Viral social network "Moltbook" built entirely by artificial intelligence leaked authentication tokens, private messages and user emails through missing security controls in production environment.

Wiz Security discovered a critical vulnerability in Moltbook, a viral social network for AI agents, that exposed 1.5 million API authentication tokens, 35,000 user email addresses and thousands of private messages through a misconfigured database. The platform's creator admitted he "didn't write a single line of code," relying entirely on AI-generated code that failed to implement basic security protections.

The vulnerability stemmed from an exposed Supabase API key in client-side JavaScript that granted unauthenticated read and write access to Moltbook's entire production database. Researchers discovered the flaw within minutes of examining the platform's publicly accessible code bundles, demonstrating how easily attackers could compromise the system.

"When properly configured with Row Level Security, the public API key is safe to expose—it acts like a project identifier," explained Gal Nagli, Wiz's head of threat exposure. "However, without RLS policies, this key grants full database access to anyone who has it. In Moltbook's implementation, this critical line of defense was missing."

What's Moltbook

Moltbook launched January 28, as a Reddit-like platform where autonomous AI agents could post content, vote and interact with each other. The concept attracted significant attention from technology influencers, including former Tesla AI director Andrej Karpathy, who called it "the most incredible sci-fi takeoff-adjacent thing" he had seen recently. The viral attention drove massive traffic within hours of launch.

However, the platform's backend relied on Supabase, a popular open-source Firebase alternative providing hosted PostgreSQL databases with REST APIs. Supabase became especially popular with "vibe-coded" applications—projects built rapidly using AI code generation tools—due to its ease of setup. The service requires developers to enable Row Level Security policies to prevent unauthorized database access, but Moltbook's AI-generated code omitted this critical configuration.

Wiz researchers examined the client-side JavaScript bundles loaded automatically when users visited Moltbook's website. Modern web applications bundle configuration values into static JavaScript files, which can inadvertently expose sensitive credentials when developers fail to implement proper security practices.

What and How Data was Leaking

The exposed data included approximately 4.75 million database records. Beyond the 1.5 million API authentication tokens that would allow complete agent impersonation, researchers discovered 35,000 email addresses of platform users and an additional 29,631 early access signup emails. The platform claimed 1.5 million registered agents, but the database revealed only 17,000 human owners—an 88:1 ratio.

More concerning, 4,060 private direct message conversations between agents were fully accessible without encryption or access controls. Some conversations contained plaintext OpenAI API keys and other third-party credentials that users shared under the assumption of privacy. This demonstrated how a single platform misconfiguration can expose credentials for entirely unrelated services.

The vulnerability extended beyond read access. Even after Moltbook deployed an initial fix blocking read access to sensitive tables, write access to public tables remained open. Wiz researchers confirmed they could successfully modify existing posts on the platform, introducing risks of content manipulation and prompt injection attacks.

Wiz used GraphQL introspection—a method for exploring server data schemas—to map the complete database structure. Unlike properly secured implementations that would return errors or empty arrays for unauthorized queries, Moltbook's database responded as if researchers were authenticated administrators, immediately providing sensitive authentication tokens including API keys of the platform's top AI agents.

Matt Schlicht, CEO of Octane AI and Moltbook's creator, publicly stated his development approach: "I didn't write a single line of code for Moltbook. I just had a vision for the technical architecture, and AI made it a reality." This "vibe coding" practice prioritizes speed and intent over engineering rigor, but the Moltbook breach demonstrates the dangerous security oversights that can result.

Wiz followed responsible disclosure practices after discovering the vulnerability January 31. The company contacted Moltbook's maintainer and the platform deployed its first fix securing sensitive tables within a couple of hours. Additional fixes addressing exposed data, blocking write access and securing remaining tables followed over the next few hours, with final remediation completed by February 1.

"As AI continues to lower the barrier to building software, more builders with bold ideas but limited security experience will ship applications that handle real users and real data," Nagli concluded. "That's a powerful shift."

The breach revealed that anyone could register unlimited agents through simple loops with no rate limiting, and users could post content disguised as AI agents via basic POST requests. The platform lacked mechanisms to verify whether "agents" were actually autonomous AI or simply humans with scripts.

Also read: How “Unseeable Prompt Injections” Threaten AI Agents

French lawmakers have approved a social media ban for children under 15, a move aimed at protecting young people from harmful online content. The bill, which also restricts mobile phone use in high schools, was passed by a 130-21 vote in the National Assembly and is expected to take effect at the start of the next school year in September. French President Emmanuel Macron has called for the legislation to be fast-tracked, and it will now be reviewed by the Senate. “Banning social media for those under 15: this is what scientists recommend, and this is what the French people are overwhelmingly calling for,” Macron said. “Our children’s brains are not for sale — neither to American platforms nor to Chinese networks. Their dreams must not be dictated by algorithms.”

Why France Introduced a Social Media Ban for Children

The new social media ban for children in France is part of a broader effort to address the negative effects of excessive screen time and harmful content. Studies show that one in two French teenagers spends between two and five hours daily on smartphones, with 58% of children aged 12 to 17 actively using social networks. Health experts warn that prolonged social media use can lead to reduced self-esteem, exposure to risky behaviors such as self-harm or substance abuse, and mental health challenges. Some families in France have even taken legal action against platforms like TikTok over teen suicides allegedly linked to harmful online content. The French legislation carefully exempts educational resources, online encyclopedias, and platforms for open-source software, ensuring children can still access learning and development tools safely.

Lessons From Australia’s Social Media Ban for Children

France’s move mirrors global trends. In December 2025, Australia implemented a social media ban for children under 16, covering major platforms including Facebook, Instagram, TikTok, Snapchat, Reddit, Threads, X, YouTube, and Twitch. Messaging apps like WhatsApp were exempt. Since the ban, social media companies have revoked access to about 4.7 million accounts identified as belonging to children. Meta alone removed nearly 550,000 accounts the day after the ban took effect. Australian officials said the measures restore children’s online safety and prevent predatory social media practices. Platforms comply with the ban through age verification methods such as ID checks, third-party age estimation technologies, or inference from existing account data. While some children attempted to bypass restrictions, the ban is considered a significant step in protecting children online.

UK Considers Following France and Australia

The UK is also exploring similar measures. Prime Minister Keir Starmer recently said the government is considering a social media ban for children aged 15 and under, along with stricter age verification, phone curfews, and restrictions on addictive platform features. The UK’s move comes amid growing concern about the mental wellbeing and safety of children online.

Global Shift Toward Child Cyber Safety

The introduction of a social media ban for children in France, alongside Australia’s implementation and the UK’s proposal, highlights a global trend toward protecting minors in the digital age. These measures aim to balance access to educational and creative tools while shielding children from online harm and excessive screen time. As more countries consider social media regulations for minors, the focus is clear: ensuring cyber safety, supporting mental health, and giving children the chance to enjoy a safe and healthy online experience.

Cyble and The Cyber Express has announced a high-impact ai cybersecurity webinar February 2026, bringing urgent focus to the growing convergence of AI-driven cybercrime, ransomware escalation, and hacktivism-led disruption. Titled “AI, Ransomware & Hacktivism: The Cyber Risk Shift Most Leaders Are Failing to See,” this timely ai ransomware webinar February 2026 will feature Lt Gen (Dr) Rajesh Pant, Chairman, Cyber Security Association of India and Former National Cyber Security Coordinator, Government of India. The Zoom webinar will take place on: Tuesday, 24 February 2026 4:00 PM IST Moderator: Mihir Bagwe, Principal Correspondent, The Cyber Express Registration is now open with FREE seats available, but slots are limited and seats are filling quickly. Register Now (FREE, Limited Seats): [Insert Registration Link Here]

Bonus for Registered Attendees: Annual Threat Landscape Report 2025

All registered attendees of the ai ransomware webinar February 2026 will receive a downloadable copy of the Annual Threat Landscape Report 2025. The 2025 threat landscape shows ransomware, hacktivism, and AI-enabled attacks continuing to scale despite global law enforcement disruptions. Based on millions of observations across dark web and open web sources — spanning industries, regions, and sectors, the report reveals:

• How attackers adapted
• Where defenses failed
• Which threats are set to persist into 2026

This makes the webinar a valuable learning and intelligence opportunity as organizations plan for ai cybersecurity 2026.

AI Cybersecurity Webinar February 2026: Why This Session Matters Now

This ai cybersecurity webinar February 2026 comes at a critical moment as the global cyber threat environment rapidly evolves under the influence of AI. Ransomware groups are increasingly using AI to automate targeting, improve evasion, and scale attacks across industries. At the same time, hacktivist campaigns are merging with organized cybercrime, creating hybrid threats that challenge both enterprise security teams and national infrastructure defenses. The rise of these combined risks is shaping the future of ai cybersecurity 2026, and leaders who fail to adapt now may face severe consequences in the year ahead.

