Geek-Guy.com

Category: privacy

Protect your digital footprint with the latest privacy news, data protection tips, and anonymity tools. Geek-Guy tracks the threats to your online rights.

AI, Apps, Compliance, Cybersecurity, Global Security News, malware, Network Security, privacy, Risk Management

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

A malicious Hugging Face repository posing as an OpenAI release delivered infostealer malware to Windows systems and logged 244,000 downloads before being removed, raising fresh concerns about how enterprises source and validate AI models from public repositories. The repository, named Open-OSS/privacy-filter, impersonated OpenAI’s legitimate Privacy Filter release, copied its model card almost word-for-word, and included…

Read more →

Global Security News, privacy

Instagram messaging encryption removed, and privacy advocates are pushing back

After introducing optional end-to-end encrypted messaging in 2023, Instagram announced in March 2026 that encryption for direct messages would be discontinued, and the feature was removed on May 8. The change allows Instagram to access direct message content, including images, videos, and voice notes. “If you have chats that are affected by this change, you…

Read more →

AI, Global Security News, privacy

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire

Read more →

AI, Compliance, Global Security News, Government & Policy, privacy

Instagram removed end-to-end encryption for DMs. What should users do?

Instagram removes direct messages (DM) end-to-end encryption May 8, 2026, letting Meta access chats. Users should download backups amid privacy concerns and U.S. law pressure. Starting May 8, 2026, Instagram users who previously enabled end-to-end encryption in direct messages will lose that protection, marking a significant shift in how private conversations are handled on the…

Read more →

AI, Global Security News, privacy, Risk Management

Mental health apps are collecting more than emotional conversations

People use mental health apps to talk about depression, trauma and suicidal thoughts in moments they may not share with anyone else. Many users likely assume those conversations carry protections similar to therapy sessions. In reality, mental health apps operate without the same confidentiality and privacy standards that govern licensed therapists. A new academic study…

Read more →

AI, Data Breaches, Global Security News, privacy

LinkedIn illegally blocking free accounts from seeing ‘who’s viewed your profile’ data, group alleges

A LinkedIn feature that allows paid subscribers to view a list of visitors to their profile should be made available to all EU users free of charge to comply with the region’s General Data Protection Regulation (GDPR), a legal complaint launched by the None of Your Business (NOYB) digital rights group has claimed. Filed this…

Read more →

AI, Data Breaches, Global Security News, privacy

LinkedIn illegally blocking free accounts from seeing ‘who’s viewed your profile’ data, group alleges

A LinkedIn feature that allows paid subscribers to view a list of visitors to their profile should be made available to all EU users free of charge to comply with the region’s General Data Protection Regulation (GDPR), a legal complaint launched by the None of Your Business (NOYB) digital rights group has claimed. Filed this…

Read more →

AI, Cloud Security, Compliance, Global Security News, privacy, Risk Management

AWS achieves SNI 27017, SNI 27018, and SNI 9001 certifications for the AWS Asia Pacific (Jakarta) Region

Amazon Web Services (AWS) achieved three Standar Nasional Indonesia (SNI) certifications for the AWS Asia Pacific (Jakarta) Region: SNI ISO/IEC 27017:2015, SNI ISO/IEC 27018:2019, and SNI ISO 9001:2015. SNI represents Indonesia’s national standards framework, comprising standards that are broadly applicable across industries within the country. These certifications further demonstrate that AWS services meet nationally recognized…

Read more →

AI, Data Security, Exploits, Global Security News, privacy

WWDC 2026: How Apple can take a great leap in AI

Apple’s Worldwide Developer Conference (WWDC) takes place in just a few weeks. Everyone expects the company to explain its approach to AI deployment on its platforms. With that in mind, here’s what several months of speculation suggest Apple will announce, though the details remain to be disclosed. Apple is investing billions of dollars in these plans; R&D spending…

Read more →

AI, Apps, china, Compliance, Cybersecurity, Data Breaches, Data Security, Europe, Global Security News, Government & Policy, privacy, Risk Management

Ten years later, has the GDPR fulfilled its purpose?

