With the popularity of AI coding tools rising among some software developers, their adoption has begun to touch every aspect of the process, including the improvement of AI coding tools themselves.

In interviews with Ars Technica this week, OpenAI employees revealed the extent to which the company now relies on its own AI coding agent, Codex, to build and improve the development tool. “I think the vast majority of Codex is built by Codex, so it’s almost entirely just being used to improve itself,” said Alexander Embiricos, product lead for Codex at OpenAI, in a conversation on Tuesday.

Codex, which OpenAI launched in its modern incarnation as a research preview in May 2025, operates as a cloud-based software engineering agent that can handle tasks like writing features, fixing bugs, and proposing pull requests. The tool runs in sandboxed environments linked to a user’s code repository and can execute multiple tasks in parallel. OpenAI offers Codex through ChatGPT’s web interface, a command-line interface (CLI), and IDE extensions for VS Code, Cursor, and Windsurf.

Read full article

Comments

© Mininyx Doodle via Getty Images

Google has increasingly moved toward keeping features locked to its hardware products, but the Translate app is bucking that trend. The live translate feature is breaking out of the Google bubble with support for any earbuds you happen to have connected to your Android phone. The app is also getting improved translation quality across dozens of languages and some Duolingo-like learning features.

The latest version of Google’s live translation is built on Gemini and initially rolled out earlier this year. It supports smooth back-and-forth translations as both on-screen text and audio. Beginning a live translate session in Google Translate used to require Pixel Buds, but that won’t be the case going forward.

Google says a beta test of expanded headphone support is launching today in the US, Mexico, and India. The audio translation attempts to preserve the tone and cadence of the original speaker, but it’s not as capable as the full AI-reproduced voice translations you can do on the latest Pixel phones. Google says this feature should work on any earbuds or headphones, but it’s only for Android right now. The feature will expand to iOS in the coming months. Apple does have a similar live translation feature on the iPhone, but it requires AirPods.

Read full article

Comments

© Google

Google's Chrome team has built an experimental browser called Disco that takes a query or prompt, opens a cluster of related tabs, and then generates a custom application tailored to whatever task the user is trying to accomplish. The browser launched Thursday as an experiment in Google's Search Labs. GenTabs, the core feature powering Disco, are information-rich pages created by Google's Gemini AI models -- ask for travel tips and the system builds a planner app; ask for study help and it creates a flashcard system. Disco -- named partly for fun and partly as shorthand for "discovery" -- started as a hackathon project inside Google before catching the team's imagination. Parisa Tabriz, who leads the Chrome team, said that Disco is not intended as a general-purpose browser and is not an attempt to cannibalize Chrome. The experiment aims to test what happens when users move from simply having tabs to generating personalized, curated applications on demand. The capability relies on features in the recently launched Gemini 3, which can create one-off interactive interfaces and build miniature apps on the fly rather than just returning text or images.

Read more of this story at Slashdot.

On Thursday, OpenAI released GPT-5.2, its newest family of AI models for ChatGPT, in three versions called Instant, Thinking, and Pro. The release follows CEO Sam Altman’s internal “code red” memo earlier this month, which directed company resources toward improving ChatGPT in response to competitive pressure from Google’s Gemini 3 AI model.

“We designed 5.2 to unlock even more economic value for people,” Fidji Simo, OpenAI’s chief product officer, said during a press briefing with journalists on Thursday. “It’s better at creating spreadsheets, building presentations, writing code, perceiving images, understanding long context, using tools and then linking complex, multi-step projects.”

As with previous versions of GPT-5, the three model tiers serve different purposes: Instant handles faster tasks like writing and translation; Thinking spits out simulated reasoning “thinking” text in an attempt to tackle more complex work like coding and math; and Pro spits out even more simulated reasoning text with the goal of delivering the highest-accuracy performance for difficult problems.