Featuring Lt Gen (Dr) Rajesh Pant at the AI Ransomware Webinar February 2026

The upcoming ai ransomware webinar February 2026 will offer rare leadership-level insights from: Lt Gen (Dr) Rajesh Pant Chairman, Cyber Security Association of India Former National Cyber Security Coordinator, Government of India With decades of experience guiding national cyber preparedness and responding to global threat dynamics, Dr. Pant will share frontline perspectives on how AI is reshaping ransomware operations and hacktivism-driven cyber disruption.

What This AI Ransomware Webinar February 2026 Covers

This ai ransomware webinar February session will focus on the cyber risk shifts most leaders are still underestimating. Key discussion points include:

• How threat actors are using AI to expand ransomware campaigns
• Why hacktivism is converging with cybercrime networks
• The most dangerous cyber risk trends heading into ai cybersecurity 2026
• What CISOs must prioritize now to avoid reactive defenses later
• How leadership, policy, and execution often fail to align

The webinar will also explore evolving activity across the ai hacktivism website February 2026 landscape, where AI-enabled tactics are accelerating rapidly.

Here's Why You Should Attend This AI Cybersecurity Webinar February 2026

This ai cybersecurity webinar February 2026 is designed for CISOs, cyber risk leaders, security professionals, and decision-makers who need clarity on what comes next. By attending the ai ransomware webinar February 2026, participants will gain:

• Strategic understanding of AI-powered ransomware evolution
• Insights into the hacktivism-cybercrime overlap
• Practical guidance for preparing enterprise defenses for 2026
• Direct perspectives from one of India’s top cyber leaders

For professionals tracking threats through any ai hacktivism website, this session provides essential context and actionable takeaways. Register Now: Cybersecurity Webinar February 2026 (FREE, Limited Seats) FREE Registration | Limited Seat Slots | Seats Filling Quickly Don’t miss this essential ai cybersecurity webinar February 2026 and the must-attend ai ransomware webinar February 2026 discussion on the future of AI-driven cyber threats. Register Now (FREE) 

Ad fraud isn’t just a marketing problem anymore — it’s a full-scale threat to the trust that powers the digital economy. As Data Privacy Week 2026 puts a global spotlight on protecting personal information and ensuring accountability online, the growing fraud crisis in digital advertising feels more urgent than ever.

In 2024 alone, fraud in mobile advertising jumped 21%, while programmatic ad fraud drained nearly $50 billion from the industry. During data privacy week 2026, these numbers serve as a reminder that ad fraud is not only about wasted budgets — it’s also about how consumer data moves, gets tracked, and sometimes misused across complex ecosystems.

This urgency is reflected in the rapid growth of the ad fraud detection tools market, expected to rise from $410.7 million in 2024 to more than $2 billion by 2034. And in the context of data privacy week 2026, the conversation is shifting beyond fraud prevention to a bigger question: if ads are being manipulated and user data is being shared without clear oversight, who is truly in control?

To unpack these challenges, The Cyber Express team, during data privacy week 2026, spoke with Dhiraj Gupta, CTO & Co-founder of mFilterIt,  a technology leader at the forefront of helping brands win the battle against ad fraud and restore integrity across the advertising ecosystem. With a background in telecom and a passion for building AI-driven solutions, Gupta argues that brands can no longer rely on surface-level compliance or platform-reported metrics. As he puts it,

“Independent verification and data-flow audits are critical because they validate what actually happens in a campaign, not just what media plans, platforms, or dashboards report.”

Read the excerpt from the data privacy week 2026 interview below to understand why real-time audits, stronger privacy controls, and continuous accountability are quickly becoming non-negotiable in the fight against fraud — and in rebuilding consumer trust in digital advertising.

Interview Excerpt: Data Privacy Week 2026 Special

TCE: Why are independent verification and data-flow audits becoming essential for brands beyond just detecting ad fraud?

Gupta: Independent verification and data-flow audits are critical because they validate what actually happens in a campaign, not just what media plans, platforms, or dashboards report. They provide evidence-based accountability to regulators, advertisers, and agencies, allowing brands to move from assumed compliance to provable control. Importantly, these audits don’t only verify whether impressions are real; they also assess whether user data is being accessed, shared, or reused - such as for remarketing or profiling, in ways the brand never explicitly approved. In today’s regulatory environment, intent is no longer enough. Brands must be able to demonstrate operational control over how data moves across their digital ecosystem.

TCE: How can unauthorized or excessive tracking of users occur even when a brand believes it is compliant with privacy norms?

Gupta: In many cases, this happens not due to malicious intent, but because of operational complexity and the push for funnel optimization and deeper data mapping. Common scenarios include tags or SDKs triggering secondary or tertiary data calls that are not disclosed to the advertiser, and vendors activating new data parameters, such as device IDs or lead identifiers without explicit approval. Over time, incremental changes in tracking configurations can significantly expand data collection beyond what was originally consented to or contractually permitted, even though the brand may still believe it is operating within compliance frameworks.

TCE: How does programmatic advertising contribute to widespread sharing of user data across multiple intermediaries?

Gupta: Programmatic advertising is inherently multi-layered. A single ad impression can involve dozens of intermediaries like DSPs, SSPs, data providers, verification partners, and identity resolution platforms, each receiving some form of user signal for bidding, measurement, or optimization. While consent is often collected once, the data derived from that consent may be replicated, enriched, and reused multiple times across the supply chain. Without real-time data-flow monitoring, brands have very limited visibility into how far that data travels, who ultimately accesses it, or how long it persists across partner systems.

TCE: What risks do brands face if they don’t fully track the activities of their data partners, even when they don’t directly handle consumer information?

Gupta: Even when brands do not directly process personally identifiable information, they remain accountable for how their broader ecosystem behaves. The risks include regulatory exposure, reputational damage, erosion of consumer trust, and an inability to defend compliance claims during audits or investigations. Regulators are increasingly asking brands to demonstrate active control, not just contractual intent. Without independent verification and documented evidence, brands effectively carry residual compliance risk by default.

TCE: Why do consent frameworks sometimes fail to ensure that user data is controlled as intended?

Gupta: Consent frameworks are effective at capturing permission, but far less effective at enforcing downstream behaviour. They typically do not monitor what happens after consent is granted, whether data usage aligns with stated purposes, whether new vendors are added, or whether data access expands over time. Without execution-level oversight, consent becomes symbolic rather than operational. For example, data that was shared for campaign measurement may later be reused by third parties for audience profiling, without the user’s awareness and often without the brand’s visibility.

TCE: How can brands bridge the gap between regulatory intent and real-world implementation of privacy rules?

Gupta: Brands need to shift from document-based compliance to behaviour-based verification. This means auditing live campaigns, tracking actual data access, and continuously validating that data usage aligns with both consent terms and declared purposes. For instance, in quick-commerce or hyperlocal advertising, sensitive data like precise pin codes can be captured through data layers or partner integrations without the brand’s direct knowledge. Only runtime monitoring can surface such risks and align real-world execution with regulatory intent.

TCE: What strategies or tools can brands use to identify unauthorized data access within complex digital ecosystems?

Gupta: Effective control requires continuous, not one-time, oversight. Key strategies include independent runtime audits, continuous monitoring of data calls, partner-level risk scoring, and full data-journey mapping across platforms and vendors. Rather than relying solely on contractual assurances or annual audits, brands need ongoing visibility into how data is accessed and shared, especially as campaign structures, vendors, and technologies change rapidly.

TCE: How does excessive tracking or shadow profiling affect consumers’ privacy and trust in digital services?

Gupta: Consumers are becoming increasingly aware of how their data is used, and excessive or opaque tracking creates a perception of surveillance rather than value exchange. When users feel they have lost control over their personal information, trust declines, not only in platforms, but also in the brands advertising on them. For example, when consumers receive hyper-local ads on social media for products they were discussing offline, they often perceive it as continuous tracking, even if the data correlation occurred through indirect signals. This perception alone can damage brand credibility and long-term loyalty.

TCE: In your view, what will become the most critical privacy controls for organizations in the next 2–3 years? What practical steps can organizations take today?

