CySecurity News - Latest Information Security and Hacking Incidents: Technology

Agentic AI Risks AI Agent Security AI Framework Vulnerabilities AutoJack Localhost Security MCP WebSocket Microsoft AutoGen Studio Remote Code Execution Technology

AutoJack Reveals New Threat to Autonomous AI Agent Security

Researchers are discovering new security threats that extend well beyond traditional prompt manipulation as artificial intelligence agents acquire the capability of browsing websites, interacting with local services, executing tools, and automating complex workflows.

AutoJack, the newest example of malware that can be exploited by trusted AI-powered browsers to compromise systems unintentionally, demonstrates how a single malicious web page can be used to manipulate the browser. A number of vulnerabilities combine to bypass assumptions surrounding localhost security.

The exploit chain targets Microsoft's AutoGen Studio, an open-source environment designed to develop and test multi-agent AI systems, utilizing multiple weaknesses. Using the agent's native web browsing functionality and the agent's interaction with locally exposed services, the attack allows the execution of arbitrary code on the host machine by simply submitting a URL by the user. It has been demonstrated that AI security is becoming increasingly problematic as agents are integrated into browsers, developer tools, and operating systems.

As a result, the boundary between untrusted internet content and privileged local resources is becoming increasingly difficult to enforce. As a result of the analysis, the attack does not require stolen credentials, bypasses of user authentication, or repeated actions by the user to proceed. The attack therefore does not require stolen credentials or bypasses of user authentication.

An attacker-controlled webpage can be accessed by browsing agents once they have been directed there, whether they have been directed there by a submitted URL, a malicious link, or prompt-injected content embedded in a workflow. This issue centers around AutoGen Studio's implementation of the Model Context Protocol (MCP) WebSocket, which was included in the development builds 0.4.3.dev1 and 0.4.3.dev2, but was absent from Microsoft's stable version 0.4.2.2.

According to Microsoft, the exposed MCP WebSocket surface did not appear in a stable PyPI release. Researchers have however identified three different weaknesses that combine to form a viable remote code execution path within the development branch. As a result of inadequate origin validation, WebSocket connections were limited to localhost origins, but JavaScript executed within the AI-controlled headless browser on the same machine was not considered.

The second stemmed from authentication controls that intentionally excluded /api/mcp/* routes, allowing access to the MCP WebSocket without verification. One of the most critical security issues arose from the handling of the server_params argument, which accepted attacker-supplied commands and arguments, decoded them into execution parameters, and passed these parameters directly to the process spawning functionality without any meaningful restrictions.

When a developer uses AutoGen Studio on localhost:8081 along with a browsing agent, the agent could unintentionally trigger the chain by allowing the agent to browse a carefully crafted webpage. By leveraging authentication and origin validation gaps, the embedded JavaScript would create a WebSocket connection with the local MCP endpoint and instruct the application to launch an attacker-defined executable with the logged-in user's privileges.

As a result of the responsible disclosure to the Microsoft Security Response Center, the affected code path has been hardened in the upstream repository. However, these findings indicate that trusted local AI agents may unintentionally bridge the gap between untrusted web content and privileged development environments in the absence of checks on security assumptions surrounding localhost services.

However, researchers emphasize that the broader architectural weakness of AutoJack extends beyond just a single framework or implementation, although the specific vulnerabilities leveraged by the project have been addressed in its source code. As an interim measure until updated releases are fully adopted, security practitioners suggest separating AutoGen Studio from browsing and code-execution agents that interact with untrusted internet content in order to eliminate the conditions required for exploitation.

A mitigation layer that provides effective protection against this attack chain is the isolation of workloads through dedicated containers, virtual machines, or restricted user contexts. In addition, the findings of this study identify a recurring design pattern increasingly observed across agent ecosystems: highly privileged, local services that are protected primarily by localhost assumptions, combined with artificial intelligence agents that may freely access external content.

Recently, similar concerns emerged in the ChatGPhish campaign, where AI-generated summary pages were manipulated in order to facilitate phishing attempts. Research conducted with Microsoft's Semantic Kernel, reported as CVE-2026-26030 and CVE-2026-25592, demonstrated comparable risks associated with locally trusted execution paths. These examples indicate that localhost-based trust models are becoming increasingly fragile in environments where autonomous agents routinely connect external and internal systems.

Researchers have argued that meaningful defense requires stronger control-plane authentication, strict allowlisting, and separate agent identities from developer sessions in order to provide meaningful defense. In light of the continued development of artificial intelligence frameworks that enable browsing, execution, and orchestration across multiple systems, security boundaries are no longer defined solely by the network location.

When an agent gains access to both the open web and privileged local services, traditional localhost protections no longer provide a reliable security measure. It serves as a reminder that the security challenges associated with artificial intelligence agents have rapidly evolved from theoretical concerns into practical attack scenarios as the AutoJack findings demonstrate.

The adoption of increasingly autonomous systems capable of browsing the web, interacting with local services, and performing tasks on behalf of users is challenging long-established trust assumptions in a new way. According to the research, artificial intelligence agents should be evaluated both as productivity tools and as privileged software components that can access sensitive environments directly.

Security teams should reassess localhost exposure, strengthen authentication controls around agent-accessible services, and enforce strict execution boundaries before experimental workflows become dependent on production processes. In a technological landscape where AI agents are expected to be capable of making decisions and taking actions independently, security architecture also needs to evolve at the same rapid speed as the technology itself.

Cybersecurity Leaders Face Growing Workloads as AI Changes the Job



 

Technology

AI CISO Cyber Threats Cybersecurity ISSA Technology

Cybersecurity Leaders Face Growing Workloads as AI Changes the Job

The responsibilities placed on cybersecurity leaders are becoming increasingly difficult to manage as organizations face a growing number of cyber threats, rapid adoption of artificial intelligence technologies, and increasing demands for security oversight across the business.

A recent survey conducted by the Information Systems Security Association (ISSA) International and research firm Omdia found that 68% of cybersecurity and IT professionals believe their jobs are more difficult today than they were two years ago. More than half of respondents reported heavier workloads and greater operational complexity (55%), while 52% said the volume and intensity of cyber threats have become more overwhelming.

Security teams are being asked to protect increasingly complex digital environments while also helping organizations adopt new technologies such as generative AI. At the same time, many security leaders say they are struggling to secure sufficient support from other parts of the business.

According to Shawn Murray, former president of ISSA and a fractional Chief Information Security Officer (CISO), many security executives regularly work long hours while attempting to address security concerns that are often introduced without their involvement. In some organizations, new technologies are adopted before security teams are included in planning discussions, creating additional challenges for risk management and governance.

As a result, some experienced CISOs are leaving traditional full-time leadership positions and choosing consulting or fractional roles instead. These arrangements allow security professionals to work with multiple organizations while focusing on businesses that are willing to involve cybersecurity leaders in strategic decision-making.

While legal accountability was once considered one of the largest concerns facing CISOs, the survey suggests that anxiety around personal liability has become less prominent than in previous years. Instead, many respondents identified the security implications of artificial intelligence as one of the most significant new sources of pressure.

AI has created both opportunities and challenges for cybersecurity teams. One growing concern is the rise of "shadow AI," where employees begin using AI tools and services without notifying security teams or obtaining formal approval. Similar issues emerged during the early stages of cloud adoption, when departments could deploy new services independently without providing visibility to cybersecurity staff.