This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation, which became mandatory for all companies beginning on May 25, 2018. The aim of the GDPR was simple, but important: to improve individuals’ control over their personal data. This regulation replaced Directive 95/46/EC with the clear purpose of unifying data…

Read more →

AI, Cloud Security, Compliance, Global Security News, privacy, Risk Management

New compliance guide available: ISO/IEC 42001:2023 on AWS

We have released our latest compliance guide, ISO/IEC 42001:2023 on AWS, which provides practical guidance for organizations designing and operating an Artificial Intelligence Management System (AIMS) using AWS services. As organizations deploy AI and generative AI workloads in the cloud, aligning with globally recognized standards such as ISO/IEC 42001:2023 becomes an important step toward strengthening…

Read more →

AI, APAC, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management

How CISOs Reduce Cyber Risk with MITRE ATT&CK 

Nowadays CISOs face escalating threats that outpace traditional defenses. The strategy is evolving from compliance-driven checklists to a threat-informed approach. MITRE ATT&CK provides a globally accessible knowledge base of real-world adversary tactics, techniques, and procedures (TTPs), enabling organizations to understand, prioritize, and counter actual attacker behaviors rather than abstract controls.  This shift helps align security efforts with business…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Network Security, privacy

News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market

CAMBRIDGE, Mass., May 5, 2026, CyberNewswire—LuxSci, a leading provider of HIPAA compliant secure healthcare communications, today announced the launch of LuxSci Secure High Volume Email for mid-sized healthcare organizations, the industry’s trusted HIPPA-compliant email solution now packaged and priced for mid-size healthcare organizations. Regional health systems, health plans, specialty group practices, urgent care networks, and…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management

New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know

A new large-scale phishing campaign is targeting U.S. organizations with fake event invitations that lead to credential theft, OTP interception, or RMM tool installation. ANY.RUN researchers found that the campaign uses a repeatable phishing framework to create event-themed lure pages at scale. Some pages steal email credentials and OTP codes, while others deliver legitimate remote…

Read more →

AI, Apps, Cybersecurity, Global Security News, privacy, Risk Management

Microsoft, Google push AI agent governance into enterprise IT mainstream

Microsoft and Google are adding new controls for AI agents, as enterprise IT teams try to keep up with tools that can access corporate data and act across business applications. Microsoft’s Agent 365, made generally available for commercial customers on May 1, is designed to help organizations discover, govern, and secure AI agents, including those…

Read more →

AI, china, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management, Russia

Security Affairs newsletter Round 575 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Two US cybersecurity experts sentenced in ransomware case, third awaits July ruling Trellix discloses the breach…

Read more →

AI, Apps, Global Security News, Network Security, privacy

Open-source privacy proxy masks PII before prompts reach external AI services

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an open-source local gateway that detects and masks personally identifiable information before requests leave the network. The tool…

Read more →

AI, Cloud Security, Cybersecurity, Europe, Global Security News, Government & Policy, privacy, Risk Management

Bank regulator sounds warning over cybersecurity threat posed by AI models

Frontier AI models inspired by Anthropic’s Claude Mythos could arm attackers with advanced capabilities that the banking sector is ill equipped to cope with, Australia’s financial regulator, the Australian Prudential Regulation Authority (APRA), has warned. In a letter addressed to the country’s financial sector this week, the body lays out how the arrival of Claude…

Read more →

AI, Compliance, Global Security News, Politics, privacy

Congress kicks the can down the road on surveillance law (again)

Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension. The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically…

Read more →

AI, Cybersecurity, Global Security News, privacy

Agent’s claims on WhatsApp access spark security concerns

A US agent claimed WhatsApp encryption is fake and Meta can access messages; the probe was abruptly shut, raising security concerns. A US agent claimed WhatsApp encryption is fake, alleging Meta accesses all unencrypted messages, but Commerce Department abruptly shut the probe, leaving leaders questioning if consumer apps are safe for sensitive business decisions. In…