Gupta: The most critical controls will be data-flow transparency, strict enforcement of purpose limitation, and continuous partner accountability. Organizations will be expected to prove where data goes, why it goes there, and whether that usage aligns with user consent and regulatory expectations. Privacy will increasingly be measured by operational evidence, not policy declarations. Practically, brands should start by independently auditing all live trackers and data endpoints, not just approved vendors. Privacy indicators should be reviewed alongside media and performance KPIs, and verification must be continuous rather than episodic. Most importantly, privacy must be treated as part of the brand’s trust infrastructure, not merely as a compliance checklist. Brands that invest in transparency and control today will be far better positioned as regulations tighten and consumer expectations continue to rise.

Researchers discover phishing toolkits specifically engineered for voice-based social engineering attacks—often called "vishing"—that synchronize fake login pages with live phone conversations to defeat multifactor authentication. These custom kits, sold as-a-service to criminals, enable attackers to control what victims see in their browsers while simultaneously coaching them through fraudulent authentication steps over the phone.

The phishing toolkits target major identity providers including Google, Microsoft, Okta and various cryptocurrency platforms. Unlike traditional phishing that relies solely on deceptive emails, these hybrid attacks combine real-time human manipulation with dynamic web interfaces that adapt to each victim's security setup.

"Once you get into the driver's seat of one of these tools, you can immediately see why we are observing higher volumes of voice-based social engineering," Moussa Diallo, threat researcher at Okta Threat Intelligence, said. The threat actor can use this synchronization to defeat any form of MFA that is not phishing-resistant.

How the Latest Phishing Toolkits Work

The kits employ client-side scripts allowing attackers to orchestrate authentication flows in victims' browsers during live calls, researchers at Okta Threat Intelligence found. This real-time control delivers the plausibility criminals need to convince targets to approve push notifications, submit one-time passcodes or take actions that bypass multifactor authentication controls.

Attack sequences typically follow a consistent pattern. Threat actors perform reconnaissance to learn employee names, commonly used applications and IT support phone numbers. They then set customized phishing pages live and call targets while spoofing the company's actual support number.

Callers convince victims to navigate to phishing sites under pretenses like IT security requirements or account verification. When victims enter credentials, attackers receive them instantly via Telegram. The attacker simultaneously enters these credentials into the legitimate login page to see which multifactor authentication challenges appear.

Here's where the real-time orchestration becomes devastatingly effective. Attackers update phishing sites on the fly to display pages matching whatever they're telling victims over the phone. If the legitimate service sends a push notification, the caller verbally warns the victim to expect it while simultaneously commanding their control panel to display a message implying the push was sent legitimately.\

Also read: ‘Unprecedented Scale’ of Credential Stuffing Attacks Observed: Okta

This synchronization provides unprecedented control. The phishing kits Okta analyzed include command-and-control panels showing attackers exactly what victims see, with options to dynamically switch between different authentication scenarios—push notifications, one-time passcodes, backup codes or other challenges.

The toolkits even defeat push notifications with number matching or number challenge verification—security features designed specifically to combat phishing. Because attackers interact directly with victims, they simply ask targets to select or enter specific numbers displayed in the push challenge.

Push with number matching/challenge is not phishing-resistant by definition, as a social engineer interacting on the phone with a targeted user can simply request a user to choose or enter a specific number," Okta's threat advisory explained.

Only phishing-resistant authentication methods like FIDO passkeys protect users from these attacks. These technologies cryptographically verify users without transmitting credentials that attackers can intercept or manipulate.

Diallo predicts the industry sits at the beginning of a wave of voice-enabled phishing attacks augmented by real-time session orchestration tools. The expertise required to conduct these social engineering campaigns is itself sold as-a-service, lowering barriers to entry for less technically skilled criminals.

Okta researchers observed newer phishing kits copying the real-time orchestration features from earlier toolkits, with fraudsters selling access to bespoke control panels customized for specific identity providers and cryptocurrency platforms rather than generic kits targeting multiple services.

Earlier kits offered basic credential harvesting across multiple platforms. Current-generation toolkits provide specialized capabilities synchronized specifically to caller scripts, creating seamless fraudulent experiences that closely mimic legitimate authentication flows.

Defenders face no ambiguity about necessary countermeasures. Organizations must enforce phishing-resistant authentication for resource access. Organizations can also frustrate social engineering actors by implementing network zones or tenant access control lists that deny authentication from anonymizing services favored by threat actors. The strategy requires knowing where legitimate requests originate and allowlisting those networks.

Some financial institutions and cryptocurrency exchanges experiment with live caller verification, where users can sign into mobile apps during phone calls to confirm whether they're speaking with authorized representatives.

The emergence of these synchronized vishing toolkits shows how social engineering continues evolving beyond simple deception into orchestrated attacks combining human manipulation with sophisticated technical infrastructure. Organizations relying on traditional multifactor authentication without phishing resistance face mounting vulnerability to these hybrid threats.

President Donald Trump has ordered the immediate withdrawal of the United States from several premier international bodies dedicated to cybersecurity, digital human rights, and countering hybrid warfare, as part of a major restructuring of American defense and diplomatic posture. The directive is part of a memorandum issued on Monday, targeting 66 international organizations deemed "contrary to the interests of the United States."

While the memorandum’s cuts to climate and development sectors have grabbed headlines, national security experts will be worries of the targeted dismantling of U.S. participation in key security alliances in the digital realm. The President has explicitly directed withdrawal from the European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE), the Global Forum on Cyber Expertise (GFCE), and the Freedom Online Coalition (FOC).

"I have considered the Secretary of State’s report... and have determined that it is contrary to the interests of the United States to remain a member," President Trump said. The U.S. Secretary of State Marco Rubio backed POTUS' move calling these coalitions "wasteful, ineffective, and harmful."

"These institutions (are found) to be redundant in their scope, mismanaged, unnecessary, wasteful, poorly run, captured by the interests of actors advancing their own agendas contrary to our own, or a threat to our nation’s sovereignty, freedoms, and general prosperity," Rubio said. "President Trump is clear: It is no longer acceptable to be sending these institutions the blood, sweat, and treasure of the American people, with little to nothing to show for it. The days of billions of dollars in taxpayer money flowing to foreign interests at the expense of our people are over."

Dismantling the Hybrid Defense Shield

Perhaps the most significant strategic loss is the U.S. exit from the European Centre of Excellence for Countering Hybrid Threats (Hybrid CoE). Based in Helsinki, the Hybrid CoE is unique as the primary operational bridge between NATO and the European Union.

The Centre was established to analyze and counter "hybrid" threats—ambiguous, non-military attacks such as election interference, disinformation campaigns, and economic coercion, tactics frequently attributed to state actors like Russia and China. By withdrawing, the U.S. is effectively blinding the shared intelligence and coordinated response mechanisms that European allies rely on to detect these sub-threshold attacks. The U.S. participation was seen as a key deterrent; without it, the trans-Atlantic unified front against hybrid warfare could be severely fractured.

Also read: Russia-Linked Hybrid Campaign Targeted 2024 Elections: Romanian Prosecutor General

Abandoning Global Cyber Capacity Building

The administration is also pulling out of the Global Forum on Cyber Expertise (GFCE). Unlike a military alliance, the GFCE is a pragmatic, multi-stakeholder platform that consists of 260+ members and partners bringing together governments, private tech companies, and NGOs to build cyber capacity in developing nations.

The GFCE’s mission is to strengthen global cyber defenses by helping nations develop their own incident response teams, cyber crime laws, and critical infrastructure protection. A U.S. exit here opens a power vacuum. As the U.S. retreats from funding and guiding the capacity-building efforts, rival powers may step in to offer their own support, potentially embedding authoritarian standards into the digital infrastructure of the Global South.

A Blow to Internet Freedom

Finally, the withdrawal from the Freedom Online Coalition (FOC) marks an ideological shift. The FOC is a partnership of 42 governments committed to advancing human rights online, specifically fighting against internet shutdowns, censorship, and digital authoritarianism.

The U.S. has historically been a leading voice in the FOC, using the coalition to pressure regimes that restrict internet access or persecute digital dissidents. Leaving the FOC suggests the Trump administration is deprioritizing the promotion of digital human rights as a foreign policy objective. This could embolden authoritarian regimes to tighten control over their domestic internets without fear of a coordinated diplomatic backlash from the West.

The "America First" Cyber Doctrine

The administration argues these withdrawals are necessary to stop funding globalist bureaucracies that constrain U.S. action. By exiting, the White House aims to reallocate resources to bilateral partnerships where the U.S. can exert more direct leverage. However, critics could argue that in the interconnected domain of cyberspace, isolation is a vulnerability. By ceding the chair at these tables, the United States may find itself writing the rules of the next digital conflict alone, while the rest of the world—friend and foe alike—organizes without it.

The article was updated to include GFCE spokesperson's response and U.S. Secretary of State Marco Rubio's statement.