Read full article

Comments

© Benj Edwards / OpenAI

The Wild West of copyrighted characters in AI may be coming to an end. There has been legal wrangling over the role of copyright in the AI era, but the mother of all legal teams may now be gearing up for a fight. Disney has sent a cease and desist to Google, alleging the company’s AI tools are infringing Disney’s copyrights “on a massive scale.”

According to the letter, Google is violating the entertainment conglomerate’s intellectual property in multiple ways. The legal notice says Google has copied a “large corpus” of Disney’s works to train its gen AI models, which is believable, as Google’s image and video models will happily produce popular Disney characters—they couldn’t do that without feeding the models lots of Disney data.

The C&D also takes issue with Google for distributing “copies of its protected works” to consumers. So all those memes you’ve been making with Disney characters? Yeah, Disney doesn’t like that, either. The letter calls out a huge number of Disney-owned properties that can be prompted into existence in Google AI, including The Lion King, Deadpool, and Star Wars.

Read full article

Comments

© Aurich Lawson

Car company said team detected ‘unusual activity’ inside vehicle and called to check on rider and alert 911

Self-driving Waymo taxis have gone viral for negative reasons including the death of a beloved San Francisco bodega cat and pulling an illegal U-turn in front of police, who were unable to issue a ticket to a nonexistent driver.

But this week, the company behind the self-driving taxis is drawing attention to the happier news that a San Francisco woman gave birth in a Waymo.

Continue reading...

© Photograph: Justin Sullivan/Getty Images

© Photograph: Justin Sullivan/Getty Images

© Photograph: Justin Sullivan/Getty Images

Long ago, Google’s Android-powered wearables had hands-free navigation gestures. Those fell by the wayside as Google shredded its wearable strategy over and over, but gestures are back, baby. The Pixel Watch 4 is getting an update that adds several gestures, one of which is straight out of the Apple playbook.

When the update hits devices, the Pixel Watch 4 will gain a double pinch gesture like the Apple Watch has. By tapping your thumb and forefinger together, you can answer or end calls, pause timers, and more. The watch will also prompt you at times when you can use the tap gesture to control things.

In previous incarnations of Google-powered watches, a quick wrist turn gesture would scroll through lists. In the new gesture system, that motion dismisses what’s on the screen. For example, you can clear a notification from the screen or dismiss an incoming call. Pixel Watch 4 owners will also enjoy this one when the update arrives.

Read full article

Comments

© Ryan Whitwam

Google said it's working to create two different categories of artificial intelligence-powered smart glasses to compete next year with existing models from Meta Platforms: one with screens, and another that's audio focused. From a report: The first AI glasses that Google is collaborating on will arrive sometime in 2026, it said in a blog post Monday. Samsung Electronics, Warby Parker and Gentle Monster are among its early hardware partners, but the companies have yet to show any final designs. Google also outlined several software improvements coming to Samsung's Galaxy XR headset, including a travel mode that will allow the mixed-reality device to be used in cars and on planes.

Read more of this story at Slashdot.

Google and Apple have released new global cyber threat notifications, alerting users across dozens of countries to potential targeting by state-linked hackers. The latest warnings reflect growing concerns about government-backed surveillance operations and the expanding commercial spyware marketplace.  Both companies confirmed that the alerts were sent this week as part of their ongoing efforts to protect users from digital espionage. The warnings are tied to commercial surveillance firms, including Intellexa, which has been repeatedly linked to high-end spyware deployments around the globe. 

Apple Sends Warning Across More than 80 Countries 

Apple stated that its newest set of threat notifications was dispatched on December 2, though the company declined to identify the number of affected users or the specific actors involved. These warnings are triggered when technical evidence indicates that individuals are being deliberately targeted by advanced hacking techniques believed to be connected to state agencies or their contractors.  While Apple did not specify locations for this week’s alerts, it confirmed that, since the initiative began, users in more than 150 countries have received similar warnings. This aligns with the company’s broader strategy of alerting customers when activity consistent with state-directed surveillance operations is detected. 