This lack of visibility can create greater security gaps. When security teams do not know which AI applications, models, or processes are being used across an organization, it becomes more difficult to identify risks, monitor suspicious activity, and respond effectively to potential incidents.

Despite these concerns, cybersecurity professionals are increasingly interested in using AI to improve their own operations. The survey found that 37% of respondents are already using AI-powered tools to address cybersecurity challenges, while another 46% plan to adopt such technologies in the future.

Among the most common use cases identified by respondents were automated cybersecurity assessments, software testing, predictive risk analysis, and threat detection. These capabilities could help security teams reduce manual workloads and process large volumes of security data more efficiently.

Alex Hutton, CISO at Atlantic Union Bank, noted that the cybersecurity environment has changed significantly in recent years. Whether organizations fully embrace advanced AI systems or not, security professionals must continuously learn about new technologies, understand emerging risks, and adapt their security strategies accordingly.

The survey also highlighted a notable shift in how organizations obtain cybersecurity leadership. The percentage of companies employing full-time CISOs declined from 76% in 2024 to 63%, while the use of fractional CISOs increased from 6% to 15% over the same period.

Industry observers believe this trend reflects growing demand for cybersecurity expertise rather than a reduction in the importance of the CISO role. Many small and mid-sized organizations face the same security, compliance, and governance challenges as larger enterprises but often lack the budget required to hire a full-time executive.

Cyber insurance requirements are also contributing to demand for experienced security leadership. Organizations are increasingly expected to demonstrate strong cybersecurity practices and effective risk management controls before obtaining coverage or meeting insurer requirements. CISOs frequently play a central role in helping businesses assess risks, improve security programs, and document compliance efforts.

According to Hutton, the rise of fractional and virtual CISOs provides organizations with access to executive-level security guidance without requiring a full-time appointment. Rather than signaling the decline of cybersecurity leadership positions, the change may represent an expansion of cybersecurity services to organizations that previously could not afford dedicated executive expertise.

As cyber threats continue to grow and AI reshapes business operations, cybersecurity leaders are expected to remain critical decision-makers. However, the role itself is changing, requiring security professionals to balance technical oversight, business strategy, regulatory expectations, and emerging technologies in an increasingly demanding environment.

Meta Faces Privacy Questions After Secret Face Recognition Code Discovery



 

Wearable Device Security

AI Surveillance Risks Biometric Authentication Biometric Security Face Recognition Technology Facial Recognition Security Meta AI App Meta Smart Glasses Privacy Technology Wearable Device Security

Meta Faces Privacy Questions After Secret Face Recognition Code Discovery

The concept of facial recognition in consumer wearables remained largely a theoretical discussion for many years confined to research laboratories, privacy concerns, and product development. Having now discovered that Meta had quietly embedded facial recognition-related code within its Meta AI mobile application, the software that powers and supports its Ray-Ban and Oakley smart glasses ecosystem, this conversation is moving closer to reality.

A system known as "NameTag" was discovered inside the smart glasses in order to process images captured through their cameras, generate biometric information, and match it with local data in order to recognize individuals in real time. Based on these findings, the integration of advanced computer vision capabilities into everyday consumer devices has been heightened, particularly when these capabilities appear in applications that are installed on tens of millions of smartphones well in advance of official announcements.

Additionally, Meta's smart glasses platform continues to expand its capabilities, raising questions regarding transparency, biometric data handling, and the future of artificial intelligence-powered wearable technology. In further analysis of the software architecture, it is apparent that the NameTag framework was not limited to experimental code fragments, but rather was integrated into the Meta AI application, which is a mandatory companion application for several smart glasses features and has been downloaded by over 50 million people.

An analysis of the system indicates that it was designed to capture facial imagery through the glasses, generate unique biometric templates known as faceprints, and compare the collected data with data stored locally on a user's device. Upon identifying a match, the application could generate recognition alerts to the wearer, while faces that could not immediately be matched were reportedly cropped, catalogued, and queued for future consideration.

In the investigation, researchers noted that three separate machine learning models were already installed on user devices to handle face detection, image extraction, and biometric conversion, respectively, associated with the feature. In earlier application builds, the capability was also referenced under the label "Connections," which implies a potential application use case that could involve assisting users in recalling individuals they had previously encountered.

A portion of the technical analysis was reviewed by independent security experts who emphasized the findings of the study. Although the feature was never publicly announced, researchers indicated that the underlying components appeared sufficiently developed to facilitate operational testing.

Security researchers reported that one security researcher uploaded a faceprint associated with French philosopher Michel Foucault to demonstrate the system's recognition workflow, which triggered a notification which indicated successful identification of the user. Despite Meta's long-standing involvement with facial-recognition technologies, which have been the subject of both commercial interest and regulatory pressure in the past, this disclosure has reignited scrutiny.

Previously, the company operated one of the largest facial-recognition systems for consumers by using Facebook's photo-tagging infrastructure before discontinuing the program in 2021 and destroying more than a billion biometric records. The development of a new facial-recognition framework against this backdrop has inevitably drawn the attention of privacy advocates and industry observers.

A company representative of Meta has, however, strongly rejected interpretations that the technology had been secretly deployed or prepared for public release. The code, according to Meta spokesperson Ryan Daniels, reflects ongoing research and product exploration and not a finished consumer feature. Meta spokesperson said no facial-recognition capability has been offered to users and no decision has been made regarding its implementation in the future.

The company will not construct a centralized facial-recognition database, he asserted, and stated that any eventual deployment would be disclosed in a clear manner. Andy Stone echoed this position, arguing that characterization of the technology as covertly released is misleading regarding both its purpose and status at present. Despite this, the episode illustrates the tension between rapidly advancing AI-powered wearable capabilities and the security expectations associated with technologies designed to process highly sensitive biometric data.

There was further intensification in the debate when the Threat Lab of the Electronic Frontier Foundation confirmed certain aspects of the earlier findings and noted that Meta only removed the code related to facial recognition once the issue gained significant public attention. The organization cautioned, however, that deletion does not necessarily indicate an end to development efforts.

In the course of investigating Meta, it was discovered that there appeared to be an apparent connection between Meta and the biometric technology provider Rank One Computing, a provider of facial recognition solutions for the United States Army and the U.S. Rank One's technology has been linked to Meta AI, the application used in conjunction with the company's smart glass ecosystem according to the report.

According to the report, the contract permitted access to advanced biometric features, including facial recognition and liveness detection systems. These systems are designed to distinguish a real individual from a photograph, mask, or other spoofing attempt. Researchers expressed concern about the narrow technological gap between government-grade surveillance platforms and consumer-facing wearable devices, arguing that the gap is narrowing rapidly.

A number of public clarifications regarding the reported partnership have not been made by either company Rank One Computing reportedly declined to respond, while Meta maintains that no consumer-facing facial-recognition features have been released and no final product decision has been reached.

Additionally, Meta did not confirm if third-party biometric engines with military-grade accuracy are being evaluated for future wearable products. Nonetheless, the revelations have renewed discussion about Meta's long and often controversial history with facial recognition. It was due to years of regulatory pressure that the company dismantled its large-scale facial recognition infrastructure on Facebook in 2021, despite hundreds of millions of users opting into the system previously.