Also read: Trump’s Team Removes TSA Leader Pekoske as Cyber Threats Intensify

The cybersecurity world is facing a "Heartbleed" moment for the NoSQL era. A critical vulnerability in MongoDB, the world’s most popular non-relational database, is being actively exploited in the wild, allowing unauthenticated attackers to "bleed" sensitive memory directly from server processes.

Dubbed "MongoBleed" and tracked as CVE-2025-14847, the flaw represents a catastrophic breakdown in how MongoDB handles compressed data. According to researchers at Wiz, who first sounded the alarm on the active exploitation, the vulnerability allows an attacker to remotely read fragments of the server's memory—potentially exposed credentials, session tokens, and the very data the database is meant to protect—without ever needing a password.

The Mechanics of the Leak

At the heart of MongoBleed is a classic security failure- an out-of-bounds (OOB) read. The vulnerability resides in MongoDB’s implementation of the 'zlib' compression library within its wire protocol.

When a client communicates with a MongoDB server, it can use compression to save bandwidth. Security researchers at OX Security noted that by sending a specially crafted, malformed compressed message, an attacker can trick the server into reading past the allocated buffer. Because the server fails to properly validate the length of the decompressed data against the actual buffer size, it responds by sending back whatever happens to be sitting in the adjacent memory.

This is a haunting echo of the 2014 Heartbleed bug in OpenSSL. Like its predecessor, MongoBleed doesn't require the attacker to "break in" through the front door; instead, it allows them to sit outside and repeatedly ask the server for "scraps" of its internal memory until they’ve reconstructed enough data to stage a full-scale breach.

Exploitation in the Wild

The situation escalated quickly from a theoretical risk to a live crisis. Wiz reported that their global sensor network has detected automated scanners and exploit attempts targeting the flaw almost immediately after technical details began to circulate.

Joe Desimone, a cybersecurity researcher from Elastic Security also published a proof-of-concept exploit which showed how data related to MongoDB internal logs and state, WiredTiger storage engine configuration, system /proc data (meminfo, network stats), Docker container paths, and connection UUIDs and client IPs could be leaked using the MongoBleed bug.

The threat is particularly acute because MongoDB is often the backbone of modern web applications, storing everything from user PII to sensitive financial records. MongoDB has a very large footprint with over 200k internet-facing instances.

The ease of exploitation combined with the lack of authentication makes this a perfect storm for attackers, the Wiz team noted in their analysis. In many cases, an attacker only needs a single successful "bleed" to capture an administrative session token, granting them full control over the entire database cluster.

The Australian Cyber Security Centre (ACSC) has also issued an urgent advisory, warning organizations that the vulnerability affects a vast range of versions, from legacy 4.4 installs up to the most recent 8.0 releases.

For defenders, the challenge is that these memory-leak attacks are notoriously "quiet." Because they happen at the protocol level and don’t involve traditional "login" events, they often bypass standard application-layer logs.

Security researchers like Kevin Beaumont, have also reiterated this. "Because of how simple this is now to exploit — the bar is removed — expect high likelihood of mass exploitation and related security incidents," Beaumont wrote in his personal blog. "The exploit author has provided no details on how to detect exploitation in logs via products like.. Elastic. Advice would be to keep calm and patch internet facing assets.

The Race to Patch

The MongoDB team has moved swiftly to release patches, but the sheer scale of the MongoDB install base makes global remediation a daunting task. The following versions have been identified as patched and safe:

• MongoDB 8.0.4

• MongoDB 7.0.16

• MongoDB 6.0.19

• MongoDB 5.0.31

For organizations that cannot patch immediately, experts recommend a "nuclear" temporary workaround: disabling zlib compression. While this may result in a slight performance hit and increased bandwidth usage, it effectively closes the vector used by MongoBleed.

The aviation sector, government agencies, and tech giants alike are now in a frantic race against time. With automated exploit kits already circulating on dark web forums, the window for patching is closing. For anyone running MongoDB, the time to act was yesterday.

Also read: MongoDB Cyberattack Reveals Customer Data Compromise: Incident Response in Progress

For years, data privacy in India lived in a grey zone. Mobile numbers demanded at checkout counters. Aadhaar photocopies lying unattended in hotel drawers. Marketing messages that arrived long after you stopped using a service. Most of us accepted this as normal, until the law caught up.  That moment has arrived.  The Digital Personal Data Protection Act (DPDP Act), 2023, backed by the Digital Personal Data Protection Rules, 2025 notified by the Ministry of Electronics and Information Technology (MeitY) on 13 November 2025, marks a decisive shift in how personal data must be treated in India. As the country heads into 2026, businesses are entering the most critical phase: execution.  Companies now have an 18-month window to re-engineer systems, processes, and accountability frameworks across IT, legal, HR, marketing, and vendor ecosystems. The change is not cosmetic. It is structural.  As Sandeep Shukla, Director, International Institute of Information Technology Hyderabad (IIIT Hyderabad), puts it bluntly: 

“Well, I can say that Indian Companies so far has been rather negligent of customer's privacy. Anywhere you go, they ask for your mobile number.” 

The DPDP Act is designed to ensure that such casual indifference to personal data does not survive the next decade.  Below are eight fundamental ways the DPDP Act will change how Indian companies handle data in 2026, with real-world implications for businesses, consumers, and the digital economy.

1. Privacy Will Movefromthe Back Office to the Boardroom 

Until now, data protection in Indian organizations largely sat with compliance teams or IT security. That model will not hold in 2026.  The DPDP framework makes senior leadership directly accountable for how personal data is handled, especially in cases of breaches or systemic non-compliance. Privacy risk will increasingly be treated like financial or operational risk. 

According to Shashank Bajpai, CISO & CTSO at YOTTA, “The DPDP Act (2023) becomes operational through Rules notified in November 2025; the result is a staggered compliance timetable that places 2026 squarely in the execution phase. That makes 2026 the inflection year when planning becomes measurable operational work and when regulators will expect visible progress.” 

In 2026, privacy decisions will increasingly sit with boards, CXOs, and risk committees. Metrics such as consent opt-out rates, breach response time, and third-party risk exposure will become leadership-level conversations, not IT footnotes.

2. Consent Will Become Clear, Granular, and Reversible

One of the most visible changes users will experience is how consent is sought.  Under the DPDP Act, consent must be specific, informed, unambiguous, and easy to withdraw. Pre-ticked boxes and vague “by using this service” clauses will no longer be enough. 

As Gauravdeep Singh, State Head (Digital Transformation), e-Mission Team, MeitY, explains, “Data Principal = YOU.” 

Whether it’s a food delivery app requesting location access or a fintech platform processing transaction history, individuals gain the right to control how their data is used—and to change their mind later.

3. Data Hoarding Will Turnintoa Liability 

For many Indian companies, collecting more data than necessary was seen as harmless. Under the DPDP Act, it becomes risky.  Organizations must now define why data is collected, how long it is retained, and how it is securely disposed of. If personal data is no longer required for a stated purpose, it cannot simply be stored indefinitely. 

Shukla highlights how deeply embedded poor practices have been, “Hotels take your aadhaar card or driving license and copy and keep it in the drawers inside files without ever telling the customer about their policy regarding the disposal of such PII data safely and securely.” 

In 2026, undefined retention is no longer acceptable.

4. Third-Party Vendors Will Come Under the Scanner

Data processors like cloud providers, payment gateways, CRM platforms, will no longer operate in the shadows.  The DPDP Act clearly distinguishes between Data Fiduciaries (companies that decide how data is used) and Data Processors (those that process data on their behalf). Fiduciaries remain accountable, even if the breach occurs at a vendor.  This will force companies to: 

• Audit vendors regularly 

• Rewrite contracts with DPDP clauses 

• Monitor cross-border data flows 

As Shukla notes, “The shops, E-commerce establishments, businesses, utilities collect so much customer PII, and often use third party data processor for billing, marketing and outreach. We hardly ever get to know how they handle the data.” 

In 2026, companies will be required to audit vendors, strengthen contracts, and ensure processors follow DPDP-compliant practices, because liability remains with the fiduciary.

5. Breach Response Will Be Timed, Tested, and Visible

Data breaches are no longer just technical incidents, they are legal events.  The DPDP Rules require organizations to detect, assess, and respond to breaches with defined processes and accountability. Silence or delay will only worsen regulatory consequences. 

As Bajpai notes, “The practical effect is immediate: companies must move from policy documents to implemented consent systems, security controls, breach workflows, and vendor governance.” 

Tabletop exercises, breach simulations, and forensic readiness will become standard—not optional. 