Read more →

AI, Compliance, Data Breaches, Europe, Exploits, Global Security News, privacy, Risk Management

Meta accused of violating DSA by failing to safeguard minors

The European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of violating child safety rules. Instagram and Facebook allegedly failed to prevent children under 13 from accessing their platforms. According to the Commission, Meta did…

Read more →

AI, Apps, Global Security News, privacy, Risk Management

Designing trust and safety into Amazon Bedrock powered applications

Generative AI brings promising innovation, transforming how individuals and organizations approach everything from customer service to content creation and more. As AI continues to expand its capabilities, organizations are increasingly focused on how they can integrate the responsible AI concepts into the development lifecycle of their AI applications. Research from Accenture and Amazon Web Services…

Read more →

AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management

7 Best Network Security Tools to Use in 2026

This guide is for IT professionals, security teams, and business leaders looking to strengthen network defenses in 2026. It covers the best network security tools to protect data and help reduce overall organizational risk. Network security tools incorporate hardware and software technologies, methods, and policies to preserve network integrity and prevent potential breaches. These tools…

Read more →

AI, Compliance, Cybersecurity, Global Security News, Government & Policy, Network Security, privacy

Best AI Deepfake and Scam Detection Tools for Security in 2026

This guide is for security professionals, IT teams, and anyone concerned about AI-driven fraud who wants to detect deepfakes and scams in 2026. It covers some of the best tools available to identify fake videos, audio, and synthetic content. You can fake a video. You can clone a voice. You can even generate a “live”…

Read more →

AI, Compliance, Cybersecurity, Endpoint, Europe, Global Security News, Government & Policy, malware, privacy, Risk Management

Phishing-to-RMM Attacks: The Remote Access Blind Spot CISOs Can’t Ignore 

CISOs are under pressure to prove that their security programs can detect threats early, reduce business risk, and support fast, confident response. But that becomes harder when attackers stop relying on obviously malicious tools. In recent phishing-to-RMM campaigns observed by ANY.RUN analysts, threat actors are using fake Microsoft, Adobe, and OneDrive pages to deliver legitimate…

Read more →

AI, Apps, Compliance, Data Breaches, Global Security News, Network Security, privacy, Risk Management

Securing RAG pipelines in enterprise SaaS

In the enterprise SaaS space, AI agents are becoming an integral part of the SaaS product. To make these intelligent agents truly useful, they need contextual, customer-specific knowledge, something standard Large Language Models (LLMs), open source or otherwise, inherently lack since they are not trained on customer proprietary data. Retrieval-Augmented Generation (RAG) is the bridge…

Read more →

AI, APAC, Europe, Global Security News, privacy

U.S. companies hit with record fines for privacy in 2025

U.S. states issued $3.45 billion in privacy-related fines to companies in 2025, a total larger  than the last five years combined, according to research and advisory firm Gartner. The increase is partly driven in part by stronger, more established privacy laws in states like California, new interstate partnerships built around enforcing laws across state lines,…

Read more →

AI, Global Security News, Government & Policy, privacy

Supreme Court justices skeptically question both sides in geofence surveillance case

Supreme Court justices lobbed sharp questions at both sides about the constitutionality of geofence warrants during oral arguments Monday in a case that could have broader implications for law enforcement collection of Americans’ data. Chatrie v. The United States stems from the 2019 conviction of Okello Chatrie in a bank robbery, where authorities obtained location…

Read more →

AI, Apps, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Europe, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management

Best Zero Trust Security Solutions in 2026

This guide is targeted toward IT and security teams looking to get more granular access control and reduce implicit trust across applications and systems in 2026. It introduces zero trust and top zero trust solutions. A presidential executive order mandating a zero trust strategy for federal agencies has raised the profile of the cybersecurity technology…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy

