Search This Blog

Popular Posts

Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Microsoft AI Chief Says White-Collar Jobs Could Face AI Automation Within 18 Months

  For decades, university degrees in business, law, finance, and management were widely viewed as reliable pathways to stable office career...

All the recent news you need to know
User Privacy
Cyber Crime French Teacher Minor Safety Sexual Exploitation User Privacy

AI Vigilante Sting Catches Alleged Paedophile Ex-Teacher in France

 

A retired French physical education teacher has been placed in custody after an online sting operation exposed what investigators say was a serious attempt to solicit a minor. The case has drawn wide attention because the “girl” he was speaking to was not real, but a digitally created identity controlled by an influencer known for targeting alleged predators. The meeting was streamed live, turning a criminal investigation into a public spectacle. 

According to the BBC report, the 66-year-old man, identified as Dominique B, surrendered to authorities in eastern France one day after the exchange was broadcast. During the 40-minute interaction, he believed he was speaking with a 14-year-old girl, but the image and voice were being operated by a male influencer. Even though the visual disguise was imperfect, the setup was convincing enough to lead the retired teacher into inappropriate conversation. 

The exchange reportedly attracted more than 40,000 live viewers and later approached a million views online. In the footage, the man is seen relaxing in a chair while the fake persona appears on screen, with the influencer adjusting his appearance to help maintain the illusion. The stunt’s reach shows how online platforms can amplify both exposure and controversy when criminal behavior is broadcast in real time. 

French prosecutors in Vesoul say the man now faces charges for making sexual propositions to a person under 15 and for soliciting pornographic images from a minor. Those allegations carry serious legal and social consequences, especially given his former role as an educator. The case is likely to fuel further debate over the line between citizen-led vigilance and public shaming in digital spaces. 

The influencer involved said his aim was to raise awareness, but the incident also highlights the growing use of deceptive online identities in anti-predator campaigns. While such tactics can expose dangerous behavior, they also raise questions about evidence, ethics, and the influence of livestream culture. For now, the French case stands as a stark reminder that online anonymity can be abused, and that public exposure is no substitute for lawful accountability.
Read more »
Iran-based hacker group
Critical Infrastructure Cyber Attacks Hacker attack Infrastructure Infrastructure Security Iran hackers Iran-based hacker group

Iran-Linked Hackers Targeted US Fuel Tank Systems Through Exposed ATG Networks

 

A cyber incident linked to suspected Iranian hackers targeted U.S. gas station fuel monitoring systems, exposing weaknesses in critical infrastructure. Internet-connected ATG systems lacking password protection reportedly allowed attackers to gain access without stolen credentials. Though designed to track fuel levels automatically, these systems became vulnerable because of poor security controls. 

The incident highlights how basic operational technology flaws can create major risks. Weakly protected infrastructure remains an attractive target for cyberattacks. Remote access features, while convenient, can become dangerous when left exposed online. 

Many of these monitoring tools operate quietly in the background until compromised. Security experts warn that even simple protections could have blocked the intrusion. Each exposed device increases risks across connected infrastructure networks. Although the attackers reportedly altered displayed fuel readings, authorities said the actual fuel levels inside storage tanks were not changed. 

Even so, cybersecurity specialists stressed that compromised ATG systems could still disrupt operations or create confusion during emergencies. Experts have warned for years that insecure fuel monitoring systems could become targets for hackers or state-backed groups seeking to impact critical services. Growing tensions involving the United States, Iran, and Israel have fueled suspicions around Iranian-linked cyber activity. Analysts noted similarities between this incident and earlier attacks tied to Iran targeting fuel distribution infrastructure. 

While officials have not publicly confirmed attribution, researchers said the timing and techniques resemble previous Iran-associated operations. Cybersecurity and Infrastructure Security Agency acknowledged reports of malicious activity involving automated tank gauge systems across critical sectors. While the agency stopped short of blaming Iran directly, it urged organizations to strengthen protections immediately. 

Recommendations included removing ATG systems from direct internet exposure, implementing strong passwords, reviewing logs regularly, and improving monitoring for suspicious behavior. Experts say modern geopolitical conflicts increasingly extend into digital systems supporting everyday life. Attacks targeting fuel infrastructure can trigger economic disruption, supply chain instability, and public panic even without causing physical damage. 

A relatively small cyber incident can still send a strategic message by demonstrating access to systems relied upon by millions. Many cybersecurity professionals continue warning that operational technology environments remain especially vulnerable because they often rely on outdated systems, weak segmentation, and limited visibility. Attackers frequently focus on these environments because even simple techniques can produce large-scale disruption. 

Researchers also pointed to lessons from the Colonial Pipeline ransomware attack, which caused fuel shortages and emergency declarations across multiple U.S. states in 2021. Experts believe similar attacks today could create ripple effects well beyond the originally targeted facilities. 