6. SignificantData Fiduciaries (SDFs) Will Face Heavier Obligations 

Not all companies are treated equally under the DPDP Act. Significant Data Fiduciaries (SDFs)—those handling large volumes of sensitive personal data, will face stricter obligations, including: 

• Data Protection Impact Assessments 

• Appointment of India-based Data Protection Officers 

• Regular independent audits 

Global platforms like Meta, Google, Amazon, and large Indian fintechs will feel the pressure first, but the ripple effect will touch the entire ecosystem.

7. A New Privacy Infrastructure Will Emerge

The DPDP framework is not just regulation—it is ecosystem building. 

As Bajpai observes, “This is not just regulation; it is an economic strategy to build domestic capability in cloud, identity, security and RegTech.” 

Consent Managers, auditors, privacy tech vendors, and compliance platforms will grow rapidly in 2026. For Indian startups, DPDP compliance itself becomes a business opportunity.

8. Trust Will Become a Competitive Advantage

Perhaps the biggest change is psychological. In 2026, users will increasingly ask: 

• Why does this app need my data? 

• Can I withdraw consent? 

• What happens if there’s a breach? 

One Reddit user captured the risk succinctly, “On paper, the DPDP Act looks great… But a law is only as strong as public awareness around it.” 

Companies that communicate transparently and respect user choice will win trust. Those that don’t will lose customers long before regulators step in. 

Preparing for 2026: From Awareness to Action 

As Hareesh Tibrewala, CEO at Anhad, notes, “Organizations now have the opportunity to prepare a roadmap for DPDP implementation.”

For many businesses, however, the challenge lies in turning awareness into action, especially when clarity around timelines and responsibilities is still evolving.  The concern extends beyond citizens to companies themselves, many of which are still grappling with core concepts such as consent management, data fiduciary obligations, and breach response requirements. With penalties tiered by the nature and severity of violations—ranging from significant fines to amounts running into hundreds of crores, this lack of understanding could prove costly.  In 2026, regulators will no longer be looking for intent, they will be looking for evidence of execution. As Bajpai points out, “That makes 2026 the inflection year when planning becomes measurable operational work and when regulators will expect visible progress.” 

What Companies Should Do Now: A Practical DPDP Act Readiness Checklist 

As India moves closer to full DPDP enforcement, organizations that act early will find compliance far less disruptive. At a minimum, businesses should focus on the following steps: 

• Map personal data flows: Identify what personal data is collected, where it resides, who has access to it, and which third parties process it. 

• Review consent mechanisms: Ensure consent requests are clear, purpose-specific, and easy to withdraw, across websites, apps, and internal systems. 

• Define retention and deletion policies: Establish how long different categories of personal data are retained and document secure disposal processes. 

• Assess third-party risk: Audit vendors, cloud providers, and processors to confirm DPDP-aligned controls and contractual obligations. 

• Strengthen breach response readiness: Put tested incident response and notification workflows in place, not just policies on paper. 

• Train employees across functions: Build awareness beyond IT and legal teams, privacy failures often begin with everyday operational mistakes. 

• Assign ownership and accountability: Clearly define who is responsible for DPDP compliance, reporting, and ongoing monitoring. 

These steps are not about ticking boxes; they are about building muscle memory for a privacy-first operating environment. 

2026 Is the Year Privacy Becomes Real 

The DPDP Act does not promise instant perfection. What it demands is accountability.  By 2026, privacy will move from policy documents to product design, from legal fine print to leadership dashboards, and from reactive fixes to proactive governance. Organizations that delay will not only face regulatory penalties, but they also risk losing customer trust in an increasingly privacy-aware market. 

As Sandeep Shukla cautions, “It will probably take years before a proper implementation at all levels of organizations would be seen.” 

But the direction is clear. Personal data in India can no longer be treated casually.  The DPDP Act marks the end of informal data handling, and the beginning of a more disciplined, transparent, and accountable digital economy. 

India's Central Bureau of Investigation filed a chargesheet against 30 accused including two Chinese nationals who allegedly ran a cyber fraud network that siphoned over ₹1,000 crore (approximately US$112 million) from Indian investors through fake cryptocurrency mining platforms, loan apps, and bogus online job offers during the COVID-19 lockdown period.

The HPZ Token Investment Fraud case has exposed a well-coordinated transnational criminal syndicate that exploited India's emerging payment aggregation systems to launder proceeds at unprecedented speed through multiple shell companies before converting funds to cryptocurrency and transferring them overseas.

The fraud began when Shigoo Technology Pvt. Ltd., an entity owned and controlled by Chinese nationals, launched a fake mobile application titled "HPZ Tokens" claiming investments would be used for cryptocurrency mining yielding very high returns. Within just three months, crores were collected and diverted by fraudsters targeting vulnerable investors during pandemic lockdowns.

Chinese Nationals Directed Shell Company Network

Wan Jun served as director of Jilian Consultants India Private Limited, a subsidiary of Chinese entity Jilian Consultants. With help from accomplice Dortse, Wan Jun successfully created several shell companies including Shigoo Technologies that became conduits to collect and launder proceeds from major organized cyber frauds.

The second Chinese national charged, Li Anming, played key roles directing operations alongside Wan Jun. CBI investigation revealed these frauds were connected and controlled by a single organized criminal syndicate based overseas.

Jilian Consultants hired professionals including company secretaries and chartered accountants to create shell companies that helped them run the operation with ease. Money collected was converted into cryptocurrencies before being sent out of the country.

Also read: CBI Arrests Fugitive Cybercrime Kingpin, Busts Fifth Illegal Call Center Targeting US Nationals

Exploitation of Payment Aggregators

The investigation revealed misuse of payment aggregation systems that had just taken off in India at the time of the Covid-19 pandemic. Payment aggregators were providing large collection and money disbursal services using technology to genuine companies, with systems allowing users to access large numbers of bank accounts simultaneously.

Fraudsters exploited this well-structured payment infrastructure to launder money at high speed from accounts of one shell company to another. The system also allowed them to partially disburse money back to investors to gain confidence, sustaining the fraud scheme longer.

Total money moved from bank accounts of these companies surpassed ₹1,000 crore within just a few months.

Ongoing Investigation in Cyber Fraud Network

CBI initially arrested six people named Dortse, Rajni Kohli, Sushanta Behra, Abhishek, Mohd Imdhad Husain, and Rajat Jain. The agency has now filed chargesheet against 27 accused persons and three companies, with further investigation continuing against other suspects.

The investigation revealed this was not an isolated incident but part of a large cyber crime network responsible for several scams targeting Indian citizens in the post-COVID period using loan apps, fake investment platforms, and bogus online job offers.

"The CBI remains steadfast in its unwavering commitment to dismantling these sophisticated cyber fraud networks through relentless operations like Chakra-V," the agency said. The CBI will continue to fortify India's digital economy, protect vulnerable investors, execute targeted arrests, seize assets, and forge international collaborations."

Also read: Indo-U.S. Agencies Dismantle Cybercrime Network Targeting U.S. Nationals

The cycle of vulnerability disclosure and weaponization has shattered records once again. According to a new threat intel from Amazon Web Services (AWS), state-sponsored hacking groups linked to China began actively exploiting a critical vulnerability nicknamed "React2Shell," in popular web development frameworks mere hours after its public release.

The React2Shell vulnerability, tracked as CVE-2025-55182, affects React Server Components in React 19.x and Next.js versions 15.x and 16.x when using the App Router. The flaw carries the maximum severity score of 10.0 on the CVSS scale, enabling unauthenticated remote code execution (RCE).

The Rapid Weaponization Race

The vulnerability was publicly disclosed on Wednesday, December 3. AWS threat intelligence teams, monitoring their MadPot honeypot infrastructure, detected exploitation attempts almost immediately.

The threat actors identified in the flurry of activity are linked to known China state-nexus cyber espionage groups, including:

• Earth Lamia: Known for targeting financial services, logistics, and government organizations across Latin America, the Middle East, and Southeast Asia.

• Jackpot Panda: A group typically focused on East and Southeast Asian entities, often aligned with domestic security interests.

"China continues to be the most prolific source of state-sponsored cyber threat activity, with threat actors routinely operationalizing public exploits within hours or days of disclosure," stated an AWS Security Blog post announcing the findings.

The speed of operation showcased how the window between public disclosure and active attack is now measured in minutes, not days.

Also read: China-linked RedNovember Campaign Shows Importance of Patching Edge Devices

Hacker's New Strategy of Speed Over Precision

The AWS analysis also revealed a crucial insight into modern state-nexus tactics that threat groups are prioritizing volume and speed over technical accuracy.

Investigators observed that many attackers were attempting to use readily available, but often flawed, public Proof-of-Concept (PoC) exploits pulled from the GitHub security community. These PoCs frequently demonstrated fundamental technical misunderstandings of the flaw.