The Best VPNs for Small Businesses on a Budget in 2026

One wrong click. One rogue Wi-Fi connection. One stolen credential. That’s all it takes for a cybercriminal to breach your small business. And while you may not have an enterprise-sized budget, you still have plenty to lose: sensitive data, client trust, even your reputation. That’s where a virtual private network (VPN) comes in. A VPN…

Read more →

AI, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, privacy

LINKEDIN BROWSERGATE

BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate is an investigation conducted by Fairlinked (https://browsergate.eu/), an association of commercial LinkedIn users, which documents what it describes as one of the largest data breach and corporate espionage scandals in digital history. The central thesis:…

Read more →

AI, Exploits, Global Security News, privacy, Risk Management

Firefox bug CVE-2026-6770 enabled cross-site tracking and Tor fingerprinting

CVE-2026-6770 let attackers fingerprint Firefox and Tor users, even in Private mode. Firefox 150 and Tor Browser 15.0.10 fixed it. A vulnerability, tracked as CVE-2026-6770, allowed attackers to fingerprint Firefox users, even in Private Browsing, and also impacted the Tor Browser. The flaw worked even when Tor’s New Identity feature was used, bypassing protections meant…

Read more →

AI, Apps, Compliance, Global Security News, Network Security, privacy

Top 6 Remote Desktop Software Solutions Compared

Remote desktop software enables businesses and IT professionals to access and manage computers and devices from remote locations, ensuring seamless operations from anywhere. The most effective solutions offer features like unattended access, secure file transfer, multi-monitor support, cross-platform compatibility, and real-time collaboration. To help you find the best fit, we’ve compared the leading options on…

Read more →

AI, Compliance, Global Security News, Government & Policy, privacy, Risk Management

Meta, Roblox and TikTok claim to UK Parliament that their platforms are are not additive to children and that Australian under 16 ban will fail

The claim from Meta, Roblox and TikTok  that  Australia’s under-16 social media ban is “not really enforceable” has now moved from industry talking point to parliamentary record, following testimony before the UK’s Education Committee in April. But beneath the predictable pushback from Meta, TikTok and Roblox lies a more complex—and more uncomfortable—reality for policymakers on…

Read more →

AI, Compliance, Data Breaches, Global Security News, privacy, Risk Management

New US House privacy bills raise hard questions about enterprise data collection

US House Republicans have introduced two major privacy proposals that would reshape how US companies collect, process, and retain consumer data: the SECURE Data Act for general consumer privacy and the GUARD Financial Data Act for financial institutions. The bills would create national standards for privacy and security practices while broadly preempting many state privacy…

Read more →

AI, Apps, Global Security News, Government & Policy, Network Security, Politics, privacy, Risk Management

Palantir Is Helping Trump’s IRS Conduct “Massive-Scale” Data Mining

military contractor Palantir is helping the IRS analyze dozens of different data sets on Americans to investigate a broad range of financial crimes, according to records shared with The Intercept. Since 2018, the Internal Revenue Service’s Criminal Investigation division has used Palantir’s Lead and Case Analytics platform to aggregate and analyze a sprawling list of…

Read more →

Global Security News, privacy

A study of 1,000 Android apps finds a privacy policy logging gap

Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in production. Legal and privacy teams, working from templates and regulatory checklists, draft policies describing what the app collects from users. These two workflows rarely intersect inside the same company. A new study…

Read more →

AI, Cybersecurity, Exploits, Global Security News, privacy

AI threats in the wild: The current state of prompt injections on the web

Posted by Thomas Brunner, Yu-Han Liu, Moni Pande At Google, our Threat Intelligence teams are dedicated to staying ahead of real-world adversarial activity, proactively monitoring emerging threats before they can impact users. Right now, Indirect Prompt Injection (IPI) is a top priority for the security community, anticipating it as a primary attack vector for adversaries…