Recently, Meta settled a lawsuit over allegations relating to the collection of biometric data for $1.4 billion. It was reported earlier this year that Meta had explored ways to use information related to its social media ecosystem to identify individuals using smart glasses. Further concerns have been raised about the integration of biometric intelligence into future consumer products.

The issue of privacy and cybersecurity goes beyond the release of a single product or feature. Through the transformation of a person's face into a persistent digital credential that can be stored, matched, and analyzed, facial recognition systems fundamentally alter the balance between anonymity and identification in public spaces.

A number of advocacy organizations have argued that such technologies are disproportionately damaging to marginalized groups, contribute to misidentification, and create avenues for unauthorized surveillance. The security threat associated with biometric identifiers is that, unlike passwords, they cannot simply be changed once they have been exposed.

The evolution of smart glasses into platforms combining cameras, microphones, artificial intelligence, and biometric processing is increasingly challenging regulators, technologists, and consumers alike. There is the question as to whether privacy safeguards can keep pace with the capabilities being built into the next generation of wearable computing devices.

A growing number of wearable devices can collect, analyze, and interpret real-world data, thereby expanding the debate from what a wearable device can achieve to how it should be utilized responsibly. In Meta's facial-recognition prototype, questions arise that illustrate an underlying cybersecurity and privacy challenge faced by the industry: ensuring that innovation relating to biometric data is accompanied by transparency, accountability, and meaningful user protections.

Organizations and consumers should take note that features involving identity recognition should be carefully scrutinized, particularly as the lines between convenience, surveillance, and privacy become increasingly blurred.

Why Privacy-Conscious Users Should Think Twice Before Storing Sensitive Files on Google Drive



 

Technology

cloud storage security End-to-End Encryption Google Drive encryption Google Drive privacy Google Drive security Technology

Why Privacy-Conscious Users Should Think Twice Before Storing Sensitive Files on Google Drive

Google Drive has become an essential tool for millions of users worldwide. Whether it's storing contacts, backing up WhatsApp chats, or saving photos, videos, and important documents, the platform serves as a central hub for digital storage. Its deep integration with Google's ecosystem makes it a convenient choice for Android and Gmail users alike.

However, while Google Drive offers robust security against cyber threats, questions remain about whether it is the best place to store highly sensitive personal information. Documents such as passport scans, banking records, legal contracts, and tax returns may require an additional layer of protection beyond what the service provides by default.

From a security standpoint, Google Drive employs industry-standard safeguards. Data is encrypted while being transferred using TLS protocols, and files stored on Google's servers are protected with AES-128 encryption. Users can further strengthen account security through features like passkeys and two-factor authentication.

The key concern, however, lies in how the encryption system works. Unlike services that provide end-to-end encryption, Google retains control of the encryption keys used to access stored files. This means the company has the technical ability to decrypt and view user data when necessary.

"When you upload a file, Google encrypts it with a unique data encryption key, then encrypts that key with another key it controls, and stores both on its servers. To read the file, Google's systems unwrap the keys on the fly. With true end-to-end encryption, only your device holds the key, so even the service provider sees nothing but scrambled bytes. Google's setup doesn't meet that bar."

As a result, while hackers and unauthorized third parties face significant barriers in accessing files, Google itself can access stored content. Additionally, government agencies or courts may compel the company to share user data through legal processes because Google possesses the necessary decryption keys.

Another privacy consideration is automated content scanning. Google uses systems that review files for policy enforcement purposes, including identifying known illegal content and potential violations of its terms of service. Although the company states that Drive content is not used for advertising purposes, automated systems can sometimes generate false positives, potentially leading to account restrictions or suspensions.

Artificial intelligence is also expanding Google's access to stored data. As Gemini becomes more deeply integrated into Workspace products, it requires permission to analyze files in order to generate summaries and provide contextual assistance. While Google maintains that Drive files are not used to train its general AI models, some privacy advocates argue that increased AI integration broadens the potential exposure of personal information.

"This doesn't mean Google is malicious or will snoop on you. It means the threat model is different from what most people assume. You're not just trusting Google to fend off hackers; you're trusting it never to read, mishandle, or be compelled to share your data."

For users seeking stronger privacy protections, encrypting files before uploading them to Google Drive is often recommended. Applications such as Cryptomator allow users to create encrypted vaults on their devices, ensuring that files remain unreadable to Google. VeraCrypt is another option that enables users to create secure encrypted containers that can be synced to cloud storage services.

Those looking for built-in privacy protections may consider alternative platforms. Services such as Proton Drive, Tresorit, and Sync.com offer end-to-end encryption, ensuring that providers cannot access the contents of user files because they do not possess the decryption keys.

There are trade-offs, however. End-to-end encrypted files often cannot be searched by content, previewed in a browser, or edited collaboratively in the same way as standard cloud storage files. Additionally, users are solely responsible for managing recovery credentials, meaning forgotten passwords may result in permanent loss of access.

For particularly sensitive documents, some users may choose to avoid cloud storage altogether. External hard drives or self-hosted solutions such as Nextcloud can provide greater control over personal data while reducing dependence on third-party providers.

Despite these concerns, Google Drive remains a secure and practical solution for everyday storage needs, including photos, shared documents, and routine work files. The issue is less about security and more about privacy.

"The privacy story shifts when you start storing things that would hurt to lose to a stranger, a Google reviewer, or a court order. For those files, the answer isn't to abandon Drive but to stop treating it as a vault. Encrypt sensitive documents before you upload, or move them to a service that can't read them at all. The few minutes of friction are worth knowing that the most personal pieces of your life aren't sitting on a server with someone else's keys."

For privacy-focused users, the best approach may be to continue using Google Drive for convenience while reserving encrypted storage solutions for highly confidential files.

Hackers Exploit Fake Claude Code Installers and Install Malware



 

Technology

AI Claude Crypto Data Malware Attack Technology

Hackers Exploit Fake Claude Code Installers and Install Malware

Developers looking into Claude Code deployment instructions could be lured into an advanced malware campaign that hides itself as a genuine AI tooling documentation.

Fake Claude code exploit

Experts found a few fake Claude Code and developer platform websites built to steal credentials, cryptocurrency, and API keys.

According to Straiker researchers, “the attack chain runs on the same unchecked trust that makes AI developer tools so easy to adopt. “You copy a command. You paste it in your terminal. By then, it’s already too late,” said Straiker researchers in their analysis of the campaign.

Highlights of the fake Claude code campaign

1. Experts found over 88 fake domains mimicking Claude Code and other developer sites. The campaign utilises SEO infection and Google ads to deploy malicious install web pages over genuine documentation.

2. Threat actors hide infected commands within genuine installation commands, without impacting the deployment process.

3. The malware particularly attacks AI-based assets such as cloud development credentials, API keys, and verification tokens.

About the credential theft campaign

The campaign attacked users of famous AI and developer tools, such as Claude Code, JetBrains, Perplexity Comet, and Cline.

As per the experts, the operation depends on over 88 domains hosted throughout genuine platforms and constantly shuffles infrastructure, letting malicious sites to immediately resurface after shutdowns. To trap targets, threat actors use redirect chains, SEO poisoning and paid Google ads that place scammed installations over genuine documentation in search results.

These websites closely impersonate genuine vendor resources and demonstrate installation commands that look genuine but include hidden separators, such as “&,” that launch malicious actions along with the expected software deployment.