Despite the technical inadequacy, threat actors are aggressively throwing these PoCs at thousands of targets in a "volume-based approach," hoping to catch the small percentage of vulnerable configurations. This generates significant noise in logs but successfully maximizes their chances of finding an exploitable weak link.

Furthermore, attackers were not limiting their focus, simultaneously attempting to exploit other recent vulnerabilities, demonstrating a systematic, multi-pronged campaign to compromise targets as quickly as possible.

Call for Patching

While AWS has deployed automated protections for its managed services and customers using AWS WAF, the company is issuing an urgent warning to any entity running React or Next.js applications in their own environments (such as Amazon EC2 or containers).

The primary mitigation remains immediate patching.

"These protections aren't substitutes for patching," AWS warned. Developers must consult the official React and Next.js security advisories and update vulnerable applications immediately to prevent state-sponsored groups from gaining RCE access to their environments.

CVE-2025-55182 enables an attacker to achieve unauthenticated Remote Code Execution (RCE) in vulnerable versions of the following packages:

• react-server-dom-webpack
• react-server-dom-parcel
• react-server-dom-turbopack

AWS' findings states a cautious tale that a vulnerability with a CVSS 10.0 rating in today's times becomes a national security emergency the moment it hits the public domain.

Google Threat Intelligence Group discovered a full iOS zero-day exploit chain deployed in the wild against targets in Egypt, revealing how sanctioned commercial surveillance vendor Intellexa continues purchasing and deploying digital weapons despite US government restrictions and extensive public scrutiny.

The three-stage attack chain was developed by Intellexa to install its Predator spyware onto victim devices, which is known to act as a surveillance tool for its government clients worldwide.

Google researchers partnered with CitizenLab in 2023 to capture and analyze the complete exploit chain after identifying attacks targeting individuals in Egypt. According to metadata, Intellexa referred to this exploit chain internally as "smack," with compilation artifacts revealing the build directory path including the codename.

First Stage: Purchased Safari Exploit

The initial stage leveraged a Safari remote code execution zero-day that Apple patched as CVE-2023-41993. The exploit utilized a framework internally called "JSKit" to achieve arbitrary memory read and write primitives, then execute native code on modern Apple devices.

Google researchers assessed with high confidence that Intellexa acquired its iOS RCE exploits from an external entity rather than developing them internally. The identical JSKit framework has appeared in attacks by other surveillance vendors and government-backed threat actors since 2021.

In 2024, Google publicly reported that Russian government-backed attackers used this exact same iOS exploit and JSKit framework in a watering hole attack against Mongolian government websites.

Read: Russian State Hackers Using Exploits ‘Strikingly Similar’ to Spyware Vendors NSO and Intellexa

The framework also appeared in another surveillance vendor's exploitation of CVE-2022-42856 in 2022. The JSKit framework is well-maintained, supports a wide range of iOS versions, and is modular enough to support different Pointer Authentication Code bypasses and code execution techniques. The framework can parse in-memory Mach-O binaries to resolve custom symbols and manually map and execute Mach-O binaries directly from memory, with each exploitation step tested carefully.

Debug strings at the RCE exploit entry point indicated Intellexa tracked it internally as "exploit number 7," suggesting the external supplier likely possesses a substantial arsenal of iOS exploits targeting various versions.

Second Stage: Sandbox Escape and Privilege Escalation

The second stage represents the most technically sophisticated component of the chain, breaking out of the Safari sandbox and executing an untrusted third-stage payload as system by abusing kernel vulnerabilities CVE-2023-41991 and CVE-2023-41992. This stage communicates with the first stage to reuse primitives like PAC bypass and offers kernel memory read and write capabilities to the third stage.

The technical sophistication of these exploits, especially compared to the less sophisticated spyware stager, supports Google's assessment that Intellexa likely acquired the exploits from another party rather than developing them internally.

Third Stage: Spyware Deployment and Anti-Detection

The third stage, tracked by Google Threat Intelligence Group as PREYHUNTER, comprises two modules called "helper" and "watcher." The watcher module ensures the infected device does not exhibit suspicious behavior, generating notifications and terminating the exploitation process if anomalies are detected while monitoring crashes.

The module detects multiple indicators including developer mode, console attachment, US or Israeli locale settings, Cydia installation, presence of security research tools like Bash, tcpdump, frida, sshd or checkrain processes, antivirus software from McAfee, Avast or Norton, custom HTTP proxy setup, and custom root certificate installation.

The helper module communicates with other exploit components via a Unix socket and can hook various system functions using custom frameworks called DMHooker and UMHooker. These hooks enable basic spyware capabilities including recording VOIP conversations, running keyloggers, and capturing pictures from the camera. The module hooks into SpringBoard to hide user notifications caused by surveillance actions.

Google researchers believe these capabilities allow operators to verify the infected device is the correct target before deploying more sophisticated spyware like Predator.

Prolific Zero-Day Exploitation Record

Intellexa is responsible for 15 unique zero-day vulnerabilities out of approximately 70 discovered and documented by Google's Threat Analysis Group since 2021, including Remote Code Execution, Sandbox Escape, and Local Privilege Escalation vulnerabilities. All have been patched by respective vendors.

Beyond iOS exploitation, Intellexa deployed a custom Chrome framework with CVE-2021-38003, CVE-2023-4762, CVE-2023-3079, CVE-2023-2033, and most recently CVE-2025-6554 in June 2025, observed in Saudi Arabia. All these vulnerabilities in Chrome's V8 engine can leak TheHole object for code execution.

Google delivered government-backed attack warnings to several hundred accounts across Pakistan, Kazakhstan, Angola, Egypt, Uzbekistan, Saudi Arabia, and Tajikistan associated with Intellexa customers since 2023. The company added all identified websites and domains to Safe Browsing to safeguard users from further exploitation.

Fatemeh Sedighian Kashi and Mohammad Bagher Shirinkar maintain a close working relationship coordinating cyber operations targeting elections, US critical infrastructure and businesses through the Iranian Revolutionary Guard Corps cyber unit known as Shahid Shushtari. The U.S. Department of State announced rewards of up to $10 million for information leading to their identification or location, marking the latest effort to disrupt operations of Iranian cyber operatives that has caused significant financial damage and operational disruption across multiple sectors including news, shipping, travel, energy, financial services, and telecommunications throughout the United States, Europe, and the Middle East. Shirinkar oversees the Shahid Shushtari group, previously identified under multiple cover names including Aria Sepehr Ayandehsazan, Emennet Pasargad, Eeleyanet Gostar, and Net Peygard Samavat Company. Whereas, Sedighian serves as a long-time employee working closely with Shirinkar in planning and conducting cyber operations on behalf of Iran's IRGCs Cyber-Electronic Command, the State Department said.

Australia's fragmented approach to AI oversight—with responsibilities scattered across privacy commissioners, consumer watchdogs, online safety regulators, and sector-specific agencies—required coordination to keep pace with rapidly evolving AI capabilities and their potential to amplify existing harms while creating entirely new threats.

The Australian Government announced establishment of the AI Safety Institute backed by $29.9 million in funding, to monitor emerging AI capabilities, test advanced systems, and share intelligence across government while supporting regulators to ensure AI companies comply with Australian law. The setting up of the AI safety institute is part of the larger National AI Plan that the Australian government officially released on Tuesday.

The Institute will become operational in early 2026 as the centerpiece of the government's strategy to keep Australians safe while capturing economic opportunities from AI adoption. The approach maintains existing legal frameworks as the foundation for addressing AI-related risks rather than introducing standalone AI legislation, with the Institute supporting portfolio agencies and regulators to adapt laws when necessary.

Dual Focus on Upstream Risks and Downstream Harms

The AI Safety Institute will focus on both upstream AI risks and downstream AI harms. Upstream risks involve model capabilities and the ways AI systems are built and trained that can create or amplify harm, requiring technical evaluation of frontier AI systems before deployment.

Downstream harms represent real-world effects people experience when AI systems are used, including bias in hiring algorithms, privacy breaches from data processing, discriminatory outcomes in automated decision-making, and emerging threats like AI-enabled crime and AI-facilitated abuse disproportionately impacting women and girls.

The Institute will generate and share technical insights on emerging AI capabilities, working across government and with international partners. It will develop advice, support bilateral and multilateral safety engagement, and publish safety research to inform industry and academia while engaging with unions, business, and researchers to ensure functions meet community needs.

Supporting Coordinated Regulatory Response

The Institute will support coordinated responses to downstream AI harms by engaging with portfolio agencies and regulators, monitoring and analyzing information across government to allow ministers and regulators to take informed, timely, and cohesive regulatory action.

