#dns-blocking
#dns-blocking

Information security

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

fromnews.bitcoin.com

Cryptocurrency

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

7 hours ago

Information security

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

A critical zero-day vulnerability in Adobe Acrobat Reader is actively exploited, alongside state-sponsored cyber threats targeting U.S. infrastructure.

Silicon Valley

The Dumbest Hack of the Year Exposed a Very Real Problem

A cyberattack in Silicon Valley exploited weak passwords to spoof crosswalk button recordings with voices of tech CEOs, raising security concerns.

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

7 hours ago

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

A cluster of 108 malicious Chrome extensions collects user data and injects ads, compromising browser security.

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

First they went after medtech, then Kash Patel. Iranian hackers' next target is likely 'low-hanging fruit' in water, energy, and tourism, experts say | Fortune

Iran-linked hackers are targeting high-profile figures and critical infrastructure in the U.S. and Israel to sow disruption.

more#cybersecurity

EU data protection

fromComputerWeekly.com

16 hours ago

UK reliance on US big tech companies is 'national security risk', claims report | Computer Weekly

The UK is at risk due to over-reliance on US tech companies for critical infrastructure, impacting national security.

How Google's removal tools work for SEO and reputation management | MarTech

Google provides removal tools for search results that are often misunderstood and underused.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

fromMarTech

4 hours ago

How Google's removal tools work for SEO and reputation management | MarTech

Google provides removal tools for search results that are often misunderstood and underused.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

more#google

4 hours ago

Mirax Android RAT Turns Devices into SOCKS5 Proxies, Reaching 220,000 via Meta Ads

Mirax integrates advanced Remote Access Trojan (RAT) capabilities, allowing threat actors to fully interact with compromised devices in real time, enhancing its operational value significantly.

Roam Research

fromArs Technica

19 hours ago

Your tech support company runs scams. Stop-or disguise with more fraud?

Tech Live Connect processed fraudulent charges using real customer data, including names and addresses, to make the charges appear legitimate and maintain a low chargeback ratio.

Privacy professionals

Software development

21 hours ago

This Linux distro offers an easy DNS switcher - but there's more to it that I like

iDealOS is a new MXLinux-based distribution offering two editions, emphasizing choice and the potential for paid Linux models.

Europe politics

Digital sovereignty isn't just a buzzword - it's the future

European governments and companies are prioritizing digital sovereignty due to concerns over US control and dependency.

DevOps

Cloudflare introduces new features for building and deploying agents

Cloudflare is transforming AI development with Dynamic Workers, Sandboxes, and Artifacts for secure, scalable, and efficient code execution.

US politics

The Internet's Most Powerful Archiving Tool Is in Peril

US media companies are restricting the Wayback Machine's ability to archive their content, despite benefiting from its preservation of information.

France politics

France's digital agency dumping Windows desktops for Linux

France's DINUM will replace Windows with Linux to reduce dependence on American technology.

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

EU data protection

These are the countries moving to ban social media for children | TechCrunch

Countries are implementing social media bans for children to address risks like cyberbullying and mental health issues.

Digital life

fromwww.dw.com

2 days ago

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

EU data protection

These are the countries moving to ban social media for children | TechCrunch

Countries are implementing social media bans for children to address risks like cyberbullying and mental health issues.

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

fromwww.npr.org

US news

How AI is getting better at finding security holes

19 hours ago

Information security

Runtime security becomes critical as AI accelerates threats

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Cloudflare, GoDaddy team up to curb AI bot brigades

Cloudflare and GoDaddy are partnering to help website owners control AI interactions with their content.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

fromwww.npr.org

US news

How AI is getting better at finding security holes

19 hours ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.

fromIntelligencer

Is the AI Cybersecurity Apocalypse Already Here?

AI models are enhancing both software development and hacking capabilities, leading to a race for improved coding tools and security measures.

Cloudflare, GoDaddy team up to curb AI bot brigades

Cloudflare and GoDaddy are partnering to help website owners control AI interactions with their content.

fromwww.independent.co.uk

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

UK politics

Tech bosses could face jail for failing to remove revenge porn from websites

New government proposals aim to hold tech executives accountable for failing to remove revenge porn from their platforms.

Media industry

fromTechdirt

Intellectual property law

Someone Filed a Bogus DMCA Notice to Kill a Story About A Sketchy SEO Firm. It Worked - Briefly.

The DMCA's notice-and-takedown system encourages abuse, prioritizing speed over accuracy and allowing censorship by those with dishonest intentions.