In various incidents, the genuine command still runs effectively, helping hide the hack.

Delivery of malware and launch tactics

Experts found various delivery techniques, such as rundll32.exe loading infected DLLs, Base64-encoded commands, mshta.exe abuse, JavaScript-based payloads, and GitHub-hosted scripts.

By such techniques, hackers improve their potential to escape convention detection tools. Contrary to infostealers, the campaign pick on AI assets like authentication tokens, API Key, and cloud development credentials from tools such as Continue[.]dev, Cline.

After execution, the malware uses a multi-level malicious chain that features encoded C2 communications, anti-analysis capabilities, fileless execution tactics, and credential theft functions.

Experts found the primary payload as ACRStealer, a malware family that steals information and has developed to include sophisticated encryption and escape tactics. Experts also identified a cryptocurrency clipboard hacker that rediverts transactions by replacing copied wallet addresses.

Microsoft Unveils Project Solara, AI Agents to Replace Computing



 

Technology

AI ai agents Computing Microsoft Technology

Microsoft Unveils Project Solara, AI Agents to Replace Computing

Satya Nadella, Microsoft CEO, said computing has entered a new era where AI agents will take over to become the main interface, not applications or operating systems.

Microsoft launches project Solara

Microsoft also released Project Solara, a Qualcomm powered platform built to support Agentic-AI devices that can work across apps, screens, and workflows. According to Microsoft, the next era of computing will not be characterized by such things.

At the Microsoft Build 2026 developer conference, Nadella said that Microsoft is shifting from a world based on apps and devices to one where AI agents will dominate the main interface between computers and users.

Nadella said this while Microsoft showcased Project Solara, a new chip-to-cloud platform built in partnership with Qualcomm which is currently called “agent-first computing”. Microsoft said that agentic AI is developing beyond assistants integrated inside applications and will streamline operations across workflows. This may impact the future of computer usage.

Project Solara is based on the company’s belief that agentic AI will become the key technology for people to interact. Instead of running apps individually and tasks manually, users will use AI agents.

About Project Solara

It is a chip-to-cloud platform that integrates Azure cloud services, hardware, and software to enable agent-first usage. It will also allow people to interact dynamically with AI via specific form factors. Solara is built around the goal that AI agents are the latest unit of programming and a novel way for people to interact with computers.

In a research paper published around the same time, Microsoft said that computing has shifted from mainframes to PCs, smartphones, and IoTs.

Each generation inches closer to users. AI agents will become the next interaction layer, letting people interact with computers via natural language instead of interfaces, menus, and navigating apps.

How will the AI agents replace apps?

Microsoft laid three levels of integrating AI.

In the first stage, AI is put beside an app as a helper, like the LLM chatbots of today.

In the second level, AI is directly integrated inside apps, which makes it central to user experience.

In the third level, AI operates outside the individual apps, streamlining workflows while maintaining context. Solara is particularly built for the third stage.

Cyber Security: Six Cyber Threats to Look Out for in 2026



 

Technology

AI Cloud Data Deepfakes Phishing Technology

Cyber Security: Six Cyber Threats to Look Out for in 2026

With industries being digitized, cybercrime is also advancing. This year, besides being opportunistic, threats have also become highly targeted, intelligent, and automated.

The data comes from UK Government’s Cyber Security Breaches Survey 2025, which hints that 43% of businesses and 30% of charities listed an attack or a cyber breach or attack in the past 12 months. That’s a surprising 61,000 charities and 612,000 businesses impacted.

Despite the data, businesses can lower their risk of cyber threats. But it is important to understand these key risks to stay safe and prepare for the next danger.

Six rising common cyber threats

1. Deepfakes: Deepfakes have shifted from niche technology to a major threat. Hackers nowadays use AI-generated audio and media to mimic organization staff. This can be risky in procurement or finance, where hackers push staff to send funds, share personal data, or approve finances, where the hackers pose as business leaders.

2. Supply-chain attacks: Instead of targeting organizations directly, hackers are targeting third-party vendors to get access to various firms at once via supply-chain attacks. The attack tactic abuses trust and internal security sometimes may not address all the threats in the supply chain. One hacked vendor can prompt a domino effect throughout hundreds of businesses.

3. AI-powered phishing hacks: Phishing is one of the most common attacks in the past 12 months, and the tactic has changed significantly over the years. Most of the phishing attacks today are supported by AI tools and hackers are copying internal comms.

4. Credential stuffing attack: Weak passwords are the biggest reasons for hacks these days. In such attacks, hackers use stolen login credentials from past hacks and test them automatically across distinct platforms.

5. IoT and device flaws: As IoT is increasing, the hack surface also widens. Many devices such as sensors, cameras and industrial machinery still have limitations. Hackers abuse these flaws to access larger corporate networks. Traditional cyber security methods tend to ignore these flaws, and this has resulted in a significant risk.

6. Cloud errors: A simple thing such as exposed storage bucket or false access setting can expose sensitive data publicly accessible. These cases don’t get hacked as the information is unprotected. Currently, cloud storage environments are advanced, and building robust configuration hygiene has become a top critical priority.

Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million



 

Technology

AI Akira Convention Center Data Ransomware Technology

Akira Gang Claims Ransomware Attack at Convention Center, Extorts $250 Million

Akira gang extorts $250 million

Akira, the infamous ransomware gang has extorted over $250 million from businesses globally. It is now blackmailing to leak 46 GBs of data allegedly extorted from the Buffalo Convention Center. The stolen data includes financial information, contracts, employee records, and private data linked to around 1,80,000 people.

What do the experts say?

Resilience director at Gate 15, Ben Taylor has warned that ransomware gangs often boast the amount of data stolen. The alleged figure of 1,80,00 impacted people suggests data retrieved via a third-party provider, exaggerated claims to extort victims, or direct breach of venue systems.

The dark web monitoring firm Breach Sense verified the Buffalo Convention Center data breach. The FBI has classified Akira as a ransomware-as-a-service gang that extorted over $250 million from hundreds of businesses since 2023.

Convention centres have become a lucrative target for hackers

Convention centers, which increasingly act as repository for guest registrations, exhibitor information, payment data, contracts, and operational systems, are facing an escalating cybersecurity issue as a result of the alleged incident.

Ransomware gangs claim that they have gained access to a company in order to obtain leverage for a swift and simple payment. According to Taylor, there are situations in which these assertions are true and some that are not.

Ransomware as double extortion

Additionally, the attack illustrates how contemporary ransomware operations have evolved. "Double extortion" is a common method used by organizations such as Akira. Before encrypting networks, they take confidential files and threaten to reveal the information if payment is not received.

According to Taylor, developments in AI are intensifying the problem by making it simpler to scale and customize phishing campaigns and other cybercrime tactics.

About the victims

Buffalo Convention Center was not the only enterprise to suffer a ransomware attack.

High-case hospital hacks showcase the operational effect of a ransomware attack. According to MGM Resorts, in 2023, a cyberattack leaked personal data linked to millions of guests and impacted hotel operations for days. Another famous enterprise, Caesars Entertainment was also breached and allegedly paid $15 million in ransom to hackers.

The dangers go beyond convention centers. In April, Carnival Corporation was attacked by a gang that claims to have stolen over 8.7 million records such as dates of birth, names, and other personal data.

BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility



 

Technology

AI In Manufacturing AI Robotics automotive technology Factory Automation Humanoid Robots Industrial Automation Physical AI Smart Manufacturing Technology

BMW advances humanoid robotics in vehicle production, testing AI-powered automation designed to improve efficiency and factory flexibility

In response to the increasing efforts of automotive manufacturers to modernize factory processes, BMW is exploring an innovative approach to industrial automation that goes beyond conventional robotics. As part of its Leipzig facility, the company is testing humanoid robots developed by Hexagon Robotics, signaling a shift toward machines designed to work within existing production environments rather than require a separate infrastructure.

The human-shaped robotic system has differences from traditional robotic arms in that it is able to maneuver factory floors, interact with standard workstations, and perform tasks along with workers. The technology is expected to be deployed by BMW later this summer, as the company anticipates a practical step towards more flexible, scalable, and digitally integrated manufacturing in which humanoids will perform repetitive physical tasks while adapting to production workflows previously designed for humans.

AEON, the humanoid platform developed by Swiss technology company Hexagon Robotics and specifically designed for industrial environments, is at the core of BMW's latest initiative. Its height is approximately 1.65 meters and its weight is 60 kilograms. Aside from offering human-like mobility, the robot also has practical manufacturing capabilities, such as the ability to handle loads up to 15 kilograms for short-term tasks and 8 kilograms when operated continuously.

A number of strategic areas within the automotive sector will require new production requirements as a result of vehicle electrification, including high-voltage battery assembly and component manufacturing. Despite the widespread application of advanced robotics in automobile manufacturing since the 1940s, BMW's objective goes beyond traditional automation by incorporating automated welding cells, guided transport systems, and digital quality control technologies.

In order to improve the safety and efficiency of manufacturing operations, the company is testing AI-enabled humanoid systems that are capable of performing repetitive, physically demanding, and safety-sensitive tasks within existing production environments without the need for significant changes to existing factory layouts.

Earlier pilot programs at BMW's Spartanburg plant have already provided valuable insights into the project, enhancing the group's strategy to enhance manufacturing efficiency and competitiveness by combining engineering expertise, artificial intelligence, and production digitalization. The BMW Group has established a Center of Competence for Physical AI in Production to accelerate adoption of emerging technologies.

The validation process includes laboratory testing, integration assessments, and live factory deployments prior to implementing full-scale pilot programs. In collaboration with Hexagon, a longstanding BMW collaborator in sensor technologies and industrial software, this framework is now being applied to the Leipzig rollout, which is currently underway.

After an initial test deployment in December, as well as expanded evaluations beginning in April, the project has entered its pilot phase. AEON will be evaluated during the summer of Europe in real-life production conditions. A multi-grip mechanism, scanning tool, and wheeled mobility systems have been incorporated into the robot's architecture to enable it to move across factory floors while adapting to a wide range of manufacturing tasks.

Additionally, the initiative is based upon lessons learned from BMW’s collaboration with Figure AI at Spartanburg Plant, where the Figure 02 humanoid robot was instrumental in producing more than 30,000 BMW X3 vehicles over a ten-month period. Over 90,000 component-handling actions were completed over a period of approximately ten months, and approximately 1,250 operating hours were accumulated, demonstrating the system's ability to perform precision-intensive welding preparation tasks with millimeter-level accuracy over a period of approximately ten-hour shifts daily.

A key finding of BMW's study was the rapid transition of laboratory-trained motion sequences into stable production processes, demonstrating the maturing nature of physical artificial intelligence. The company is currently evaluating next-generation humanoid platforms, and believes that these deployments are not intended to replace existing automation, but rather to add another layer of intelligence to future vehicle production lines that will expand operational flexibility.

In addition to testing the hardware itself, BMW is also experimenting with how humanoid robots can acquire industrial skills through their experiments. A combination of teleoperation and advanced simulation technologies has been used to train AEON, which utilizes sensors that capture human motion along with a digital twin of the factory environment powered by NVIDIA software to analyze human motion data.

Through reinforcement learning, the robot repeatedly performs tasks in a virtual production model, which allows it to evaluate thousands of possible actions before it can operate on the factory floor to determine the most efficient execution path. By using teleoperation, robots are able to observe and replicate subtle variations associated with human actions, such as grasping, carrying, and positioning components.

In this way, Hexagon Robotics asserts that emerging techniques such as imitation learning are accelerating the development process considerably, allowing robots to learn from videos and motion-tracking data rather than from lengthy programming and testing procedures alone. During the training process, the objective is to decrease the length of time it takes to train machines to adapt to dynamic manufacturing environments from months to days.

Experts are predicting that the technology will soon be able to handle routine industrial tasks independently, based on straightforward voice commands, although such capabilities are still being actively developed and are unlikely to be widely deployed anytime soon. A new generation of AEON robots has been designed with practical factory operations in mind.

Although each unit can operate for approximately three hours on a single charge, the system can self-replace its battery within approximately three minutes, including travel to and from a charging station, ensuring that it is productive throughout extended manufacturing shifts. As part of BMW's battery assembly processes, robots are assigned highly specific responsibilities, including feeding components into manufacturing equipment, performing precision pick-and-place operations, and providing components for assembly.

Designed as multifunctional platforms, they are expected to maintain consistent task assignments to ensure maximum operational effectiveness. The technology, according to executives at the company, helps manufacturers address anticipated labour shortages in the upcoming years by supporting workers in physically demanding or repetitive roles.

A number of historical automation trends have been highlighted by BMW, arguing that technology has typically reshaped jobs rather than eradicating them, creating new opportunities and enhancing production capability. As the automotive industry moves in a similar direction, Toyota has evaluated Digit humanoid robots from Agility Robotics, while Xiaomi has tested its own humanoid systems for use in electric vehicles production.

Through the deployment of Spot inspection robots and the announcement that Atlas humanoid robots will be introduced by Boston Dynamics, Hyundai has expanded its robotics strategy. As a result of BMW's own experience with the Figure 02 robot in Spartanburg, it became increasingly evident that AI-driven robotics can be highly effective for adaptive tasks.

AI-enabled humanoid systems, as opposed to traditional industrial robots which frequently fail when objects deviate from predefined positions, are capable of interpreting changes in orientation or placement and continuing to operate without interruption. A major advantage of physical AI is its flexibility, which allows robots to be effective in real-world production environments in which variable conditions are inevitable.

AEON's design philosophy is also important in determining how these machines are integrated into factory operations. In contrast to the walking Figure robot, AEON uses wheels to move, which BMW believes is more suitable for industrial environments in which speed, efficiency, and predictability are paramount over human-like locomotion. Moreover, the company has gained experience using specialized robotic platforms, such as Boston Dynamics' Spot robot, for inspections of areas that cannot be reached by conventional automated systems, such as stairways and basement machinery zones. It is also important to consider the human aspect during the inspection process.

In BMW's report, employees have expressed satisfaction with the introduction of robotic colleagues, demonstrating a trend observed across industrial automation projects where workers often personalise machines and consider them a component of the operation team. As part of AEON's design, Hexagon has included a visual communication system that indicates whether the robot is currently performing a task or whether it is awaiting instructions, enabling a safer collaboration.