Google Reports Intellexa Spyware Targeting Several Hundred Accounts 

Google also announced that it had notified “several hundred accounts” identified as being targeted by spyware developed by Intellexa, a surveillance vendor sanctioned by the United States. According to Google’s threat intelligence team, the attempted compromises spanned a wide geographic range. Users in Pakistan, Kazakhstan, Angola, Egypt, Uzbekistan, Saudi Arabia, and Tajikistan were among those affected. 

Also read: Sanctioned Spyware Vendor Used iOS Zero-Day Exploit Chain Against Egyptian Targets

The tech giant stated that Intellexa has continued to operate and adapt its tools despite U.S. sanctions. Executives associated with the company did not respond to inquiries about the allegations. Google also noted that this round of alerts covered people in more than 80 countries, stressing the nature of the attempted intrusions by state-linked hackers.

Rising Scrutiny of Commercial Spyware 

The latest notifications from Google and Apple are part of a bigger concern surrounding the global spyware industry. Both companies have repeatedly warned that commercial surveillance tools, particularly those sold to government clients, are becoming increasingly common in targeting journalists, activists, political figures, and other high-risk individuals.  Previous disclosures from Apple and Google have already prompted official scrutiny. The European Union has launched investigations in past cases, especially after reports that senior EU officials were targeted with similar spyware technologies. These inquiries often expand into broader examinations of cross-border surveillance practices and the companies that supply such tools. 

Also read: Leaked Files Expose Intellexa’s Remote Access to Customer Systems and Live Surveillance Ops

Tech Firms Decline to Name Specific Attackers 

Despite the breadth of the new alerts, neither Google nor Apple offered details about the identities of the actors behind the latest attempts. Apple also declined to describe the nature of the malicious activity detected. Both companies stress that withholding technical specifics is common when dealing with state-linked hackers, as revealing investigative methods could interfere with ongoing monitoring operations.  Although the exact attackers remain unnamed, the alerts demonstrate a global distribution of spyware activity. Google’s identification of affected users across multiple continents, along with Apple’s acknowledgment of notifications issued in over 150 countries over time, shows that the threat posed by government-aligned surveillance groups continues to expand. 

Security and developer teams are scrambling to address a highly critical security flaw in frameworks tied to the popular React JavaScript library. Not only is the vulnerability, which also is in the Next.js framework, easy to exploit, but React is widely used, including in 39% of cloud environments.

The post Dangerous RCE Flaw in React, Next.js Threatens Cloud Environments, Apps appeared first on Security Boulevard.

Almost every technological innovation of the past several years has been laser-focused on one thing: generative AI. Many of these supposedly revolutionary systems run on big, expensive servers in a data center somewhere, but at the same time, chipmakers are crowing about the power of the neural processing units (NPU) they have brought to consumer devices. Every few months, it’s the same thing: This new NPU is 30 or 40 percent faster than the last one. That’s supposed to let you do something important, but no one really gets around to explaining what that is.

Experts envision a future of secure, personal AI tools with on-device intelligence, but does that match the reality of the AI boom? AI on the “edge” sounds great, but almost every AI tool of consequence is running in the cloud. So what’s that chip in your phone even doing?

What is an NPU?

Companies launching a new product often get bogged down in superlatives and vague marketing speak, so they do a poor job of explaining technical details. It’s not clear to most people buying a phone why they need the hardware to run AI workloads, and the supposed benefits are largely theoretical.

Read full article

Comments

© Aurich Lawson | Getty Images

The shoe is most certainly on the other foot. On Monday, OpenAI CEO Sam Altman reportedly declared a “code red” at the company to improve ChatGPT, delaying advertising plans and other products in the process,  The Information reported based on a leaked internal memo. The move follows Google’s release of its Gemini 3 model last month, which has outperformed ChatGPT on some industry benchmark tests and sparked high-profile praise on social media.