Read more →

AI, Apps, Exploits, Global Security News, privacy

iOS Flaw Let Deleted Notifications Linger, Apple Issues Fix

Apple fixed an iOS flaw that kept deleted notifications on devices, allowing recovery of messages, including from apps like Signal. Apple released updates for iOS and iPadOS to address the vulnerability CVE-2026-28950, a flaw in Notification Services that stored notifications even after deletion. This logging issue could allow recovery of sensitive data, including messages from…

Read more →

AI, Compliance, Exploits, Global Security News, Network Security, privacy, Risk Management

CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data

Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction.…

Read more →

AI, Compliance, Europe, Global Security News, privacy

GDPR works, but only where someone enforces it

A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South Africa, South Korea, Spain, and California. The results show that European privacy law does…

Read more →

AI, Cybersecurity, Exploits, Global Security News, privacy

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…

Read more →

AI, Cybersecurity, Exploits, Global Security News, privacy

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…

Read more →

AI, Cybersecurity, Exploits, Global Security News, privacy

Claude Mythos signals a new era in AI-driven security, finding 271 flaws in Firefox

The Claude Mythos Preview appears to be living up to the hype, at least from a cybersecurity standpoint. The model, which Anthropic rolled out to a small group of users, including Firefox developer Mozilla, earlier this month, has discovered 271 vulnerabilities in version 148 of the browser. All have been fixed in this week’s release…

Read more →

AI, china, Compliance, Data Security, Exploits, Global Security News, Government & Policy, privacy, Risk Management, Russia

House Republicans roll out national privacy bill

House Republicans unveiled on Wednesday Congress’ latest effort to tackle comprehensive digital privacy legislation for Americans. The Secure Data Act would allow consumers to opt out of data collection for individual businesses for the purposes of targeted advertising, selling to third parties or for use in automated decisionmaking. It would also require companies to inform…

Read more →

AI, Global Security News, privacy

Google’s Workspace Intelligence promises privacy while running on your data

Security and data governance are among the key considerations in Google’s latest AI update, which introduces Workspace Intelligence within Google Workspace. Google describes the feature as “a secure, dynamic system that inherently understands complex semantic relationships within your Workspace apps (such as Docs, Slides, or Gmail) content, your active projects, your collaborators, and your organization’s…

Read more →

AI, Cybersecurity, Global Security News, Network Security, privacy

5 Best Free VPNs You Can Trust in 2026 (And the Premium Trials Worth Trying)

This guide is for everyday users, remote workers, and privacy-conscious professionals who want to stay secure online without paying upfront, and it highlights the best free VPNs in 2026 you can trust along with premium trials worth testing before committing. Free Wi-Fi at the airport. A coffee shop hotspot. Even your home network. Every time…

Read more →

AI, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, privacy

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol (MCP), the fast-growing standard for connecting AI agents to external services, inherits that gap from the models it sits on top of. Its central…

Read more →

AI, Compliance, Europe, Global Security News, privacy, Risk Management

Meta to track employee keystrokes, screen activity to train AI agents

Meta plans to track US employees’ mouse movements, clicks, keystrokes, and screen activity to train workplace AI agents, according to Reuters, offering an early look at how far major tech companies may go to build systems that can automate knowledge work. The company plans to do so through a tool called Model Capability Initiative, or…

Read more →

AI, Global Security News, privacy

Apple Intelligence flaw kept stolen tokens reusable on another device

Apple claims that Apple Intelligence, a GenAI service provided on its operating systems, is designed with an extra focus on user security and privacy through a two-stage authentication and authorization system using anonymous access tokens. However, researchers from The Ohio State University have identified vulnerabilities in this design, demonstrated on macOS 26.0 (Tahoe), that allow…

Read more →

AI, Cloud Security, Compliance, Cybersecurity, Global Security News, privacy, Risk Management

Winter 2025 SOC 1 report is now available with 184 services in scope

Amazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 184 services over the 12-month period from January 1, 2025 – December 31, 2025, giving customers a full year of assurance. This report demonstrates our continuous commitment to adhering to…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, Network Security, privacy, Risk Management