Analysts in the industry continue to stress the importance of realistic expectations as enthusiasm for humanoid robotics grows. They point out that public demonstrations sometimes give the impression that capabilities are greater than current technical limitations. It is apparent that humanoid robots are becoming increasingly capable industrial tools; however, their near-term value rests largely on their ability to execute targeted manufacturing tasks along with human workers with consistency, adaptability, and precision.

In an era of AI-driven transformation in automotive production, BMW's humanoid robotics initiative underscores how intelligent machines are evolving from experimental concepts into tangible industrial assets. In addition to focusing on physical AI, adaptive learning, and real-world deployments, the company is moving toward more flexible manufacturing ecosystems that are able to adapt to evolving production demands with greater agility.

With the increasing integration of these technologies into the digital infrastructure, organizations will need to pay equal attention to operational resilience, system integrity, and AI governance. Whether autonomous industrial systems are to be successful long-term will be dependent not only on their ability to perform complex tasks, but also on safeguards that ensure that they operate safely, reliably, and securely alongside humans.

Revolut Begins Limited Beta Rollout in India Ahead of Wider Launch



 

UPI payments

digital payments India fintech India Revolut app Revolut beta launch Revolut India Technology UPI payments

Revolut Begins Limited Beta Rollout in India Ahead of Wider Launch

British fintech company Revolut has started introducing its services in India through a controlled beta rollout, taking a major step toward establishing its presence in one of the world's fastest-growing digital payments ecosystems.

Earlier this year, Revolut opened registrations for its India-focused app, and over the past few weeks, selected users from its waiting list have begun receiving access to the platform. The company confirmed that several thousand customers are already using its services as part of the early-stage rollout.

The move represents an important development in Revolut’s long-term strategy to enter the Indian market, where the government-backed Unified Payments Interface (UPI) has revolutionized digital transactions. UPI currently contributes nearly half of the world's real-time payment volumes and processed a record 23.2 billion transactions worth ₹29.9 trillion (approximately $313.8 billion) in May, according to government figures.

A Revolut spokesperson confirmed the company is currently “in the controlled onboarding of waitlisters” and noted that a localized beta version of the app is available on both the Google Play Store and Apple App Store.

“This is being done in order to gather feedback on core product functioning and enhance the overall customer experience and the value proposition before opening up the platform for a larger audience,” the spokesperson said.

At present, access is restricted to a limited portion of the nearly 450,000 users who have signed up for the waitlist.

Customers participating in the beta program can use a range of services, including UPI payments, e-money wallets, domestic prepaid cards, multi-currency cards, virtual cards, and disposable cards. The company also plans to introduce its Lifestyle and RevPoints features before extending access to a broader user base. However, family and joint accounts, available in some international markets, will not be introduced in India because such offerings require a banking license.

Revolut has been steadily building its India operations since 2021. To strengthen its local presence, the company appointed fintech veteran Paroma Chatterjee to oversee its India business. In 2022, it acquired Arvog Forex to expand its regulatory footprint and support services such as remittances and multi-currency accounts. The company later obtained a prepaid payment instrument (PPI) license from the Reserve Bank of India, enabling it to issue prepaid cards, operate digital wallets, and connect with the UPI network.

While Revolut has not disclosed a firm timeline for its nationwide launch, the company indicated that direct onboarding for all users is expected in the “near future.” Previously, Chatterjee had stated in a LinkedIn post that the company was targeting a full-scale launch during the second quarter.

The fintech giant is positioning itself to attract India's rapidly expanding population of digitally connected consumers. Revolut has previously outlined ambitions to serve over 150 million “globally aspiring, digitally native” Indians between the ages of 25 and 45. The company aims to onboard around 20 million users by 2030 and facilitate transactions exceeding $7 billion.

Interest in the platform has grown significantly ahead of the official launch. Data from Sensor Tower shared with TechCrunch estimates that Revolut’s app has been downloaded nearly 820,000 times in India since becoming available on app stores. More than one-third of those downloads occurred during 2025 and the early months of 2026.

Although Europe remains Revolut’s strongest region by app downloads, with major markets including France, the United Kingdom, Spain, Italy, and Germany, the company is increasingly focusing on emerging economies to drive future growth. Sensor Tower data indicates that app downloads increased by 40% in Thailand and 52% in Vietnam during 2025. In Brazil, downloads jumped 487% year-on-year to 1.8 million, underscoring the strategic importance of markets like India in Revolut’s global expansion plans.

University of Toronto Researchers Demonstrate Autonomous AI Worm That Adapts, Exploits, and Self-Replicates Without Human Control



 

University of Toronto research

AI worm autonomous malware Cybersecurity Threats Large Language Models self-replicating worm Technology University of Toronto research

University of Toronto Researchers Demonstrate Autonomous AI Worm That Adapts, Exploits, and Self-Replicates Without Human Control

kResearchers from the University of Toronto have developed and tested a proof-of-concept artificial intelligence-powered computer worm capable of independently navigating networks, identifying vulnerabilities, creating customized attack plans, and replicating itself without human assistance. Notably, the system operates using a locally hosted open-weight large language model (LLM), eliminating reliance on commercial AI platforms.

The research paper, published on arXiv on June 2 and currently undergoing peer review, highlights a growing cybersecurity concern: traditional patching strategies focused on individual vulnerabilities may become ineffective against malware that can dynamically analyze systems, consume newly published security advisories, and generate attack methods in real time.

During testing, the AI worm was deployed in 15 isolated experiments across a purposely vulnerable network consisting of 33 hosts. On average, it discovered 31.3 vulnerabilities and obtained elevated privileges on 23.1 systems. The worm successfully replicated itself to 20.4 hosts, covering approximately 62% of the network over a seven-day period without prior knowledge of the network structure or any human guidance.

How This AI Worm Differs From Traditional Malware

Conventional worms are typically designed with predefined exploits. Once those vulnerabilities are patched, the malware's ability to spread is significantly reduced.

The Toronto researchers took a different approach. Their worm leverages an open-weight large language model running on a single GPU to create attack strategies on demand. Instead of depending on a fixed exploit chain, it generates tailored attack logic based on the characteristics of each target system. It also functions independently of commercial AI services, meaning it is not subject to API restrictions, rate limits, or account suspensions.

Inside the Experiment

The project was led by Associate Professor Nicolas Papernot and involved researchers from the University of Toronto, the Vector Institute, the University of Cambridge, and ServiceNow.

Testing took place on an isolated environment known as "FakeCorp," which consisted of 33 hosts running a variety of operating systems, including Ubuntu, Debian, Rocky Linux, Alpine Linux, Windows Server 2008 R2, Windows Server 2019, Windows Server 2022, and several IoT devices.

Every host contained at least one genuine vulnerability. Five machines were equipped with GPUs. During primary experiments, the worm used a shared GPU inference pool to emulate computational resources obtained from compromised systems. Researchers also tested full GPU-based replication, where the worm deployed its own LLM on an infected GPU machine. This approach achieved a success rate of 68.8%.

Under this architecture, compromised GPU systems acted as reasoning hubs, supplying AI inference capabilities to less powerful devices that could not run the model independently.

Across all 15 tests, the worm achieved elevated access on an average of 23.1 hosts and successfully replicated to 88% of those systems. The malware propagated through as many as seven generations, averaging 5.1 generations overall.