In the memo, Altman wrote, “We are at a critical time for ChatGPT.” The company will push back work on advertising integration, AI agents for health and shopping, and a personal assistant feature called Pulse. Altman encouraged temporary team transfers and established daily calls for employees responsible for enhancing the chatbot.

The directive creates an odd symmetry with events from December 2022, when Google management declared its own “code red” internal emergency after ChatGPT launched and rapidly gained in popularity. At the time, Google CEO Sundar Pichai reassigned teams across the company to develop AI prototypes and products to compete with OpenAI’s chatbot. Now, three years later, the AI industry is in a very different place.

Read full article

Comments

© Anadolu via Getty Images

CISA warned today that two Android zero-day vulnerabilities are under active attack, within hours of Google releasing patches for the flaws. Both are high-severity Android framework vulnerabilities. CVE-2025-48572 is a Privilege Escalation vulnerability, while CVE-2025-48633 is an Information Disclosure vulnerability. Both were among 107 Android vulnerabilities addressed by Google in its December security bulletin released today.

Android Vulnerabilities CVE-2025-48572 and CVE-2025-48633 Under Attack

Google warned that the CVE-2025-48572 and CVE-2025-48633 framework vulnerabilities “may be under limited, targeted exploitation.” The U.S. Cybersecurity and Infrastructure Security Agency (CISA) followed with its own alert adding the Android vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risks to the federal enterprise,” CISA warned. “CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice,” the U.S. cybersecurity agency added. The vulnerabilities are so new that the CVE Program lists the CVE numbers as “reserved,” with details yet to be released. Neither Google nor CISA provided further details on how the vulnerabilities are being exploited.

7 Critical Android Vulnerabilities Also Patched

The December Android security bulletin also addressed seven critical vulnerabilities, the most severe of which is CVE-2025-48631, a framework Denial of Service (DoS) vulnerability that Google warned “could lead to remote denial of service with no additional execution privileges needed.” Four of the critical vulnerabilities affect the Android kernel and are all Elevation of Privilege (EoP) vulnerabilities: CVE-2025-48623, CVE-2025-48624, CVE-2025-48637, and CVE-2025-48638. The other two critical vulnerabilities affect Qualcomm closed-source components: CVE-2025-47319, an Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability, and CVE-2025-47372, a Buffer Overflow vulnerability that could lead to memory corruption. Google lists CVE-2025-47319 as “Critical” while Qualcomm lists the vulnerability as Medium severity; both list CVE-2025-47372 as Critical. The Qualcomm vulnerabilities are addressed in detail in The Cyber Express article Qualcomm Issues Critical Security Alert Over Secure Boot Vulnerability published earlier today.

Google is following through on its pledge to split Android versions into more frequent updates. We already had one Android 16 release this year, and now it’s time for the second. The new version is rolling out first on Google’s Pixel phones, featuring more icon customization, easier parental controls, and AI-powered notifications. Don’t be bummed if you aren’t first in line for the new Android 16—Google also has a raft of general improvements coming to the wider Android ecosystem.

Android 16, part 2

Since rolling out the first version of Android in 2008, Google has largely stuck to one major release per year. Android 16 changes things, moving from one monolithic release to two. Today’s OS update is the second part of the Android 16 era, but don’t expect major changes. As expected, the first release in June made more changes. Most of what we’ll see in the second update is geared toward Google’s Pixel phones, plus some less notable changes for developers.

Google’s new AI features for notifications are probably the most important change. Android 16 will use AI for two notification tasks: summarizing and organizing. The OS will take long chat conversations and summarize the notifications with AI. Notification data is processed locally on the device and won’t be uploaded anywhere. In the notification shade, the collapsed notification line will feature a summary of the conversation rather than a snippet of one message. Expanding the notification will display the full text.

Read full article

Comments

© Ryan Whitwam

Have you been trying to cast Stranger Things from your phone, only to find that your TV isn’t cooperating? It’s not the TV—Netflix is to blame for this one, and it’s intentional. The streaming app has recently updated its support for Google Cast to disable the feature in most situations. You’ll need to pay for one of the company’s more expensive plans, and even then, Netflix will only cast to older TVs and streaming dongles.