Security specialists now argue that industrial systems and connected devices should receive the same level of protection as traditional IT networks. Stronger segmentation, automated compliance checks, continuous monitoring, and recovery planning are increasingly viewed as necessary safeguards as cyber threats against critical infrastructure continue to grow.
Read more »
Login Credentials
AI in robotics AI password attacks Cyber Security Data protection data security Device Security Login Credentials

Yarbo Robotic Lawnmower Flaw Exposed Thousands of Devices With Shared Passwords

 

A single password opened thousands of Yarbo’s robot mowers worldwide, leaving owners in over thirty nations vulnerable without knowing it. While testing how these smart devices manage login requests, analyst Andreas Makris spotted the weak point - simple as typing “admin” into a forgotten backdoor. Some of these exposed devices operate using Linux platforms, linked straight to the web, depending on camera inputs, location signals, wireless links - also automatic map functions. 

Units across many regions used identical preset login details, investigators found. Remote entry into such hardware could happen without consent, Makris explained. Midway through the review, personal data came into view - email addresses, exact lawn mower locations, and network credentials laid bare. Testing revealed a real-time display pinpointing above 11,000 units active in at least thirty nations. 

While examining traffic patterns, digital trails linked each machine to specific geographic points. Visibility extended beyond basic details once hidden layers were uncovered. Not just limited to leaked information, the dangers included remote hijacking of lawn robots. Through experiments, scientists showed unauthorized users might trigger motion controls, switch on built-in imaging tools, while also probing residential networks for weak spots - all from a distance. 

Operating much like standard web-linked machines, these gadgets may end up pulled into coordinated hacking efforts. Such capabilities raise concern about their role in broader digital threats. A test shown to journalists supposedly let someone in Germany steer a 200-pound lawn mower near a home in New York, though they were separated by thousands of miles. Commands sent from afar took priority over hands-on operation, yet people close by received no warning when shifts occurred.  
Warnings emerged about gadgets placed close to critical infrastructure raising wider safety risks. Not far from power stations or manufacturing zones, fragile automated machines might operate, Makris noted - highlighting growing unease over threats to both physical setups and digital networks. Fixing the problem via firmware patches did not work - systems kept falling back to identical default passwords. 

Even after updates, the same login details resurfaced across devices. Experts pointed out that swapping passwords alone misses larger flaws: built-in factory access remains, while remote management tools stay vulnerable by design. Later, Yarbo admitted the issues once details emerged. Though based openly in New York, it holds ties to Hanyang Tech located in Shenzhen, China. Reports indicate the firm shut down some remote diagnostics pathways following scrutiny. 

Root passwords were reset shortly afterward. Access without authentication saw restrictions applied. Instead of using one password for every machine, new measures shifted toward unique credentials per device. Despite pledges of improved audit mechanisms and stricter controls on remote diagnostics, concerns lingered. Backdoor-style access by manufacturers allegedly persists in the equipment, skeptics noted - undermining claims of real change. Hidden backdoors and minimal built-in safeguards in smart gadgets are drawing sharper scrutiny, according to researchers. 

With households increasingly using AI-powered tools, robotic aids, or connected sensors, vulnerabilities multiply. Instead of isolated digital leaks, failures might now trigger real-world harm - door locks failing, cameras hijacked, entire home networks invaded. Security flaws once seen as minor glitches may now enable intrusions beyond data theft. 

When manufacturers skip strong defaults, everyday convenience turns into risk points across neighborhoods. Because these devices interact physically with environments, weaknesses aren’t just virtual - they can reach into living rooms, garages, even children's bedrooms. So while automation spreads rapidly, oversight lags behind, leaving gaps attackers can exploit.
Read more »
User Privacy
Africa Cyber Crime data security Digital Fraud User Privacy

Africa’s Digital Boom Makes It a Prime Target for Hackers

 

Africa’s digital boom is reshaping how people bank, work, study, and access public services, but that same progress is creating fresh openings for cybercriminals. As more governments and businesses move services online, attackers are finding more valuable systems to exploit, from mobile payments and health platforms to tax portals and identity databases. 

The speed of digital adoption has often outpaced security investment, leaving weak points that can be difficult to fix later. In practical terms, the more connected Africa becomes, the larger the attack surface becomes for criminals looking for easy gains. One of the biggest risks is that many organizations still rely on limited budgets, outdated infrastructure, and a shortage of trained cybersecurity professionals. 

Reports note that cybercrime losses in Africa now exceed $4 billion a year, while mobile-first threats such as SIM-swap fraud, phishing, and mobile money scams continue to rise. In some markets, cyberattacks are becoming more sophisticated, with criminals using automation and AI to make scams harder to detect. This is especially dangerous in countries where essential digital services are expanding quickly but security systems have not kept pace. 