Portfolio agencies and regulators remain best placed to assess AI uses and harms in specific sectors and adjust regulatory approaches when necessary. The Institute will support existing regulators to ensure AI companies are compliant with Australian law and uphold legal standards of fairness and transparency.

The government emphasized that Australia has strong existing, largely technology-neutral legal frameworks including sector-specific guidance and standards that can apply to AI. The approach promotes flexibility, uses regulators' existing expertise, and targets emerging threats as understanding of AI's strengths and limitations evolves.

Addressing Specific AI Harms

The government is taking targeted action against specific harms while continuing to assess suitability of existing laws. Consumer protections under Australian Consumer Law apply equally to AI-enabled goods and services, with Treasury's review finding Australians enjoy the same strong protections for AI products as traditional goods.

The government addresses AI-related risks through enforceable industry codes under the Online Safety Act 2021, criminalizing non-consensual deepfake material while considering further restrictions on "nudify" apps and reforms to tackle algorithmic bias.

The Attorney-General's Department engages stakeholders through the Copyright and AI Reference Group to consult on possible updates to copyright laws as they relate to AI, with the government ruling out a text and data mining exception to provide certainty to Australian creators and media workers.

Healthcare AI regulation is under review through the Safe and Responsible AI in Healthcare Legislation and Regulation Review, while the Therapeutic Goods Administration oversees AI used in medical device software following its review on strengthening regulation of medical device software including artificial intelligence.

Also read: CPA Australia Warns: AI Adoption Accelerates Cyber Risks for Australian Businesses

National Security and Crisis Response

The Department of Home Affairs, National Intelligence Community, and law enforcement agencies continue efforts to proactively mitigate serious risks posed by AI. Home Affairs coordinates cross-government efforts on cybersecurity and critical infrastructure protection while overseeing the Protective Security Policy Framework detailing policy requirements for authorizing AI technology systems for non-corporate Commonwealth entities.

AI is likely to exacerbate existing national security risks and create new, unknown threats. The government is preparing for potential AI-related incidents through the Australian Government Crisis Management Framework, which provides overarching policy for managing potential crises.

The government will consider how AI-related harms are managed under the framework to ensure ongoing clarity regarding roles and responsibilities across government to support coordinated and effective action.

International Engagement

The Institute will collaborate with domestic and international partners including the National AI Centre and the International Network of AI Safety Institutes to support global conversations on understanding and addressing AI risks.

Australia is a signatory to the Bletchley Declaration, Seoul Declaration, and Paris Statement emphasizing inclusive international cooperation on AI governance. Participation in the UN Global Digital Compact, Hiroshima AI Process, and Global Partnership on AI supports conversations on advancing safe, secure, and trustworthy adoption.

The government is developing an Australian Government Strategy for International Engagement and Regional Leadership on Artificial Intelligence to align foreign and domestic policy settings while establishing priorities for bilateral partnerships and engagement in international forums.

Also read: UK’s AI Safety Institute Establishes San Francisco Office for Global Expansion

fCyber Monday scams in 2025 are increasing at a time when phishing, credential theft, and financial cybercrime are already at some of the highest levels seen this year. Attackers know shoppers are distracted by discounts and rushed checkout decisions, and they are using this moment to launch more convincing scams than ever. In November, the National Cyber Security Centre (NCSC) warned that phishing emails are becoming extremely realistic. One recent example involved emails pretending to be from the Canton of Zurich. The messages copied the government’s logo, layout, and tone, pressuring people to update information for “new cryptocurrency tax rules.” Victims were taken to a fake website that looked exactly like the real portal. After entering personal and financial details, they were redirected to the genuine website, so nothing felt suspicious. This pattern isn’t limited to Europe. Microsoft’s Digital Defense Report 2025 found that 52% of cyberattacks are now financially motivated, while only 4% relate to espionage. The report shows attackers are more focused on quick money, data theft, and extortion than anything else. Japan has also seen a spike. The Financial Services Agency reported nearly USD 700 million in unauthorized trades since March, after cybercriminals stole login details from fake securities websites and infostealer malware. Attackers then sent follow-up phishing emails pretending to be regulators to lure victims again, showing how far they go to keep the scam going. With these global trends already in motion, Cyber Monday scams in 2025 are expected to hit even harder, using fake deals, phishing emails, and fraudulent apps to trick shoppers during the busiest online shopping week of the year.

Fake Deals: The Most Common Cyber Monday Scam

Fake deals continue to be one of the biggest Cyber Monday scams. Criminals create websites that look identical to popular shopping platforms. These fake pages advertise impossible discounts and use professional product images to appear genuine. This year, attackers are using:

• Paid ads to push fake “Cyber Monday” offers
• AI-generated product photos
• Fake customer support chatboxes
• Websites designed to collect card details and passwords

Many of these sites even send fake confirmation emails to make the purchase look real.

Phishing Emails Designed for Holiday Shoppers

Phishing emails increase sharply during Cyber Monday week because shoppers expect order updates, delivery alerts, and discount codes. Attackers take advantage of this by sending emails that look like they’re from Amazon, courier services, or major retailers. Common tactics include:

• “Your order has been delayed” links
• Payment failure warnings
• Early-access Cyber Monday discounts
• QR codes leading to fake login pages

These messages often use the correct logos and a domain name that looks almost identical to the real brand, making them harder to notice.

Fake Mobile Apps Posing as Shopping Tools

Another growing Cyber Monday scam involves fake mobile apps disguised as coupon apps, cashback tools, or sale trackers. Once installed, these apps can access personal details and intercept OTPs. Some harmful apps can:

• Read text messages
• Capture saved card information
• Monitor keystrokes
• Send fake push notifications

Security researchers have also found fake apps pretending to be BNPL (Buy Now Pay Later) services, which become very active during Cyber Monday sales.

AI-Powered Social Media Scams

Social media is now one of the biggest sources of Cyber Monday scams. Attackers use AI to create fake influencer posts, discount videos, and promotional codes that link to malicious websites. These scams spread quickly because criminals use thousands of fake likes and comments to make the posts look trustworthy. Even after Cyber Monday ends, the impact continues. Stolen passwords and card details are used for:

• Account takeovers
• Unauthorized purchases
• Reward points theft
• Identity fraud

Cybercriminals also test stolen password combinations across multiple websites, knowing many people reuse the same credentials.

How Shoppers Can Stay Safe

Following are the recommendations to avoid Cyber Monday scams in 2025. These easy habits help reduce risk during the holiday shopping rush.

• Double-check website URLs
• Avoid deals sent only through social media DMs
• Download apps only from official stores
• Turn on two-factor authentication
• Be careful with QR codes in emails
• Never enter card details on unfamiliar sites

Cyber Monday scams in 2025 are becoming harder to spot as criminals use fake deals, phishing emails, and fraudulent apps to target busy shoppers. With global phishing incidents rising and financial cybercrime at record highs, staying alert is the best way to shop safely this season.

France's data protection authority discovered that when visitors clicked the button to reject cookies on Vanity Fair (vanityfair[.]fr), the website continued placing tracking technologies on their devices and reading existing cookies without consent, a violation that now costs publisher Les Publications Condé Nast €750,000 in fines six years after privacy advocate NOYB first filed complaints against the media company.

The November 20 sanction by CNIL's restricted committee marks the latest enforcement action in France's aggressive campaign to enforce cookie consent requirements under the ePrivacy Directive.

NOYB, the European privacy advocacy organization led by Max Schrems, filed the original public complaint in December 2019 concerning cookies placed on user devices by the Vanity Fair France website. After multiple investigations and discussions with CNIL, Condé Nast received a formal compliance order in September 2021, with proceedings closed in July 2022 based on assurances of corrective action.

Repeated Violations Despite Compliance Order

CNIL conducted follow-up online investigations in July and November 2023, then again in February 2025, discovering that the publisher had failed to implement compliant cookie practices despite the earlier compliance order. The restricted committee found Les Publications Condé Nast violated obligations under Article 82 of France's Data Protection Act across multiple dimensions.

Investigators discovered cookies requiring consent were placed on visitors' devices as soon as they arrived on vanityfair.fr, even before users interacted with the information banner to express a choice. This automatic placement violated fundamental consent requirements mandating that tracking technologies only be deployed after users provide explicit permission.

The website lacked clarity in information provided to users about cookie purposes. Some cookies appeared categorized as "strictly necessary" and therefore exempt from consent obligations, but useful information about their actual purposes remained unavailable to visitors. This misclassification potentially allowed the publisher to deploy tracking technologies under false pretenses.