[Guest Diary] Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident, (Wed, Apr 22nd)

[This is a Guest Diary by L. Carty, an ISC intern as part of the SANS.edu Bachelor’s Degree in Applied Cybersecurity (BACS) program [1].] Introduction A few weeks ago, my honeypot logged an incident that changed how I think about modern attacks. A threat actor broke into my system using weak SSH credentials and immediately…

Read more →

AI, Global Security News, privacy

OpenAI’s Chronicle feature lets Codex read your screen, raising privacy concerns

OpenAI’s Chronicle is a feature designed to help Codex, an AI-powered coding assistant, better understand what users are working on by capturing context directly from their screens. It uses recent screen activity to build memories, allowing Codex to interpret references, identify relevant sources, and pick up on the tools and workflows users rely on, without…

Read more →

AI, Apps, Global Security News, Network Security, privacy, Risk Management

Why identity is the driving force behind digital transformation

Identity centric technologies have undergone a significant transformation in recent times. Gone are the days when it was all about logging in and out of any given system. Today, identity has become the backbone of all digital enterprises. It’s the ‘invisible engine’ that powers everything. From security to how modern-day products are sold. Today’s Identity…

Read more →

AI, Compliance, Global Security News, privacy, Risk Management

The FTC’s AI portfolio is about to get bigger

The Federal Trade Commission is poised to deepen its involvement in curbing the use of AI for malicious purposes, including the spread of nonconsensual sexualized deepfakes and voice cloning scams. Last year, Congress passed the Take It Down Act, a law that allowed for criminal prosecution of individuals who share or distribute nonconsensual, intimate images…

Read more →

AI, Data Breaches, Exploits, Global Security News, Network Security, privacy, Risk Management

World ID expands its ‘proof of human’ vision for the AI era

Identity management is a critical concern for any enterprise, and it’s becoming ever more complex and convoluted with the advent of AI agents. World ID is taking a unique (and to some, controversial) approach to this challenge by building a ‘digital proof of human’ ecosystem for the internet. Today, at its “Lift Off” event, the…

Read more →

AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management

Microsoft’s Patch Tuesday release for April is a whopper

Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild.  The Readiness team is recommending “Patch Now” schedules…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Politics, privacy, Risk Management

The surveillance law Congress can’t quit — and can’t explain

Congress is grappling with renewal of a surveillance law set to expire at the end of this month that critics say is a mystery on how much of a difference it has made for controversial government spying authorities — for better or worse. The 2024 law reauthorized so-called Section 702 powers of the Foreign Intelligence…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, privacy, Risk Management

Social media bans might steer kids into riskier corners of the internet

Governments are moving to block children under 16 from social media in the name of safety. But once these measures move from policy to practice, they raise a harder question: what happens when protecting kids requires collecting more data than ever before and may put them at greater risk? Age checks spark debate over privacy…

Read more →

AI, Europe, Funding, Global Security News, privacy, Risk Management

Google should share search data to break its monopoly, European Commission suggests

The European Commission this week requested, but did not order Google to allow third party search engines in Europe access to its search data as a means to comply with the Digital Markets Act (DMA), legislation the Commission describes as a law designed to “make the markets in the digital sector fairer and more contestable.” Google…

Read more →

AI, Apps, Data Breaches, Endpoint, Global Security News, malware, privacy, Risk Management

Here’s What Agentic AI Can Do With Have I Been Pwned’s APIs

I love cutting-edge tech, but I hate hyperbole, so I find AI to be a real paradox. Somewhere in that whole mess of overnight influencers, disinformation and ludicrous claims is some real “gold” – AI stuff that’s genuinely useful and makes a meaningful difference. This blog post cuts straight to the good stuff, specifically how…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, privacy, Risk Management

Microsoft’s Windows Recall still allows silent data extraction

Microsoft’s Windows Recall feature remains vulnerable to complete data extraction despite a major security overhaul, according to a cybersecurity researcher who says malware running in a user’s context can quietly siphon off everything Recall has captured, without administrator privileges, kernel exploits, or breaking encryption. Alexander Hagenah, executive director at Zürich-based financial infrastructure operator SIX Group,…