The Google Cast system began appearing in apps shortly after the original Chromecast launched in 2013. Since then, Netflix users have been able to start video streams on TVs and streaming boxes from the mobile app. That was vital for streaming targets without their own remote or on-screen interface, but times change.

Today, Google has moved beyond the remote-free Chromecast experience, and most TVs have their own standalone Netflix apps. Netflix itself is also allergic to anything that would allow people to share passwords or watch in a new place. Over the last couple of weeks, Netflix updated its app to remove most casting options, mirroring a change in 2019 to kill Apple AirPlay.

Read full article

Comments

© Bloomberg

Google is suing more than two dozen unnamed individuals allegedly involved in peddling a popular China-based mobile phishing service that helps scammers impersonate hundreds of trusted brands, blast out text message lures, and convert phished payment card data into mobile wallets from Apple and Google.

In a lawsuit filed in the Southern District of New York on November 12, Google sued to unmask and disrupt 25 “John Doe” defendants allegedly linked to the sale of Lighthouse, a sophisticated phishing kit that makes it simple for even novices to steal payment card data from mobile users. Google said Lighthouse has harmed more than a million victims across 120 countries.

Lighthouse is one of several prolific phishing-as-a-service operations known as the “Smishing Triad,” and collectively they are responsible for sending millions of text messages that spoof the U.S. Postal Service to supposedly collect some outstanding delivery fee, or that pretend to be a local toll road operator warning of a delinquent toll fee. More recently, Lighthouse has been used to spoof e-commerce websites, financial institutions and brokerage firms.

Regardless of the text message lure or brand used, the basic scam remains the same: After the visitor enters their payment information, the phishing site will automatically attempt to enroll the card as a mobile wallet from Apple or Google. The phishing site then tells the visitor that their bank is going to verify the transaction by sending a one-time code that needs to be entered into the payment page before the transaction can be completed.

If the recipient provides that one-time code, the scammers can link the victim’s card data to a mobile wallet on a device that they control. Researchers say the fraudsters usually load several stolen wallets onto each mobile device, and wait 7-10 days after that enrollment before selling the phones or using them for fraud.

Google called the scale of the Lighthouse phishing attacks “staggering.” A May 2025 report from Silent Push found the domains used by the Smishing Triad are rotated frequently, with approximately 25,000 phishing domains active during any 8-day period.

Google’s lawsuit alleges the purveyors of Lighthouse violated the company’s trademarks by including Google’s logos on countless phishing websites. The complaint says Lighthouse offers over 600 templates for phishing websites of more than 400 entities, and that Google’s logos were featured on at least a quarter of those templates.

Google is also pursuing Lighthouse under the Racketeer Influenced and Corrupt Organizations (RICO) Act, saying the Lighthouse phishing enterprise encompasses several connected threat actor groups that work together to design and implement complex criminal schemes targeting the general public.

According to Google, those threat actor teams include a “developer group” that supplies the phishing software and templates; a “data broker group” that provides a list of targets; a “spammer group” that provides the tools to send fraudulent text messages in volume; a “theft group,” in charge of monetizing the phished information; and an “administrative group,” which runs their Telegram support channels and discussion groups designed to facilitate collaboration and recruit new members.

“While different members of the Enterprise may play different roles in the Schemes, they all collaborate to execute phishing attacks that rely on the Lighthouse software,” Google’s complaint alleges. “None of the Enterprise’s Schemes can generate revenue without collaboration and cooperation among the members of the Enterprise. All of the threat actor groups are connected to one another through historical and current business ties, including through their use of Lighthouse and the online community supporting its use, which exists on both YouTube and Telegram channels.”

Silent Push’s May report observed that the Smishing Triad boasts it has “300+ front desk staff worldwide” involved in Lighthouse, staff that is mainly used to support various aspects of the group’s fraud and cash-out schemes.

