Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Latest News

Korean Air Employee Data Exposed in Cl0p Ransomware Supply-Chain Attack

  Korean Air has acknowledged the theft of sensitive data belonging to 30,000 current and former employees in a serious data breach. The bre...

All the recent news you need to know
Voice-Driven AI
AI Hardware Ecosystem AI Security Infrastructure Cross-Platform AI OpenAI Agora Real-Time AI Communication Secure Digital Platforms Technology Tokenised Payments Voice-Driven AI

ChatGPT Prepares Cross-Platform Expansion With Project Agora


It appears that OpenAI is quietly setting the foundation for its next significant product evolution, as early technical signals indicate the development of a new cross-platform initiative that is internally codenamed "Agora" and promises to be the next major step forward for its translation capabilities. 

Tibor Blaho, a prominent AI researcher, discovered previously undisclosed placeholders buried within the latest versions of OpenAI’s website code, as well as its Android and iOS applications. It was evident from that evidence that active development takes place across desktop and mobile platforms. 

'Agora' is the Greek word for a public gathering space or marketplace, which means community, and its use within the software industry has sparked informed speculation, with leaks revealing references like 'is_agora_ios' and 'is_agora_android' as hints of a tightly controlled, cross-platform experience. 

As a result of the parallels between the project and established real-time media technologies bearing the same name, analysts believe the project could signal anything from the development of a unified, cross-platform application, a collaborative social environment, to the development of a more advanced, real-time voice or video communication framework. 

As news has surfaced recently about OpenAI's interest in developing an AI-powered headset, which raises the possibility that Agora could serve as a foundational layer for a broader hardware and software ecosystem, this timing is noteworthy, as reports since surfaced indicate OpenAI is interested in building a headset powered by AI. 

Although the project has not yet been officially acknowledged by the company, OpenAI has already demonstrated its execution momentum by providing tangible improvements to its voice input capabilities that have been logged in to the system.

In this way, it has demonstrated a clear strategy toward providing seamless, interactive, and real-time AI experiences for logged-in users. These references suggest that the initiative is manufactured to operate seamlessly across multiple environments, possibly pointing to a unified application or a device-level feature that may be able to operate across platforms due to its breadth and depth of references. 

A term commonly associated with public gathering spaces and marketplaces is the name “Agora,” which has fueled speculation that OpenAI is exploring the possibility of collaborating with communities in an effort to enhance their interaction with each other.

A number of experts have suggested that the name may be a reference to real-time communication technology, given that it has been associated with a variety of audio and video development frameworks.

It is interesting to note that these findings have been released alongside reports that OpenAI is considering new AI-powered hardware products, such as wireless audio devices positioned as potential alternatives to Apple's AirPods, and that Agora could be an integral part of this tightly integrated hardware-software ecosystem in the future.

In addition to these early indicators, ChatGPT has already seen tangible improvements as a result of the latest update. OpenAI, the artificial intelligence system, has significantly improved the performance of dictation by reducing empty transcriptions and improving overall accuracy of dictation, thus reinforcing the company's commitment to voice-driven, real-time interaction. 

An important part of this initiative is to address longstanding inefficiencies in cross-border payments that have existed for a long time. Due to the fragmented correspondent banking networks that they rely on, cross-border payments remain slow, expensive, and difficult to track. They are characterized by a lack of liquidity and difficulty managing cash flows. 

In addition, the Agorá Project is exploring alternatives to existing wholesale payment frameworks based on tokenization and utilizing advanced digital mechanisms such as smart contracts to achieve faster settlements, greater transparency, and better accessibility than their current counterparts. 

Developing tokenized representations of commercial bank deposits and central bank reserves is an example of the project's focus on understanding how to execute transactions in a secure and verifiable manner, while preserving the crucial role that central bank money plays in terms of being the final settlement asset. 

There are several benefits to this approach, such as eliminating counterparty credit risk, ensuring transaction finality, and strengthening financial stability, in addition to providing new payment capabilities such as atomic, always-on, or conditional payments, among others. 

The initiative is not only evaluating the technical aspects of tokenised money, but will also assess both the regulatory and legal consequences of tokenised money, including they will assess if the tokenised money complies with settlement finality rules, anti-money laundering obligations, and counter-terrorism financing regulations across different jurisdictions. 