The problem is not only technical; it is also structural. Africa’s cybersecurity rules remain uneven across countries, making it harder to coordinate responses to cross-border attacks. Criminal groups can move between jurisdictions, exploit weak enforcement, and target victims at scale while leaving limited traces behind. At the same time, critical infrastructure such as power, telecoms, and hospitals is increasingly exposed because it depends on connected systems that are often not built with strong protection in mind. That combination of weak regulation, limited staffing, and rising digital dependence makes the continent an attractive hunting ground for hackers. 

Cybersecurity experts argue that the solution must go beyond software and firewalls. Governments need stronger laws, better information-sharing, and more investment in training so that local teams can respond quickly to attacks. Businesses need to treat security as a core cost of digital growth, not an afterthought. Public awareness is also crucial, because many successful attacks still begin with simple tricks such as fake emails, urgent payment requests, or fraudulent links. If users understand the risks, the most common scams become much harder to carry out. 

Africa’s digital future remains full of promise, but that promise depends on trust. If people cannot safely use online services, digital progress slows and confidence erodes. The continent now faces a clear choice: keep expanding online systems faster than they can be protected, or build security into digital growth from the start. The countries that succeed will be the ones that match innovation with resilience, and speed with discipline.
Read more »
pharmaceutical services
Data Breach financial data exposure Healthcare pharmaceutical services

West Pharmaceutical Services Reports Data Breach and Encrypted Systems

 




West Pharmaceutical Services has confirmed that it suffered a cybersecurity incident that resulted in both data theft and the encryption of parts of its internal network, making it the latest major manufacturing and healthcare-related company to face operational disruption from a cyberattack.

In a filing submitted to the U.S. Securities and Exchange Commission (SEC), the company stated that it identified suspicious activity on May 4, 2026, and later determined on May 7 that an unauthorized actor had exfiltrated certain data and encrypted multiple systems within its environment. The company described the breach as a “material cybersecurity attack,” indicating that the incident was serious enough to potentially affect operations or business continuity.

Following the initial detection of the intrusion, West Pharmaceutical said it immediately activated its incident response procedures. As part of its containment efforts, the company proactively shut down and isolated affected systems across its global infrastructure, restricted access to enterprise resources, informed law enforcement authorities, and brought in external cyber-forensic specialists to assist with the investigation and recovery process.

The investigation into the incident is still ongoing, and the company says it is currently working to determine the full scope and nature of the breach, including exactly what type of information may have been stolen during the attack.

West Pharmaceutical Services is a publicly traded American pharmaceutical manufacturing company and a member of the S&P 500 index. The firm generates more than $3 billion in annual revenue and employs over 10,800 people worldwide. Its business focuses heavily on injectable drug packaging systems, syringe and vial components, containment technologies, and medical drug delivery devices used throughout the healthcare and pharmaceutical sectors.

The cyberattack disrupted several parts of the company’s global operations, particularly systems tied to manufacturing, shipping, and other enterprise functions. West Pharmaceutical stated that some of its core systems supporting production and distribution activities have now been restored, while manufacturing operations have partially resumed in certain areas. However, the company acknowledged that the full restoration process has not yet been completed and did not provide a timeline for when all systems are expected to return to normal operation.

At this stage, the company has also not estimated the financial impact the incident may have on its business.

West Pharmaceutical further stated that it has taken measures intended to reduce the risk of the stolen information being distributed or exposed publicly, although it did not disclose what those mitigation steps involve.

In a statement shared after media inquiries, a company spokesperson said the organization initiated both incident response and crisis management procedures immediately after discovering the intrusion. The company added that containment actions included shutting down and isolating affected on-premises infrastructure, limiting access to enterprise systems, and implementing additional technical and organizational security measures.

West Pharmaceutical also confirmed that it engaged Palo Alto Networks’ Unit 42 incident response team to assist with containment, forensic analysis, and system recovery efforts alongside outside legal counsel and other external experts.

As of now, no ransomware group has publicly claimed responsibility for the attack. However, cybersecurity analysts note that incidents involving both data exfiltration and system encryption often resemble modern double-extortion ransomware operations, where attackers not only lock systems but also threaten to leak stolen information to pressure victims into negotiations.

The incident also reflects a broader trend affecting manufacturing and healthcare supply chains, sectors that have increasingly become targets for cybercriminal groups because operational downtime can quickly disrupt production, logistics, and critical services. Security experts continue to warn that attacks against pharmaceutical and healthcare-related manufacturers can have consequences extending beyond financial losses, particularly when production environments and supply chain systems are affected.

