr.org

US news

How AI is getting better at finding security holes

Meta Secretly Building a Photorealistic AI Clone of Mark Zuckerberg so No Employee Can Ever Escape His Watchful Eye

Meta CEO Mark Zuckerberg is using AI to create a 3D avatar of himself for employee interaction and feedback.

Information security

Runtime security becomes critical as AI accelerates threats

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Psychology

fromMedium

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.

fromComputerWeekly.com

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

fromwww.npr.org

US news

How AI is getting better at finding security holes

Meta Secretly Building a Photorealistic AI Clone of Mark Zuckerberg so No Employee Can Ever Escape His Watchful Eye

Meta CEO Mark Zuckerberg is using AI to create a 3D avatar of himself for employee interaction and feedback.

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

Psychology

fromMedium

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.

fromComputerWeekly.com

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

Security reserchers tricked Apple Intelligence into cursing

Apple Intelligence can be hijacked through prompt injection, exposing millions of users to risk, but a fix was implemented in iOS 26.4 and macOS 26.4.

Apple Intelligence AI Guardrails Bypassed in New Attack

Researchers have successfully bypassed Apple's AI safety protocols using adversarial techniques, allowing for the execution of arbitrary tasks and manipulation of private data.

more#apple-intelligence

UX design

fromEntrepreneur

The Hidden Risk Behind Every 'Frictionless' Digital Experience

Digital experiences should prioritize human agency over pressure tactics to foster trust and informed decision-making.

fromTechCrunch

12 hours ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

fromMail Online

15 hours ago

Warning to iPhone users over iCloud storage scam exposing bank details

A new email scam targets iPhone users, posing as iCloud notifications to steal personal and banking information.

Canada news

fromThe Walrus

Why Your Credit Card Is a National Security Threat | The Walrus

Canada needs to develop its own digital payment infrastructure to ensure financial autonomy and protect against foreign control.

7 hours ago

The votes are in: AI will hurt elections and relationships

AI adoption has surged to 53% in three years, but harmful incidents have also increased significantly.

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

US, UK, Canadian cops disrupt $45M global crypto scam

A global cryptocurrency scam was disrupted, recovering $12 million and identifying over 20,000 fraud-linked wallet addresses across 30 countries.

19 hours ago

International Operation Targets Multimillion-Dollar Crypto Theft Schemes

Operation Atlantic targets multimillion-dollar cryptocurrency theft, freezing $12 million in stolen assets and identifying over $45 million in stolen funds.

US, UK, Canadian cops disrupt $45M global crypto scam

A global cryptocurrency scam was disrupted, recovering $12 million and identifying over 20,000 fraud-linked wallet addresses across 30 countries.

How AI Interfaces Are Reshaping Discovery, Trust And Decision Making

The traditional home page is losing its significance as AI assistants reshape how users interact with brands online.

Digital life

fromCbsnews

1 day ago

Is your phone listening to you?

Phones are not listening to conversations; targeted ads are based on user behavior and interests.

fromMail Online

Warning to all iPhone users over new scam draining bank accounts

iPhone users are warned about a scam involving fake Apple Pay alerts that drain bank accounts.

fromwww.theguardian.com

Your photos will be deleted': Apple users warned over nasty' iCloud storage scam

Scam emails impersonating Apple threaten users about full iCloud storage to steal personal and bank details.

New Apple Scam Hits Millions of iPhone Users Worldwide, Draining Bank Accounts

Apple warns iPhone users about a surge in social engineering scams targeting bank accounts through panic-inducing messages.

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

fromnews.bitcoin.com

Crypto ATM Giant Discloses $3.7 Million Bitcoin Theft Following Cyberattack

Bitcoin Depot lost over 50 bitcoins in a cyberattack, prompting a review of IT security and potential regulatory implications.