Although Project Agorá is being positioned as an experimental prototype rather than a market-ready product, the results of its research could help shape the development of a more efficient, reliable, and transparent global payments infrastructure, and provide a blueprint for the future evolution of cross-border financial systems in the long run. 

Taking this into account, Agora's emergence reveals a broader strategic direction in which OpenAI has begun going beyond incremental feature updates toward building platform-agnostic platforms which can be extended across devices, use cases, and even industries in order to achieve their goals. 

In spite of the fact that Agora may ultimately be developed as a real-time communication layer, a collaborative digital environment, or a component of the infrastructure necessary to support future hardware and financial systems, its early signals indicate that it is focused strongly on interoperability, immediacy, and trust.

The advantages of taking such an approach could include better AI-driven workflows, closer integration between voice, data, and transactions, and the opportunity to design services that operate seamlessly across boundaries and platforms for enterprises and developers alike.

It has also been suggested that the parallel focus on regulatory alignment and system resilience reflects a desire to strike a balance between fast innovation and the stability needed for a wide-scale adoption of the innovations. 

In the meantime, OpenAI is continuing to refine these initiatives behind the scenes. Moreover, the Agora project shows how we may soon find that the next phase of AI evolution will be defined more by interconnected ecosystems, rather than by isolated tools, enabling real-time interaction, secure exchange, and sustained economic growth worldwide.

Read more »
Websites
Credit Card Cyber Security Financial Data Web Skimming Websites

Ongoing Web Skimming Operation Quietly Harvests Payment Data From Online Stores

 



Cybersecurity analysts have identified a sophisticated web skimming operation that has been running continuously since early 2022, silently targeting online checkout systems. The campaign focuses on stealing payment card information and is believed to affect businesses that rely on globally used card networks.

Web skimming is a type of cyberattack where criminals tamper with legitimate shopping websites rather than attacking customers directly. By inserting malicious code into payment pages, attackers are able to intercept sensitive information at the exact moment a customer attempts to complete a purchase. Because the website itself appears normal, victims are usually unaware their data has been compromised.

This technique is commonly associated with Magecart-style attacks. While Magecart initially referred to groups exploiting Magento-based websites, the term now broadly describes any client-side attack that captures payment data through infected checkout pages across multiple platforms.

The operation was uncovered during an investigation into a suspicious domain hosting malicious scripts. This domain was linked to infrastructure previously associated with a bulletproof hosting provider that had faced international sanctions. Researchers found that the attackers were using this domain to distribute heavily concealed JavaScript files that were loaded directly by e-commerce websites.

Once active, the malicious script continuously monitors user activity on the payment page. It is programmed to detect whether a website administrator is currently logged in by checking for specific indicators commonly found on WordPress sites. If such indicators are present, the script automatically deletes itself, reducing the risk of detection during maintenance or inspection.

The attack becomes particularly deceptive when certain payment options are selected. In these cases, the malicious code creates a fake payment form that visually replaces the legitimate one. Customers unknowingly enter their card number, expiration date, and security code into this fraudulent interface. After the information is captured, the website displays a generic payment error, making it appear as though the transaction failed due to a simple mistake.

In addition to financial data, the attackers collect personal details such as names, contact numbers, email addresses, and delivery information. This data is sent to an external server controlled by the attackers using standard web communication methods. Once the transfer is complete, the fake form is removed, the real payment form is restored, and the script marks the victim as already compromised to avoid repeating the attack.

Researchers noted that the operation reflects an advanced understanding of website behavior, especially within WordPress-based environments. By exploiting both technical features and user trust, the attackers have managed to sustain this campaign for years without drawing widespread attention.

This discovery reinforces the importance of continuous website monitoring and script validation for businesses, as well as cautious online shopping practices for consumers.

Read more »
Organization security
Corporate Cyber Security data security EOCC Organization security

EOCC Hit by Security Breach Due to Contractor's Unauthorised Access


The Equal Employment Opportunity Commission (EOCC) was hit by an internal security data breach that happened last year. The incident involved a contractor's employees exploiting sensitive data in an agency's systems. 

About the breach

The breach happened in EEOC's Public Portal system where unauthorized access of agency data may have disclosed personal data in logs given to agency by the public. “Staff employed by the contractor, who had privileged access to EEOC systems, were able to handle data in an unauthorized (UA) and prohibited manner in early 2025,” reads the EEOC email notification sent by data security office. 