Read more »
Technology
Browser security telemetry Client-side digital sovereignty Data governance compliance Edge AI privacy Filesystem auditing Gemini Nano installation On-device LLM Technology

Hidden 4GB AI Model Found Downloading Through Google Chrome


 

In what appeared to be a routine background update within Google Chrome, privacy researchers have raised concerns over a potentially problematic update after reports revealed that the browser may have silently downloaded a nearly 4GB artificial intelligence model onto certain systems without explicit user approval. 

Known as Gemini Nano, this component enables local AI processing directly on laptops and smartphones rather than relying solely on cloud infrastructure. However, cybersecurity observers and digital rights advocates contend that the deployment was inadequately transparent, especially because the installation of an AI package requiring significant storage was not visible to users. 

The disclosure, amplified by a Swedish computer scientist and privacy. Google's incremental deployment of Gemini Nano, a lightweight large language model designed to execute on-device operations such as text optimization and automated scam detection, is revealed by an investigation into the browser's filesystem mechanics.

The background payload is the result of this incremental deployment. Hanff's diagnostic tests are supported by a system-level analysis, which shows that the browser initiates an independent directory named OptGuideOnDeviceModel when a machine running recent Chrome iterations satisfies certain hardware requirements, and that the browser extracts weights.bin, which is a 4- gigabyte binary file. 

Due to the architecture's use of default active optimization flags rather than user-triggered prompts, the local installation does not require explicit confirmation dialogs. This practice has drawn intense scrutiny due to issues related to storage overhead, metered network data consumption, and compliance with regional data governance protocols.

It has been stated by Google that users may mitigate the automated download sequence by deleting the On-device AI program or the Optimization Guide parameters using internal settings (chrome://flags). However, the lack of a standard, upstream opt-in mechanism before writing multigigabyte binaries to a user's persistent storage has fundamentally heightened the debate over digital sovereignty on the client's side. 

A clean Apple Silicon profile has been audited to empirically isolate this persistent behavior beyond individual telemetry reports, using the native macOS kernel-level filesystem auditing daemon, .fseventsd. In the absence of application-layer logging, this low-level mechanism records transactional file operations, which results in a tamper-proof ledger of Chrome's execution pipeline which is unmodified by external application updates. 

As a result of the resulting data stream, it became evident that even when users manually purge the payload, which is mapped to mode 600 on macOS, the Local State configuration file retains the target installation. This automated download loop is initiated once the client intercepts a new synchronization packet from Google's central variations server confirming profile eligibility as soon as the client intercepts it. 

The forced re-allocation of macOS resources on Mac OS is consistent with deletion-resistance patterns that have been extensively documented across Windows environments, thus confirming the silent overhead as a design constant across various desktop operating systems and not an isolated platform problem. 

In Chrome 147, functional opacity is further compounded by the decoupling of user interface design from backend routing. Although the prominently displayed AI Mode pill indicates localized execution, diagnostic telemetry indicates that the interface is a channel for Google's cloud-based Search Generative Experience, transmitting user queries to Google servers directly. 

While the silently provisioned Gemini Nano remains isolated to context-menu features that are rarely invoked by most of the user base, the asymmetric distribution has been confirmed by Snopes audits, which confirmed the existence of weights.bin files across a limited set of Windows and macOS configurations, despite Google’s phased rollout of an opt-out toggle in early 2026 that remains unavailable to a large percentage of global users. 

Besides the immediate infrastructural challenges, this deployment paradigm is being scrutinized more and more by regulatory authorities and environmentalists. According to Hanff's legal analysis, writing substantial binary payloads to client hardware without explicit, upstream consent directly violates both the GDPR transparency requirements and the EU ePrivacy Directive data storage mandates. Those arguments echo recent compliance challenges reported by Malwarebytes regarding Anthropic's unprompted integration of Claude Desktop components across numerous Chrome environments.

It is further estimated that this 4-gigabyte deployment will yield 6,000 to 60,000 tonnes of CO2 equivalents when projected across Chrome's estimated one billion devices. It has been reported by crypto.news that the provisioning of local AI environments unconsentedly raises complex data sovereignty issues and fundamentally alters the endpoint security baseline for consumers worldwide as part of a broader 2026 surge in automated threat vectors highlighted by CertiK.

Finally, this architectural shift in client-side applications highlights a rising tension between the automatic delivery of products and the autonomy of user data. In spite of the increasing importance of silent pre-provisioning to smooth the onboarding process for local LLM engines, executing background allocations of this magnitude fundamentally alters the relationship between browser software and host hardware as they are executed. 

Regulatory bodies are starting to evaluate ambient deployment strategies against strict transparency frameworks, such as the GDPR, which will result in an inevitable point of inflection for the industry. Localized artificial intelligence requires a profound structural reevaluation in order to achieve a balance between compute-intensive computation and established principles of consent, resource management, and digital sovereignty. This will involve shifting away from default-active background injections toward transparent, user-validated infrastructure.
Read more »
Subscribe to: Posts (Atom)

Featured