Most significantly, consent refusal and withdrawal mechanisms proved completely ineffective. When users clicked the "Refuse All" button in the banner or attempted to withdraw previously granted consent, new cookies subject to consent requirements were nevertheless placed on their devices while existing cookies continued being read.

Escalating French Enforcement Actions

The fine amount takes into account that Condé Nast had already been issued a formal notice in 2021 but failed to correct its practices, along with the number of people affected and various breaches of rules protecting users regarding cookies.

The CNIL fine represents another in a series of NOYB-related enforcement actions, with the French authority previously fining Criteo €40 million in 2023 and Google €325 million earlier in 2025. Spain's AEPD issued a €100,000 fine against Euskaltel in related NOYB litigation.

Also read: Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

According to reports, Condé Nast acknowledged violations in its defense but cited technical errors, blamed the Internet Advertising Bureau's Transparency and Consent Framework for misleading information, and stated the cookies in question fall under the functionality category. The company claimed good faith and cooperative efforts while arguing against public disclosure of the sanction.

The Cookie Consent Conundrum

French enforcement demonstrates the ePrivacy Directive's teeth in protecting user privacy. CNIL maintains material jurisdiction to investigate and sanction cookie operations affecting French users, with the GDPR's one-stop-shop mechanism not applying since cookie enforcement falls under separate ePrivacy rules transposed into French law.

The authority has intensified actions against dark patterns in consent mechanisms, particularly practices making cookie acceptance easier than refusal. Previous CNIL decisions against Google and Facebook established that websites offering immediate "Accept All" buttons must provide equivalent simple mechanisms for refusing cookies, with multiple clicks to refuse constituting non-compliance.

The six-year timeline from initial complaint to final sanction illustrates both the persistence required in privacy enforcement and the extended timeframes companies exploit while maintaining non-compliant practices generating advertising revenue through unauthorized user tracking.

Polish authorities arrested a 23-year-old Russian citizen on November 16, after investigators linked him to unauthorized intrusions into e-commerce platforms, gaining access to databases containing personal data and transaction histories of customers across Poland and potentially other European Union member states. The suspect, who illegally crossed Poland's border in 2022 before obtaining refugee status in 2023, now faces three months of pre-trial detention as prosecutors examine connections to broader cybercrime operations targeting European infrastructure.

Officers from the Central Bureau for Combating Cybercrime detained the Russian national after gathering evidence confirming he operated without required authorization from online shop operators, breaching security protections to access IT systems and databases before interfering with their structure.

Expanding Investigation Into European Cyberattacks

Polish Interior Minister Marcin Kierwinski announced the arrest Thursday, stating that investigators established the suspect may have connections to additional cybercriminal activities targeting companies operating across Poland and EU member states. Prosecutors are currently verifying the scope of potential damages inflicted on victims of these cyberattacks.

According to Polish news outlets, the man was detained in Wroclaw where he had been living, with investigators saying he infiltrated a major e-commerce platform's database, gaining unauthorized access to almost one million customer records including personal data and transaction histories.

The District Court in Krakow approved prosecutors' request for three-month detention, with officials indicating additional arrests are likely as the investigation widens. Authorities are analyzing whether stolen data was used, sold, or transferred to groups outside Poland, including potential connections to organized cybercrime or state-backed networks.

Pattern of Russian Hybrid Warfare

The arrest occurs amid heightened tensions as Poland reports intensifying cyberattacks and sabotage attempts that officials believe link to Russian intelligence services. Poland has arrested 55 people over suspected sabotage and espionage over the past three years, with all charged under Article 130 of the penal code pertaining to espionage and sabotage.

The case represents part of a broader pattern of hostile cyber operations. Poland and other European nations have intensified surveillance of potential Russian cyberattacks and sabotage efforts since Moscow's full-scale invasion of Ukraine in 2022, monitoring suspected arson attacks and strikes on critical infrastructure across the region.

Polish cybersecurity officials previously warned the country remains a constant target of pro-Russian hackers responding to Warsaw's support for Ukraine. Strategic, energy, and military enterprises face particular risk, with attacks intensifying through DDoS operations, ransomware, phishing campaigns, and website impersonation designed to collect personal data and spread disinformation.

The Central Bureau for Combating Cybercrime emphasized that the investigation remains active and developmental, with prosecutors continuing to gather evidence about the full extent of the suspect's activities and potential co-conspirators.

Also read: DDoS-for-Hire Empire Dismantled as Poland Arrests Four, U.S. Seizes Nine Domains

That lengthy standoff over privacy rights versus child protection ended Wednesday when EU member states finally agreed on a negotiating mandate for the Child Sexual Abuse Regulation, a controversial law requiring online platforms to detect, report, and remove child sexual abuse material while critics warn the measures could enable mass surveillance of private communications.

The Council agreement, reached despite opposition from the Czech Republic, Netherlands, and Poland, clears the way for trilogue negotiations with the European Parliament to begin in 2026 on legislation that would permanently extend voluntary scanning provisions and establish a new EU Centre on Child Sexual Abuse.

The Council introduces three risk categories of online services based on objective criteria including service type, with authorities able to oblige online service providers classified in the high-risk category to contribute to developing technologies to mitigate risks relating to their services. The framework shifts responsibility to digital companies to proactively address risks on their platforms.

Permanent Extension of Voluntary Scanning

One significant provision permanently extends voluntary scanning, a temporary measure first introduced in 2021 that allows companies to voluntarily scan for child sexual abuse material without violating EU privacy laws. That exemption was set to expire in April 2026 under current e-Privacy Directive provisions.

At present, providers of messaging services may voluntarily check content shared on their platforms for online child sexual abuse material, then report and remove it. According to the Council position, this exemption will continue to apply indefinitely under the new law.

Danish Justice Minister Peter Hummelgaard welcomed the Council's agreement, stating that the spread of child sexual abuse material is "completely unacceptable." "Every year, millions of files are shared that depict the sexual abuse of children. And behind every single image and video, there is a child who has been subjected to the most horrific and terrible abuse," Hummelgaard said.

New EU Centre on Child Sexual Abuse

The legislation provides for establishment of a new EU agency, the EU Centre on Child Sexual Abuse, to support implementation of the regulation. The Centre will act as a hub for child sexual abuse material detection, reporting, and database management, receiving reports from providers, assessing risk levels across platforms, and maintaining a database of indicators.

The EU Centre will assess and process information supplied by online providers about child sexual abuse material identified on services, creating, maintaining and operating a database for reports submitted by providers. The Centre will share information from companies with Europol and national law enforcement bodies, supporting national authorities in assessing the risk that online services could be used to spread abuse material.

Online companies must provide assistance for victims who would like child sexual abuse material depicting them removed or for access to such material disabled. Victims can ask for support from the EU Centre, which will check whether companies involved have removed or disabled access to items victims want taken down.

Privacy Concerns and Opposition

The breakthrough comes after months of stalled negotiations and a postponed October vote when Germany joined a blocking minority opposing what critics commonly call "chat control." Berlin argued the proposal risked "unwarranted monitoring of chats," comparing it to opening letters from other correspondents.

Critics from Big Tech companies and data privacy NGOs warn the measures could pave the way for mass surveillance, as private messages would be scanned by authorities to detect illegal images. The Computer and Communications Industry Association stated that EU member states made clear the regulation can only move forward if new rules strike a true balance protecting minors while maintaining confidentiality of communications, including end-to-end encryption.

Also read: EU Chat Control Proposal to Prevent Child Sexual Abuse Slammed by Critics

Former Pirate MEP Patrick Breyer, who has been advocating against the file, characterized the Council endorsement as "a Trojan Horse" that legitimizes warrantless, error-prone mass surveillance of millions of Europeans by US corporations through cementing voluntary mass scanning.

The European Parliament's study heavily critiqued the Commission's proposal, concluding there aren't currently technological solutions that can detect child sexual abuse material without resulting in high error rates affecting all messages, files and data in platforms. The study also concluded the proposal would undermine end-to-end encryption and security of digital communications.

Scope of the Crisis

Statistics underscore the urgency. 20.5 million reports and 63 million files of abuse were submitted to the National Center for Missing and Exploited Children CyberTipline last year, with online grooming increasing 300 percent since negotiations began. Every half second, an image of a child being sexually abused is reported online.

Sixty-two percent of abuse content flagged by the Internet Watch Foundation in 2024 was traced to EU servers, with at least one in five children in Europe a victim of sexual abuse.

The Council position allows trilogue negotiations with the European Parliament and Commission to start in 2026. Those negotiations need to conclude before the already postponed expiration of the current e-Privacy regulation that allows exceptions under which companies can conduct voluntary scanning. The European Parliament reached its negotiating position in November 2023.