The email said that the review suggested personally identifiable information (PII) may have been leaked, depending on the individual. The exposed information may contain names, contact and other data. The review of is still ongoing while EOCC works with the law enforcement. 

EOCC has asked individuals to review their financial accounts for any malicious activity and has also asked portal users to reset their passwords. 

Contracting data indicates that EEOC had a contract with Opexus, a company that provides case management software solutions to the federal government.

 Prevention measures 

Open spokesperson confirmed this and said EEOC and Opex “took immediate action when we learned of this activity, and we continue to support investigative and law enforcement efforts into these individuals’ conduct, which is under active prosecution in the Federal Court of the Eastern District of Virginia.” 

Talking about the role of employees in the breach, the spokesperson added that “While the individuals responsible met applicable seven-year background check requirements consistent with prevailing government and industry standards at the time of hire, this incident made clear that personnel screening alone is not sufficient." 

The second Trump administration's efforts to prevent claimed “illegal discrimination” driven by diversity, equity, and inclusion programs, which over the past year have been examined and demolished at almost every level of the federal government, centre on the EEOC. 

Large private companies all throughout the nation have been affected by the developments. In an X post this month, EEOC chairwoman Andrea Lucas asked white men if they had experienced racial or sexual discrimination at work and urged them to report their experiences to the organization "as soon as possible.”

Read more »
Malwares
Booking.com Booking.com scam Cyber Attacks Cyber Phishing Fake Emails Malware attacks Malwares

PHALT#BLYX Malware Campaign Targets European Hotels With Fake Booking Emails

 

A fresh wave of digital threats emerged just after Christmas 2025, aimed squarely at European lodging spots. Instead of random attacks, it used clever email tricks made to look like they came from Booking.com. Staff members got messages that seemed urgent, nudging them to click without thinking twice. Once opened, hidden code slipped inside their systems quietly. That backdoor let attackers take control through software called DCRat. Behind the scenes, the whole scheme ran under the name PHALTBLYX. 

Research from Securonix shows the attack kicks off using fake emails made to look like Booking.com alerts. A supposed booking cancellation triggers the alert. Displayed boldly is a charge in euros - frequently more than €1,000. That sum aims straight at emotions, sparking alarm. Fear takes over, nudging people toward clicking before checking details. 

Clicking the “See Details” button sends people nowhere near Booking.com. A hidden detour happens first - through another web address entirely. Then comes a counterfeit site built to trick. There, a phony CAPTCHA pops up out of nowhere. After that, a fake Blue Screen appears like it is urgent. Words flash: fix this now by clicking here. Those clicks run harmful PowerShell scripts without warning. The whole chain relies on looking real until it is too late. 

Something begins before the main event - stages unfold slowly, one after another. A hidden rhythm runs through it all, tied to familiar parts of Windows, used in ways they were never meant to be. An XML file shows up without notice, slipped into place while no one watches. It looks harmless, built like a regular project for MSBuild.exe, which itself is real software from Microsoft. Instead of old tricks involving clunky HTML apps, attackers now twist everyday tools into something else. 

What seems ordinary might already be working against you. Normal actions become cover, hiding intent inside routine noise. A hidden DCRat program gets activated during execution. At the last step, a compressed .NET tool called staxs.exe unlocks its internal settings through advanced encryption like AES-256 paired with PBKDF2. To stay active across restarts, it drops a misleading Internet Shortcut into the Startup directory on Windows. After turning on, DCRat reaches out to several hidden servers, then checks what kind of machine it has landed on. Information about the software, settings, and person using the device gets gathered piece by piece. 

Remote operators gain complete control right after. Instead of running openly, it sneaks inside normal system tasks by reshaping them from within. That trick helps it stay put without drawing attention. Noticing clues in the code, experts link the operation to hackers who speak Russian. 

Built into everyday tools users trust, this malware plays on emotions while slipping past alarms. What stands out is how each step connects - carefully strung - to avoid detection. Staying hidden matters most, especially where guest data flows through open networks.
Read more »
Technology
Android app pinning guided access iphone iPhone lock apps phone snooping smartphone privacy Technology

This Built-In Android and iPhone Feature Lets You Share Your Phone Safely

 


Handing your phone to someone, even briefly, can expose far more than intended. Whether it is to share a photo, allow a quick call, or let a child watch a video, unrestricted access can put personal data at risk. To address this, both Android and iPhone offer built-in privacy features that limit access to a single app. Android calls this App Pinning, while Apple uses "Guided Access", allowing you to share your screen safely while keeping the rest of your phone locked.