Researchers emphasized that the network was intentionally vulnerable and designed to evaluate autonomous reasoning and exploitation rather than represent a heavily secured enterprise environment.

Dynamic Exploitation of Multiple Vulnerabilities

The worm successfully leveraged a broad range of vulnerabilities, including SambaCry, Dirty Pipe, PrintNightmare, Drupalgeddon 2, Exim Remote Code Execution, blind SQL injection flaws, JWT authentication bypasses, Redis escapes, and others.

What makes these results notable is that the exploits were not hardcoded into the malware. Instead, the AI agent analyzed available information and independently determined suitable attack paths for each host.

According to the study, individual exploit attempts succeeded approximately 44% of the time. Most failures resulted from payload syntax issues rather than incorrect reasoning. Researchers observed stronger performance against Linux privilege-escalation and service vulnerabilities, while Windows privilege escalation and web application attacks proved more challenging.

Exploiting Newly Disclosed Vulnerabilities

A significant finding was the worm's ability to overcome its training-data limitations by consuming public vulnerability advisories in real time.

The system successfully exploited three vulnerabilities that were disclosed after the model's training period:

CVE-2026-39987, a pre-authentication remote code execution flaw affecting Marimo Python notebooks.
CVE-2026-31431 (CopyFail), a Linux kernel privilege-escalation vulnerability.
CVE-2026-43284 and CVE-2026-43500 (DirtyFrag), Linux kernel privilege-escalation flaws.

Across these targets, the worm achieved root-level access in 41 out of 67 attempts.

Researchers pointed to the increasingly narrow window between disclosure and exploitation. CVE-2026-39987, for example, was publicly disclosed on April 8, 2026. Security firm Sysdig reportedly observed exploitation activity less than ten hours later and documented an intrusion involving an LLM-based agent used during post-compromise operations.

Why Containment Becomes More Difficult

The researchers identified two key factors that could make AI-driven worms harder to contain than traditional malware.

First, operating costs shift from paid API access to the computational resources available on compromised machines. Once attackers gain access to GPU-capable systems, the malware can continue operating without incurring external service costs.

Second, the use of open-weight models removes dependency on AI vendors. As a result, provider-side safety controls such as service refusals, account suspensions, and rate limiting become ineffective.

The team also observed instances where the worm modified its own code to bypass local security measures, despite not being explicitly programmed to do so.

Importantly, the prototype lacked several advanced malware capabilities. It did not include encryption, persistence mechanisms, polymorphic code, process masquerading, or log-cleaning functions. Researchers noted that a malicious version incorporating these features would be significantly harder to detect.

Placing the Research in Context

While AI-powered worm research is not entirely new, the Toronto project represents a distinct advancement.

Earlier projects such as Morris II focused on spreading through AI applications and email assistants. In 2026, ClawWorm demonstrated self-replication across LLM agent ecosystems by compromising persistent configurations and spreading between agents.

The Toronto worm differs because it targets traditional network infrastructure rather than AI systems themselves. In this case, the large language model serves as the attack engine rather than the attack target.

The findings also align with broader industry observations. Security researchers have increasingly documented AI-assisted cyber operations involving reconnaissance, exploit development, credential theft, lateral movement, and data exfiltration.

Recommended Defensive Measures

Although the prototype lacked stealth capabilities, researchers identified several practical steps organizations can take to reduce risk:

Isolate GPU-enabled systems through strict segmentation and zero-trust controls to prevent them from becoming centralized AI reasoning hubs.

Treat newly disclosed vulnerabilities as high-priority risks and accelerate patching for internet-facing systems.

Immediately rotate credentials on compromised or potentially compromised devices to limit lateral movement.

Monitor for behavioral indicators such as unusual port activity, automated SSH key deployment, and unexpected AI inference workloads on endpoints.

The experiments demonstrated that the worm could gain root access on newly disclosed vulnerabilities in 41 out of 67 attempts and spread across 62% of a network within seven days without additional human involvement. Researchers warn that once an attacker establishes a GPU foothold in a poorly segmented environment, the cost of identifying and exploiting new targets decreases substantially.

The implementation has not been publicly released. The University of Toronto is currently establishing a vetting process through which qualified defensive researchers may request access to the system for further study.

WhatsApp to Roll Out Username Feature, No Mobile Number Required



 

AI Cloud Instagram Messaging Technology Telegram WhatsApp

WhatsApp to Roll Out Username Feature, No Mobile Number Required

WhatsApp will launch a new feature where users can opt for usernames and connect with others without putting mobile numbers. The feature is similar to the famous messaging app Telegram and also Instagram. The new update will allow users to share a unique username instead of their contact number for chats.

About feature development

“WhatsApp has worked to ensure that the username experience is stable and secure. For this reason, the rollout of usernames is taking a significant amount of time. Over the years, the code of the app has been extensively updated to make sure all existing features are fully compatible with usernames. So WhatsApp focused on testing and refining the feature carefully before making it widely available. It seems that WhatsApp is set to roll out the username feature to users as part of a phased rollout strategy over the coming months,” Whatsapp said in its blog.

Users will still have the option to continue using WhatsApp as usual if they so choose. Phone numbers will still be linked to accounts for login and recovery purposes, but each account will support a single username that can be changed at a later time without impacting chats or account activity.

How to setup

Soon, both Android and iPhone users of WhatsApp will be able to create usernames straight from the app's Settings menu. Users must visit their profile settings, select the Username option when it appears, and pick a distinctive handle for their account in order to set one up. Before the chosen username can be kept, WhatsApp will automatically check if it is legitimate and accessible.

Safety first

In order to avoid confusion and abuse, the site is also implementing strict guidelines for usernames. Usernames can only contain letters, digits, periods, underscores, and at least one letter; they must be between three and thirty-five characters long. Some formats will not be accepted, such as usernames that start with "www," finish in domain-style extensions, or have repeated periods.

What about user privacy?

By enabling users to communicate without disclosing their phone numbers, the function aims to increase privacy. Once enabled, users can speak with buyers, sellers, community organizations, or new connections using their usernames rather than their personal mobile numbers. Only the selected handle—rather than the associated phone number—will be visible to those who contact you using the username.

With a wider deployment anticipated later in 2026, WhatsApp has already begun testing usernames with a small number of iOS and Android users. According to the firm, usernames will continue to be optional, so users can continue to use WhatsApp with just their phone numbers if they so choose. Even once usernames are implemented, phone numbers will still be used for account sign-ins, verification, and recovery.

Meta Rolls Out Paid Plans for Facebook, Instagram, and WhatsApp



 

AI Ecosystem Business Creators Facebook Instagram Meta Technology WhatsApp

Meta Rolls Out Paid Plans for Facebook, Instagram, and WhatsApp

Meta has announced a wide expansion of its subscription business, introducing new paid plans for Facebook, Instagram, and WhatsApp users while preparing additional premium offerings aimed at artificial intelligence users, content creators, and businesses.

The move reflects the company's broader effort to build new revenue streams beyond advertising and provide advanced tools for users willing to pay for additional functionality across Meta's ecosystem.

The newly launched consumer subscriptions are being rolled out globally under the names Instagram Plus, Facebook Plus, and WhatsApp Plus. The plans are priced at $3.99 per month for Instagram and Facebook, while WhatsApp Plus will cost $2.99 per month.