Read more →

AI, Cybersecurity, Exploits, Global Security News, malware, privacy, Risk Management

Microsoft’s Windows Recall still allows silent data extraction

Microsoft’s Windows Recall feature remains vulnerable to complete data extraction despite a major security overhaul, according to a cybersecurity researcher who says malware running in a user’s context can quietly siphon off everything Recall has captured, without administrator privileges, kernel exploits, or breaking encryption. Alexander Hagenah, executive director at Zürich-based financial infrastructure operator SIX Group,…

Read more →

AI, Cybersecurity, Data Breaches, Global Security News, privacy, Risk Management

Ghost breaches: How AI-mediated narratives have become a new threat vector

A company wakes up to a news story claiming it has suffered a major data breach. The details are specific, technical and convincing. But the breach didn’t happen. No systems were compromised. No data was taken. A language model generated the entire story, filling in plausible details from scratch. And before the company can figure…

Read more →

AI, Global Security News, Government & Policy, privacy, Risk Management

Anthropic tests user trust with ID and selfie checks for Claude

Anthropic announced identity verification for Claude using government ID and selfie checks, becoming the first major AI chatbot to do so, a move that may prove unpopular with users. Having built its reputation around privacy in the AI race, Anthropic risks undermining its positioning, as competitors such as OpenAI’s ChatGPT and Google’s Gemini do not…

Read more →

Global Security News, Network Security, privacy

Wi-Fi roaming security practices for access network providers and identity providers

Public Wi-Fi roaming networks carry authentication credentials across multiple administrative boundaries, and the protocols governing that process vary widely in their security properties. The Wireless Broadband Alliance published a set of guidelines that specifies which authentication, encryption, and credential-handling practices operators should apply to networks running Passpoint and OpenRoaming. “What this work shows is that,…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Data Security, Funding, Global Security News, Network Security, privacy, Risk Management, Venture

News Alert: NTT Research launches SaltGrain—advanced Attribute-Based Encryption security

SUNNYVALE, Calif., Apr. 15, 2026 – NTT Research, Inc., a division of NTT (TYO:9432), today announced the launch of Scale Academy, a startup incubator responsible for bringing to market products and services based upon technologies studied within the labs of NTT Research and NTT R&D. NTT Research also revealed Scale Academy’s first product, SaltGrain, a zero-trust data security suite…

Read more →

AI, Compliance, Global Security News, privacy

Webinar: The IT Leader’s Guide to AI Governance

Generative AI is moving from experimentation to everyday enterprise use, often faster than governance models were designed to support. As adoption accelerates, organizations are navigating the evolving landscape with new questions around security, data privacy, compliance, and control, all while being asked to enable innovation at speed. This 30 to 35-minute conversation offers practical perspectives…

Read more →

AI, APAC, Compliance, Cybersecurity, Global Security News, malware, privacy, Risk Management

Chile’s Cybersecurity Framework Law: How SOCs Achieve Compliance and Response Readiness

In Chile, cybersecurity compliance is becoming an operational issue, not just a legal one. Under the new Cybersecurity Framework Law, organizations must show they have real capabilities for threat detection, incident analysis, and response. For many teams, that exposes a serious gap between regulatory expectations and day-to-day security operations.  Key Takeaways  Chile’s Cybersecurity Framework Law…

Read more →

AI, Apps, Compliance, Global Security News, malware, Network Security, privacy, Risk Management

Aura Business Debuts BYOD Security Solution for MSPs

AI-powered online safety platform Aura has introduced a new business security solution to help shrink the unmanaged device gap that exists in today’s security stacks. The new identity-centric bring your own device solution built for MSPs Aura Business for MSPs is a new identity-centric BYOD security solution designed to protect businesses and employees.  It allows…

Read more →