Your smartphone holds far more than just apps. It contains banking details, private messages, location history, emails, and photos you may not want others to see. Even a quick glance at your home screen can reveal which banks you use or who you communicate with. This is why unrestricted access, even for a moment, can put your privacy and identity at risk. Handing over your phone without restrictions—especially to a stranger—is never a good idea.

There are many everyday situations where this feature becomes useful. A child may want to watch a YouTube video, but you do not want them opening emails or messages. A stranger may need to make a call in an emergency, but nothing beyond that. Even a friend doing a quick Google search does not need access to your search history or other apps. App Pinning and "Guided Access" make sure the phone stays exactly where you want it.

On Android, enabling App Pinning is simple. Head to Settings, search for “App Pinning,” and turn it on. Make sure authentication is required to exit the pinned app. Once enabled, open the app you want to share, go to the recent apps view, tap the app icon, and select Pin. The phone will stay locked to that app until you authenticate. To exit, swipe up and hold, then unlock using your PIN, password, or biometrics.

iPhone users can achieve the same result using "Guided Access". This feature lives under Settings → Accessibility. After setup, it can be activated by triple-clicking the power button. Open the app you want to share, triple-click the power button, and hand over the phone. When finished, triple-click again and authenticate with Face ID, Touch ID, or a passcode to return to normal use.

One limitation exists when sharing photos on both platforms. If you pin the Photos app, the other person can still swipe through your gallery. On iOS, this can be fixed by disabling touch input from the "Session Settings" menu when starting "Guided Access". Android, however, does not currently allow disabling touch during App Pinning, which means extra caution is needed when sharing photos.

The takeaway is simple: never hand your phone to someone without locking it to a single app first. App Pinning on Android and "Guided Access" on iOS are easy to use and extremely effective at protecting your privacy, keeping prying eyes away from your personal data.
Read more »
Technology
AI Cinema Bollywood AI Deepfake VFX Generative Tools Indian Films Technology

Here's How AI is Revolutionizing Indian Cinema

 

Indian cinema is setting the pace for the use of AI across the globe, beating Hollywood's cautious approach to the emergence of the new technology. With the aid of tools like Midjourney and ChatGPT, filmmakers are now able to create storyboards, write screenplays, and even produce final visuals at unprecedented speeds. That's because India produces more than any other country in the world and, consequently, needs to cut costs wherever possible. It's changing everything from pre-production to visual effects. 

Director Vivek Anchalia epitomizes the change with "Naisha," India's first fully AI-generated feature film, scheduled to be released in 2025. Unable to attract funding earlier, he built some stunning visuals and the story elements himself using AI, which attracted interest from producers. Midjourney crafted intimate imagery, while ChatGPT brainstormed plots, enabling Anchalia to refine the shots over a little more than a year. 

Big-budget productions seamlessly weave AI into everyday workflows: de-aging veteran actors, cloning voices for dubbing, and pre-shooting visualizations to save time and cut costs. Generative AI drafts screenplays in minutes, predicts box office success via data analysis, and powers virtual sets mimicking international locations sans travel.

The film industry is already experiencing a radical transformation due to deepfakes and motion capture technology by artificial intelligence, where actors are transformed into their younger or digital avatars with minimal use of expensive hardware. The consequence? Superhero movies with cinematic magic at affordable prices without the million-dollar film shoots.

However, there is a certain tension in this rush of AI technology as well. “There’s a great concern that the jobs of editors, writers, and tech crews could be at risk, as technology continues to automate the editing process,” indicates Sekhar Kambamudi, a film expert. Deepfake technology is a source of concern with regard to abuse, and the use of AI technology could make the emotional depth of the content appear less. 

India, which produces the largest number of films every year, is walking a thin line between innovation and safety. Unlike the Hollywood labor disputes, Bollywood films, although churning at breakneck speeds, require regulation in terms of authenticity and fair use, according to authorities. With advancements taking place in AI, a new dimension is going to arrive, where human innovation and AI’s efficiency will integrate in ways that have never been witnessed before.
Read more »
Subscribe to: Comments (Atom)

Featured