#data-breach

Booking.com Hack Exposes Customer Data, Sparks Travel Scam Fears

Hackers breached Booking.com, exposing personal data of customers, including names, addresses, and booking details, raising concerns about privacy and security.

fromTechCrunch

16 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

Booking.com Hack Exposes Customer Data, Sparks Travel Scam Fears

Hackers breached Booking.com, exposing personal data of customers, including names, addresses, and booking details, raising concerns about privacy and security.

fromTechCrunch

16 hours ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.

fromNextgov.com

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.

Digital life

fromBig Think

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.

fromNextgov.com

New methods for assuring digital identity and authenticity

Generative AI is transforming content creation, increasing the need for reliable identity verification and authenticity in digital media.

more#generative-ai

#ai-fraud

It's way too easy to cheat now

Generative AI enables undetectable scams, including fake X-rays that deceive even experienced radiologists.

fromComputerworld

What IT leaders need to know about AI-fueled death fraud

AI-generated fake death certificates pose significant risks for businesses by enabling fraudsters to exploit customer accounts and data.

It's way too easy to cheat now

Generative AI enables undetectable scams, including fake X-rays that deceive even experienced radiologists.

fromComputerworld

What IT leaders need to know about AI-fueled death fraud

AI-generated fake death certificates pose significant risks for businesses by enabling fraudsters to exploit customer accounts and data.

Information security

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

Privacy professionals

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Information security

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

15 hours ago

FBI and Indonesian Police Dismantle W3LL Phishing Network Behind $20M Fraud Attempts

The FBI and Indonesian National Police dismantled a global phishing operation using the W3LL toolkit, preventing over $20 million in fraud.

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.

Hundreds compromised daily in Microsoft device code phishes

A Microsoft device-code phishing campaign is compromising hundreds of organizations daily, utilizing AI and automation to steal financial data.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

more#phishing

The Hidden ROI of Visibility: Better Decisions, Better Behavior, Better Security

Visibility through security measures can deter undesirable behavior and enhance safety in challenging situations.

Digital life

fromTODAY.com

Send This to Your Boomer Parents: Avoid AI Scams With 1 Trick From a Deepfake Expert

Artificial intelligence is rapidly improving at creating realistic fake media, leading to increased vulnerability to scams, especially among older adults.

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

18 hours ago

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

23 hours ago

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI's macOS apps were affected by a supply chain attack, but no user data or internal systems were compromised.

18 hours ago

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI was affected by a supply chain attack involving malicious Axios packages attributed to North Korean hackers.

more#openai

fromWIRED

Men Are Buying Hacking Tools to Use Against Their Wives and Friends

Telegram groups facilitate the sale of hacking and surveillance services, promoting abusive content targeting women and girls.

Business intelligence

fromSecuritymagazine

AI Security and Forensic Accounting: Protecting Financial Systems in an Automated World

AI-enhanced forensic accounting is essential for detecting financial fraud and payment manipulation in automated financial systems vulnerable to sophisticated, AI-driven attacks.

fromCointelegraph

How a 'Wrong Number' Message Turned Into a $3.4M Crypto Scam

This $3.4 million scam illustrates the rise of social engineering in crypto fraud, focusing on emotional manipulation over technical exploits.

21 hours ago

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.

fromArs Technica

Reddit will require "fishy" accounts to verify they are run by a human

Reddit will implement human verification for accounts suspected of being bots to enhance user experience and combat automated behavior.

22 hours ago

Cisco aims to make AI agents safer with proposed acquisition of Astrix

Cisco is pursuing an acquisition of Astrix Security to enhance its AI security capabilities.

Online marketing

fromAxios

Inside a network of more than 200 AI slop websites gaming advertisers

Fraudsters use large language models to generate over 200 fake advertising websites designed to deceive advertisers and capture ad revenue through sensationalized, AI-generated content.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

#identity-management

Information security

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

more#identity-management

E-Commerce

fromPractical Ecommerce

The Fraud Hiding in Email Signups

Fake but valid email accounts enable card testing and coupon abuse, causing chargebacks, revenue and inventory loss, and jeopardizing merchant payment relationships.

