Issues

Robot Crime Could Be Rampant by 2035, Law Enforcement Warns

,

Europol warns of potential rampant robot crime by 2035 due to automation, predicting protests, riots, and hacking of AI-powered robots. The report highlights threats like drones used for attacks, urging police to prepare for criminal actions involving both humans and robots. While acknowledging some scenarios may be exaggerated, the warning illustrates the growing concerns about technology replacing humans in various sectors, leading to societal unrest.

https://www.vice.com/en/article/robot-crime-could-be-rampant-by-2035-law-enforcement-warns/

Meet the Team That Investigates When Journalists and Activists Get Hacked With Government Spyware

Access Now's Digital Security Helpline investigates government spyware hacks targeting journalists and activists. Staffed by experts from Costa Rica, Manila, and Tunisia, it assists victims by assessing potential spyware infections and offering support. The helpline has seen a surge in cases, now handling about 1,000 per year, driven by increased awareness and the proliferation of spyware. Collaborating with organizations like CiviCERT, they aim to empower civil society in navigating cybersecurity threats.

https://techcrunch.com/2025/12/27/meet-the-team-that-investigates-when-journalists-and-activists-get-hacked-with-government-spyware/

Trust Wallet Confirms Extension Hack Led to $7 Million Crypto Theft

, ,

Trust Wallet's Chrome extension was hacked on December 24, leading to $7 million in stolen cryptocurrency. Users reported wallet drain incidents post-update. Trust Wallet confirmed the issue and released a security patch (version 2.69) to resolve it, advising users to update immediately. A phishing campaign targeting affected users also emerged, prompting Trust Wallet to warn about compromised domains. Users should refrain from using version 2.68 and secure their funds by moving them to new wallets.

https://www.bleepingcomputer.com/news/security/trust-wallet-confirms-extension-hack-led-to-7-million-crypto-theft/

Meet the Man Hunting the Spies in Your Smartphone

Ronald Deibert, founder of the Citizen Lab, has worked for over two decades to uncover digital threats and abuses of power. Based at the University of Toronto, the lab is unique for its independence from government and corporate interests, focusing on public interest investigations into cyberthreats. Deibert warns that democracy, particularly in the U.S., is under threat, noting a rise in authoritarian practices. Despite risks to himself and his team, the lab's work continues to influence global human rights and cybersecurity discussions, including laying groundwork for sanctions against spyware vendors. Deibert emphasizes the importance of their mission, especially as similar research faces challenges in the U.S.

https://www.technologyreview.com/2025/12/24/1129294/ronald-deibert-citizen-lab-digital-threats-spies-cybersecurity/

100+ Cybersecurity Predictions 2026 for Industry Experts as the AI Adapted in the Wild

,

Cybersecurity Predictions 2026 highlight a major shift in threats as AI increasingly shapes cyber warfare. Over 100 expert forecasts indicate a rise in autonomous malware, identity-centric attacks, and ransomware, with ransomware victims projected to increase 40% and AI-driven attacks expected to comprise 50% of threats. Key trends include:
Autonomous AI in cyberattacks revolutionizing traditional defenses.
AI-enhanced phishing and deepfake technology complicating identity fraud.
Increased reliance on cloud systems exposing new vulnerabilities.
– Emergence of Zero Trust Architectures to counteract identity theft.
Regulatory compliance transforming into strategic business imperatives.

Organizations must adapt by embracing proactive defense strategies to measure resilience and recovery speed amidst evolving threats, asserting that future cybersecurity transcends mere IT concerns to become a core business priority.

https://cybersecuritynews.com/cybersecurity-predictions-2026/

LastPass 2022 Breach Led to Years-Long Cryptocurrency Thefts, TRM Labs Finds

LastPass's 2022 data breach allowed hackers to exploit weak master passwords, facilitating cryptocurrency thefts lasting into late 2025. TRM Labs linked these activities to Russian cybercriminals using their exchanges to launder over $35 million in stolen assets. Despite attempts to mask transactions with CoinJoin techniques, evidence revealed operational patterns leading to identifications. The breach highlights the lasting vulnerabilities of poor password security, with the U.K. fining LastPass $1.6 million for inadequate protections.

https://thehackernews.com/2025/12/lastpass-2022-breach-led-to-years-long.html

NIST, MITRE Announce $20 Million Research Effort on AI Cybersecurity

NIST and MITRE launch $20 million AI cybersecurity project, focusing on protecting critical infrastructure. Two centers established—one for manufacturing, another for AI-driven cybersecurity solutions for essential services like water and electricity. Aim: enhance U.S. tech, reduce adversarial risks, foster industry collaboration. Input from critical sectors emphasized for effective cybersecurity strategies.

https://cyberscoop.com/nist-mitre-announce-20-million-dollar-research-effort-on-ai-cybersecurity/

CISA Loses Key Employee Behind Early Ransomware Warnings

,

CISA's ransomware warning program, crucial in preventing $9 billion in damages, is jeopardized after its lead, David Stern, resigned rather than accept a reassignment. His departure raises concerns about the program's future and relationships with stakeholders, as it heavily depended on his connections and expertise. CISA asserts that the program continues, but its effectiveness may diminish without Stern's leadership.

https://www.cybersecuritydive.com/news/cisa-ransomware-warning-program-key-employee-left/808589/

New MacSync Stealer Malware Attacking macOS Users Using Digitally Signed Apps

,

New MacSync Stealer malware targets macOS users via digitally signed apps, operating silently unlike older versions. Disguised as a legitimate installer, it steals sensitive information after installation. The malware can bypass macOS security due to being signed with Apple’s Developer ID. Researchers noted a shift from requiring user action to automated processes, complicating detection. Following its identification, the malicious ID was reported and revoked by Apple.

https://cybersecuritynews.com/new-macsync-stealer-malware/

OpenAI Says AI Browsers May Always Be Vulnerable to Prompt Injection Attacks

,

OpenAI acknowledges AI browsers, like its Atlas, are perpetually at risk of prompt injection attacks, which manipulate AI to execute hidden malicious instructions. Despite efforts to enhance security, including a reinforcement learning-based automated attacker to identify flaws, prompt injections may never be fully mitigated, raising concerns about the safety of AI operation on the web. Ongoing layered defenses and user caution are recommended, yet the high access risk of these browsers poses a significant challenge.

https://techcrunch.com/2025/12/22/openai-says-ai-browsers-may-always-be-vulnerable-to-prompt-injection-attacks/

Amazon Caught North Korean IT Worker By Tracing Keystroke Data

Amazon’s Chief Security Officer, Stephen Schmidt, revealed that the company thwarted over 1,800 attempts by North Korean impostors to gain employment since April 2024. These impostors, often hired by contractors, aim to raise funds for the DPRK, including its weapons programs. Schmidt emphasized the importance of thorough background checks and advanced security software to detect such fraudulent activities.

https://www.bloomberg.com/news/newsletters/2025-12-17/amazon-caught-north-korean-it-worker-by-tracing-keystroke-data

Backing up Spotify

Anna's Archive has backed up Spotify, creating the largest public music preservation archive with 300TB of data. This includes metadata for 256 million tracks and 86 million music files, covering 99.6% of listens. The archive aims to preserve lesser-known music often overlooked by enthusiasts. While Spotify has a wealth of music, the focus is on retaining and making accessible all types of music, including popular and obscure tracks. The backup will be released through torrents, and the project seeks community support for seeding and donations to protect music heritage.

https://annas-archive.li/blog/backing-up-spotify.html

Scroll to Top