Comparison Shopping Is Not a (Computer) Crime

AI tools can help consumers find better prices, but Amazon is attempting to block them using legal claims.

Deliverability

How a burner email can protect your inbox - setting one up one is easy and free

A burner email address protects against spam and phishing by providing a temporary, disposable option for account creation.

Parenting

fromComputerWeekly.com

Tech can't wait for regulation to protect children online | Computer Weekly

Harmful online content for children results from profit-driven algorithms, not parenting or education failures.

22 hours ago

Hot Off the Press: EFF's Updated Guide to Tech at the US-Mexico Border

"The Battalion Search and Rescue always carries the Electronic Frontier Foundation's zine in our desert rig. We're finding new surveillance all the time, and without a resource like that, we wouldn't know what the hell we're looking at."

Roam Research

BrowserGate: Claims of LinkedIn 'Spying' Clash With Security Research Findings

LinkedIn allegedly scans users' computers to collect data on browser extensions, raising concerns about corporate espionage.

US politics

fromwww.theguardian.com

fromPrivacy International

The Guardian view on AI politics: US datacentre protests are a warning to big tech | Editorial

Voters across the political spectrum are uniting against big tech's influence, particularly regarding AI datacentres and their environmental impact.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

Software development

fromThe Verge

Little Snitch's software counter surveillance jumps from Mac to Linux

Little Snitch for Linux offers network monitoring but is not a security tool, revealing fewer connections than on macOS.

#cloudflare

from24/7 Wall St.

The Real Reason Cloudflare Is Down 11% Today Has Nothing to Do With Insider Selling

Insider selling at Cloudflare is routine and does not indicate trouble; the real concern is competition from Anthropic's new AI offerings.

Media industry

Why Cloudflare is protecting publishers from content piracy

Cloudflare is implementing measures to ensure AI companies pay for original content instead of using it for free.

from24/7 Wall St.

The Real Reason Cloudflare Is Down 11% Today Has Nothing to Do With Insider Selling

Insider selling at Cloudflare is routine and does not indicate trouble; the real concern is competition from Anthropic's new AI offerings.

Media industry

Why Cloudflare is protecting publishers from content piracy

Cloudflare is implementing measures to ensure AI companies pay for original content instead of using it for free.

EFF is the latest organization to leave X | TechCrunch

X's declining engagement has led the EFF to leave the platform after nearly 20 years due to significantly reduced post visibility.

Digital life

fromEarth911

Guest Idea: Why Sustainable Home Tech Choices Also Need Cybersecurity Awareness

Sustainable technology adoption is rising, but security risks of connected devices are often overlooked, impacting both environmental and digital safety.

fromHer Campus

Why Website Cookies Aren't As Sweet As They Sound

Website cookies can raise serious privacy concerns due to their role in tracking user behavior and collecting personal data.

6 hours ago

Attackers are targeting developers via Slack and Google Sites

A targeted phishing campaign exploits trust in the open-source community, tricking developers into providing credentials and installing malicious software.

The list of countries banning young teens from social media keeps getting bigger. Here's the latest

Prime Minister Kyriakos Mitsotakis announced plans to restrict social media use by age starting on January 1, 2027, citing concerns such as problems sleeping, increasing anxiety, and social media platforms' addictive designs.

EU data protection

fromPopular Science

How to stop your smart TV from tracking you

Smart TVs are capable of tracking user data, including viewing habits and app usage, which can lead to personalized advertising and content recommendations. Users may prefer to limit this tracking to protect their privacy.

Privacy technologies

fromArs Technica

Dad stuck in support nightmare after teen lied about age on Discord

Discord failed to provide adequate support for a hacked account belonging to a minor, despite knowing the user's age.

Fake Claude Website Distributes PlugX RAT

A fake Anthropic Claude website distributed a remote access trojan disguised as a legitimate application download.

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.

WireGuard VPN developer can't ship software updates after Microsoft locks account | TechCrunch

WireGuard is locked out of its Microsoft developer account, preventing critical software updates for Windows users.

Banning New Foreign Routers Mistargets Products to Fix Real Problem

The FCC has banned foreign-made routers from U.S. sale due to security concerns, impacting consumer options without effectively addressing vulnerabilities.

21 hours ago

FBI announces takedown of phishing operation that targeted thousands of victims | TechCrunch

The FBI dismantled a global phishing operation, W3LL, targeting over 17,000 victims and facilitating over $20 million in fraud.

fromArs Technica

How our digital devices are putting our right to privacy at risk

Digital convenience comes at the cost of personal data privacy, raising concerns about its potential use against individuals by law enforcement.