Gadgets

fromThe Verge

Ring can verify videos now, but that might not help you with most AI fakes

Ring Verify attaches a digital security seal to Ring cloud downloads and confirms a video is unmodified since download; any edit causes verification to fail.

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

fromSilicon Canals

I'm a retired Boomer and I just watched my smartest friend lose everything to a scam-here are 9 ways they got to him that could get to anyone - Silicon Canals

Last month, I sat across from one of the brightest people I know as he explained how he'd lost nearly everything to a sophisticated scam. This wasn't some naive teenager or technophobe. This was my friend from university days, a retired executive who'd navigated corporate politics for decades and made shrewd investment decisions his whole life. Watching him piece together how it happened was like watching someone solve a puzzle in reverse.

Psychology

Is 46% of your AI-generated code vulnerable?

46% of AI-generated code contains security vulnerabilities, necessitating integrated governance throughout the software delivery lifecycle.

#cybercrime

fromthenextweb.com

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.

New Scam Alert: QR Codes Replace Links in Traffic Ticket Phishing

Cybercriminals are using QR codes in traffic-violation scams to deceive victims into providing sensitive information.

fromthenextweb.com

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.

New Scam Alert: QR Codes Replace Links in Traffic Ticket Phishing

Cybercriminals are using QR codes in traffic-violation scams to deceive victims into providing sensitive information.

more#cybercrime

#phishing-as-a-service

Tycoon 2FA Phishing Platform Dismantled in Global Takedown

Europol and Microsoft led a coordinated takedown of Tycoon 2FA, a phishing-as-a-service platform responsible for 62% of phishing attempts blocked by Microsoft and affecting 96,000 victims worldwide.

Information security

How phishing service Tycoon 2FA went under

Tycoon 2FA Phishing Platform Dismantled in Global Takedown

Europol and Microsoft led a coordinated takedown of Tycoon 2FA, a phishing-as-a-service platform responsible for 62% of phishing attempts blocked by Microsoft and affecting 96,000 victims worldwide.

more#phishing-as-a-service

Information security

How phishing service Tycoon 2FA went under

fromnews.bitcoin.com

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

Scanning that QR code can leave you vulnerable. Here's how to protect yourself

QR codes are two-dimensional images with glyphs of various sizes that store not just numbers, but text. When scanned, your phone extracts the encoded information and can act on it. For example, QR codes often embed URLs, allowing you to scan, say, a parking meter to launch a webpage where you can pay online.

Privacy technologies

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

fromPCWorld

Phishing scammers weaponize ICE ragebait

The email seen by at least some customers of the Emma email platform was a phishing scam. Hackers hoped to inspire instant panic with the words, 'As part of our commitment to supporting U.S. Immigration and Customs Enforcement (ICE), we will be adding a Support ICE donation button to the footer of every email sent through our platform.'

Information security

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Many Windows authentication paths bypass MFA protections, allowing attackers to compromise networks using valid credentials despite MFA deployment on cloud applications.

fromComputerworld

OAuth phishers make 'check where the link points' advice ineffective

Attackers use phishing emails with malicious OAuth links containing broken parameters to redirect users to attacker-controlled destinations through legitimate identity providers.

Microsoft OAuth scams abuse redirects for malware delivery

Microsoft warns of ongoing OAuth abuse scams using phishing emails and URL redirects to deliver malware and compromise organizational devices, primarily targeting government and public-sector entities.

fromSecuritymagazine

What You Need to Know About the New LinkedIn Phishing Scheme

Attackers post LinkedIn-style comments claiming account restrictions to trick users into clicking lnkd.in links that lead to credential-harvesting pages.

fromwww.socialmediatoday.com

Google Says That Scam Tactics Are Evolving Through AI Usage

AI tools dramatically enhance attackers' productivity, enabling more convincing phishing, model-extraction corporate espionage, and nation-state use for technical research and targeted campaigns.

Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign

Over 150 coordinated cloned law-firm websites impersonate firms to re-victimize fraud victims by offering free asset recovery and evading takedowns.

fromDataBreaches.Net