Paragon is an Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is the name of its product. Citizen Lab caught it spying on multiple European journalists with a zero-click iOS exploit: On April 29, 2025, a select group of iOS users …
This is news : A data broker owned by the country’s major airlines, including Delta, American Airlines, and United, collected U.S. travellers’ domestic flight records, sold access to them to Customs and Border Protection (CBP), and then as part of the contract told CBP to not reveal where …
Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it's investigating the abuse, which allows Meta …
The only links are from The Daily Mail and The Mirror, but a marital affair was discovered because the cheater was recorded using his smart toothbrush at home when he was supposed to be at work. [...]
Signal Messenger is warning the users of its Windows Desktop version that the privacy of their messages is under threat by Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store almost everything a user does every three seconds. Effective immediately, Signal for Windows …
The world has been abuzz for weeks now about the inclusion of a journalist in a group message of senior White House officials discussing plans for a military strike. In that case, the breach was the result of then-National Security Advisor Mike Waltz accidentally adding The Atlantic Editor-in-Chief Jeffrey …
Sooner or later, it’s going to happen. AI systems will start acting as agents, doing things on our behalf with some degree of autonomy. I think it’s worth thinking about the security of that now, while its still a nascent idea. In 2019, I joined Inrupt, a …
Two essays were just published on DOGE’s data collection and aggregation, and how it ends with a modern surveillance state. It’s good to see this finally being talked about. [...]
The company doesn’t keep logs, so couldn’t turn over data : Windscribe, a globally used privacy-first VPN service, announced today that its founder, Yegor Sak, has been fully acquitted by a court in Athens, Greece, following a two-year legal battle in which Sak was personally charged in connection …
Security and privacy advocates are girding themselves for another uphill battle against Recall, the AI tool rolling out in Windows 11 that will screenshot, index, and store everything a user does every three seconds. When Recall was first introduced in May 2024, security practitioners roundly castigated it for creating …
In “ Secrets and Lies ” (2000), I wrote: It is poor civic hygiene to install technologies that could someday facilitate a police state. It’s something a bunch of us were saying at the time, in reference to the vast NSA’s surveillance capabilities. I have been thinking of that …
Join a loyalty scheme and you often get a reward or discount on your special day – but it may have strings attached Celebrating your birthday isn’t just about getting presents and cards from family and friends. Signing up to loyalty schemes and newsletters can give you access to …
2006 AT&T whistleblower Mark Klein has died. [...]
The EFF has created an open-source hardware tool to detect IMSI catchers: fake cell phone towers that are used for mass surveillance of an area. It runs on a $20 mobile hotspot. [...]
Apple says removal of tool after government asked for right to see data will make iCloud users more vulnerable Business live – latest updates Apple has taken the unprecedented step of removing its strongest data security tool from customers in the UK, after the government demanded “backdoor” access to user …
The EFF has released its Atlas of Surveillance, which documents police surveillance technology across the US. [...]
The Washington Post is reporting that the UK government has served Apple with a “technical capability notice” as defined by the 2016 Investigatory Powers Act, requiring it to break the Advanced Data Protection encryption in iCloud for the benefit of law enforcement. This is a big deal, and something …
A little over two weeks ago, a largely unknown China-based company named DeepSeek stunned the AI world with the release of an open source AI chatbot that had simulated reasoning capabilities that were largely on par with those from market leader OpenAI. Within days, the DeepSeek AI assistant app …
As many of us celebrated the year-end holidays, a small group of researchers worked overtime tracking a startling discovery: At least 33 browser extensions hosted in Google’s Chrome Web Store, some for as long as 18 months, were surreptitiously siphoning sensitive data from roughly 2.6 million devices …
Lukasz Olejnik writes about device fingerprinting, and why Google’s policy change to allow it in 2025 is a major privacy setback. [...]
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. [...]
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. [...]
Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. [...]