According to Meta, subscribers will gain access to features that are not available to regular users, including greater profile customization, enhanced engagement tools, audience insights, and personalization options. The company also indicated that additional capabilities are expected to be introduced over time as the service evolves.

Meta's Head of Product, Naomi Gleit, said the company intends to continue expanding the feature set available through these premium subscriptions.

New Features for Instagram Users

Among the three services, Instagram Plus introduces the largest collection of new tools.

Subscribers will be able to access expanded analytics for Stories, including data showing how often a Story has been replayed. The platform is also removing restrictions on custom Story audiences by allowing users to create multiple audience groups rather than relying solely on the existing Close Friends feature.

The subscription further provides options to increase content visibility. Users can spotlight one Story each week to reach a larger audience, extend the lifespan of Stories beyond the standard 24-hour period, and review Stories privately without appearing in viewer lists.

Additional management tools allow users to search through Story viewers more efficiently and publish content directly to profile highlights without distributing it through followers' feeds.

Instagram Plus also includes cosmetic and personalization features such as exclusive app icons, custom fonts for profile biographies, additional profile pins, and animated "Super Heart" reactions for Stories.

Many of these additions appear designed to help creators better understand audience behavior while giving active users more control over how their content is presented and shared.

Facebook Plus and WhatsApp Plus

Facebook Plus will offer many of the same social and personalization tools available through Instagram Plus.

WhatsApp Plus, however, focuses on messaging customization rather than content creation. Subscribers will gain access to interface themes, personalized notification sounds, premium sticker packs, expanded chat pinning capabilities, customized lists, and other features intended to make the messaging experience more flexible.

Separate From Meta Verified

Meta clarified that the new Plus subscriptions will operate independently from Meta Verified, the company's existing paid verification service.

Meta Verified currently focuses on identity verification, protection against impersonation attempts, and access to customer support benefits. The company has not announced plans to discontinue the service, meaning both subscription products will remain available simultaneously.

Meta One to Become Central Subscription Platform

Alongside the rollout of Plus subscriptions, Meta revealed plans for a broader subscription framework called Meta One.

The initiative will eventually bring together the company's growing collection of premium offerings under a single brand, covering consumer subscriptions, creator tools, business services, and artificial intelligence products.

AI-Focused Subscription Plans Enter Testing

Meta also plans to begin testing dedicated subscription plans for users of Meta AI.

The first tier, Meta One Plus, will be priced at $7.99 per month, while Meta One Premium will cost $19.99 monthly.

Both plans are expected to provide enhanced AI capabilities, but the Premium version will offer access to greater computing resources for more demanding requests. This includes support for deeper reasoning on complex tasks as well as increased image-generation and video-generation capacity across Meta's applications.

The company emphasized that Meta AI will continue to be available free of charge for casual users. The paid plans are intended primarily for those who require more advanced functionality or heavier usage limits.

Testing of the AI subscriptions is scheduled to begin next month in Singapore, Guatemala, and Bolivia. Meta also stated that future benefits may extend to users of its AI-powered smart glasses.

New Tools for Businesses and Creators

Separate subscription programs are also being developed for businesses and professional creators.

The first option, Meta One Essential, will cost $14.99 per month and includes account verification, protection against impersonation, and an expanded profile links page that allows users to direct audiences to websites and other online destinations.

A higher-tier offering called Meta One Advanced will be available for $49.99 per month.

Subscribers to this plan will receive all Essential benefits alongside additional growth and promotion tools. These include improved visibility within Facebook feeds, higher placement in Facebook and Instagram search results, enhanced "Follow" buttons on Reels, and automated invitations encouraging viewers to follow creator accounts.

The Advanced tier also introduces expanded analytics capabilities, including deeper audience insights and competitive performance data. Additional features include scheduling tools, account-sharing controls for moderators, and notifications when content is reused by others, enabling creators to request attribution for original material.

Future Strategy

Initial testing of the creator and business subscriptions is expected to take place in Bangladesh, Thailand, Morocco, and Saudi Arabia.

While Meta described several of these offerings as experimental, the company's long-term objective appears clear: establishing a subscription ecosystem that extends beyond social networking and includes creator services, business growth tools, and advanced artificial intelligence capabilities.

The announcement signals Meta's expanding focus on paid digital services as competition intensifies across social media and AI markets. By introducing multiple subscription tiers aimed at different user groups, the company is positioning itself to generate recurring revenue while offering specialized tools to users seeking more advanced functionality than its free services provide.

School Buses Could Become Surveillance Vehicles for Government in The US



 

Technology

AI ALPR Data Spying Surveillance Technology

School Buses Could Become Surveillance Vehicles for Government in The US

In the US, school buses may soon become surveillance vehicles, according to 404 media’s report. A review of leaked documents revealed plans to deploy buses with automatic license plate readers (ALPR).

The data will be allegedly given to government agencies. Already, privacy is a concerning issue amid rising data safety violations. Equipping buses with surveillance cameras will be unconstitutional and national-level spying of citizens in the US.

About the incident

Bus Patrol, US’ leading provider of school bus stop-arm cameras has over 40,000 AI-based cameras throughout 24 states. These cameras are allowed in 30 states, and are installed on school buses, and capture images of vehicles violating traffic rules when the bus is stopped.

The footages captured by the buses are “recorded, reviewed, and submitted to local law enforcement for review and final approval,” says BusPatrol.

Stop-arm cameras claim to improve driver behaviour near school buses and student safety, but they have faced backlashes for failing on both ends. Stop-arm cameras also generate millions of dollars for businesses like BusPatrol.

Currently, the firm plans to increase its data collection, revenue, and teaming with local law enforcement by changing stop-arm camera into ALPRs, as per the leaked BusPatrol documents.

Why is ALPR system an issue?

ALPR systems are run by firms such as Flock Safety. They record the license plate number of passing vehicles but unlike traffic signals or stop-cameras, ALPR "cameras photograph every vehicle that drives by and can use artificial intelligence to create a profile with identifying information that then gets stored into a massive data base,” said the Institute for Justice (I.J), a public interest law firm.

The data can be sent to law agencies which might use it for searching a vehicle or driver without requiring a legal warrant. The ALPR cameras fixed on moving school buses will help enforcement agencies to capture every moving vehicle they come across.

Flawed implementation

Without ethical enforcement, these cameras can be exploited. joshua Windham, a senior I.J. attorney, announced a nationwide campaign to oppose the uncontrolled and unconstitutional deployment of ALPR technology.

Earlier ALPR systems’ data security has come under scrutiny after cases of sharing databases with immigration agencies surfaced despite company policies forbidding it.

In Kansas, an officer used the data to trace his ex-girlfriend whereas in Texas, officers used the data to search for a woman who got an abortion. Such incidents have caused a few communities to termiate their contracts and discontinue ALPR entirely.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Footer About

Labels

Showing result(s) for

Popular Posts

Pages

Menu Item

Fake Claude code exploit

Highlights of the fake Claude code campaign

About the credential theft campaign

Delivery of malware and launch tactics

Microsoft launches project Solara

About Project Solara

How will the AI agents replace apps?

Six rising common cyber threats

Akira gang extorts $250 million

What do the experts say?

Convention centres have become a lucrative target for hackers

Ransomware as double extortion

About the victims

About feature development

How to setup

Safety first

What about user privacy?

About the incident

Why is ALPR system an issue?

Flawed implementation