Android trojan linked to Cambodia following anomalous DNS spike

A banking Trojan operating from Cambodia registers 35 new domains monthly, targeting users in 21 countries and exploiting fake apps for fraud.

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

#vpn

2 weeks ago

Privacy professionals

Using a VPN May Subject You to NSA Spying

fromThe Verge

Online age checks came first - a VPN crackdown could be next

Lawmakers aim to ensure VPNs do not obstruct online age verification efforts.

fromCNET

Privacy technologies

Why I Use a VPN Even Though I Have Nothing to Hide

2 weeks ago

Using a VPN May Subject You to NSA Spying

Using commercial VPNs may expose Americans to foreign surveillance laws, risking their constitutional protections against warrantless government spying.

fromThe Verge

Online age checks came first - a VPN crackdown could be next

Lawmakers aim to ensure VPNs do not obstruct online age verification efforts.

fromCNET

Privacy technologies

Why I Use a VPN Even Though I Have Nothing to Hide

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions pose significant security risks, often overlooked, with vulnerabilities and access that can compromise enterprise networks.

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

A new variant of the Phorpiex botnet combines traditional and peer-to-peer communication, facilitating sophisticated malware operations and high-volume spam.

Evasive Masjesu DDoS Botnet Targets IoT Devices

Masjesu is a botnet targeting IoT devices for DDoS attacks, active since 2023 and primarily advertised on Telegram.

4 weeks ago

If You Don't Have One, I Recommend a Free Dark Web Monitoring Service

Dark web monitoring services track compromised data across public hacker forums and databases to alert users when their personal information appears in breaches, though most breached data is found on the clear web rather than the dark web itself.

How to delete or hide yourself from the internet - 11 effective ways (and most are free)

Digital privacy requires constant attention as personal data persists online long after deletion, affecting career, reputation, and relationships through old posts, photos, and search history exploitation.

New technology to secure undersea cables

Governments and tech companies are enhancing undersea cable security through drones, sensors, and monitoring technologies to prevent sabotage.

Do You Need an Identity Protection Service for Safe Browsing?

Identity theft protection services function as insurance products offering reactive compensation for damages rather than active prevention, with coverage details and sub-benefit caps critically affecting actual protection value.

Palo Alto Networks, SonicWall Patch High-Severity Vulnerabilities

Palo Alto Networks and SonicWall released patches for multiple vulnerabilities, including high-severity bugs that could allow unauthorized access and code execution.

Shrinking the IAM Attack Surface through Identity Visibility and Intelligence Platforms (IVIP)

Enterprise IAM faces fragmentation, leading to Identity Dark Matter and a significant gap in visibility and security oversight.

Hackers Targeting Ninja Forms Vulnerability That Exposes WordPress Sites to Takeover

A critical vulnerability in Ninja Forms allows file uploads that could lead to remote code execution on affected websites.

Internet Infrastructure TLD .arpa Abused in Phishing Attacks

Threat actors abuse the .arpa TLD infrastructure to host phishing content by exploiting DNS provider controls to add IP address records where only reverse DNS records should exist.

Russian State-Linked APT28 Exploits SOHO Routers in Global DNS Hijacking Campaign

APT28 has launched a campaign exploiting MikroTik and TP-Link routers for cyber espionage, compromising DNS settings to capture credentials since May 2025.

fromthenextweb.com

Unmasking the illusion of safety online

Personal cybersecurity responsibility is essential as cybercrime costs billions annually, with social media amplifying vulnerabilities through voluntary data sharing and AI-enabled threat analysis.

Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure

Iran has launched a hacking campaign targeting US industrial control systems, causing disruptions in critical infrastructure.

fromwww.theguardian.com

US builds website that will allow Europeans to view blocked content

US built freedom.gov to let Europeans and worldwide users access content blocked by governments, including alleged hate speech and terrorism, administered via CISA.

Half of all cyberattacks start in your browser: 10 essential tips for staying safe

Web browsers are among the top targets for today's cybercriminals, playing a role in nearly half of all security incidents, new research reveals. According to Palo Alto Networks' 2026 Global Incident Response report, an analysis of 750 major cyber incidents recorded last year across 50 countries found that, in total, 48% of cybercrime events involved browser activity. Individuals trying to connect to the web, including business employees, are exposed to cyberthreats on a daily basis.

Information security

Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Incomplete patches and trusted features enable attackers to bypass defenses, making fully patched systems and common tools frequent entry points.

Google Disrupts IPIDEA Proxy Network

Google disrupted IPIDEA's residential proxy network, reducing its available devices by millions and significantly degrading its proxy operations.