Google alleges that in addition to blasting out text messages spoofing known brands, Lighthouse makes it easy for customers to mass-create fake e-commerce websites that are advertised using Google Ads accounts (and paid for with stolen credit cards). These phony merchants collect payment card information at checkout, and then prompt the customer to expect and share a one-time code sent from their financial institution.

Once again, that one-time code is being sent by the bank because the fake e-commerce site has just attempted to enroll the victim’s payment card data in a mobile wallet. By the time a victim understands they will likely never receive the item they just purchased from the fake e-commerce shop, the scammers have already run through hundreds of dollars in fraudulent charges, often at high-end electronics stores or jewelers.

Ford Merrill works in security research at SecAlliance, a CSIS Security Group company, and he’s been tracking Chinese SMS phishing groups for several years. Merrill said many Lighthouse customers are now using the phishing kit to erect fake e-commerce websites that are advertised on Google and Meta platforms.

“You find this shop by searching for a particular product online or whatever, and you think you’re getting a good deal,” Merrill said. “But of course you never receive the product, and they will phish that one-time code at checkout.”

Merrill said some of the phishing templates include payment buttons for services like PayPal, and that victims who choose to pay through PayPal can also see their PayPal accounts hijacked.

“The main advantage of the fake e-commerce site is that it doesn’t require them to send out message lures,” Merrill said, noting that the fake vendor sites have more staying power than traditional phishing sites because it takes far longer for them to be flagged for fraud.

Merrill said Google’s legal action may temporarily disrupt the Lighthouse operators, and could make it easier for U.S. federal authorities to bring criminal charges against the group. But he said the Chinese mobile phishing market is so lucrative right now that it’s difficult to imagine a popular phishing service voluntarily turning out the lights.

Merrill said Google’s lawsuit also can help lay the groundwork for future disruptive actions against Lighthouse and other phishing-as-a-service entities that are operating almost entirely on Chinese networks. According to Silent Push, a majority of the phishing sites created with these kits are sitting at two Chinese hosting companies: Tencent (AS132203) and Alibaba (AS45102).

“Once Google has a default judgment against the Lighthouse guys in court, theoretically they could use that to go to Alibaba and Tencent and say, ‘These guys have been found guilty, here are their domains and IP addresses, we want you to shut these down or we’ll include you in the case.'”

If Google can bring that kind of legal pressure consistently over time, Merrill said, they might succeed in increasing costs for the phishers and more frequently disrupting their operations.

“If you take all of these Chinese phishing kit developers, I have to believe it’s tens of thousands of Chinese-speaking people involved,” he said. “The Lighthouse guys will probably burn down their Telegram channels and disappear for a while. They might call it something else or redevelop their service entirely. But I don’t believe for a minute they’re going to close up shop and leave forever.”

An anonymous reader shares a report: Singapore's police have ordered Apple and Google to prevent the spoofing of government agencies on their messaging platforms, the home affairs ministry said on Tuesday. The order under the nation's Online Criminal Harms Act came after the police observed scams on Apple's iMessage and Google Messages purporting to be from companies such as the local postal service SingPost. While government agencies have registered with a local SMS registry so only they can send messages with the "gov.sg" name, this does not currently apply to the iMessage and Google Messages platforms.

Read more of this story at Slashdot.

An anonymous reader shares a report: Google is pushing back on viral social media posts and articles like this one by Malwarebytes, claiming Google has changed its policy to use your Gmail messages and attachments to train AI models, and the only way to opt out is by disabling "smart features" like spell checking. But Google spokesperson Jenny Thomson tells The Verge that "these reports are misleading -- we have not changed anyone's settings, Gmail Smart Features have existed for many years, and we do not use your Gmail content for training our Gemini AI model."

Read more of this story at Slashdot.

NATO has hired Google to provide "air-gapped" sovereign cloud services and AI in "completely disconnected, highly secure environments." From a report: The Chocolate Factory will support the military alliance's Joint Analysis, Training, and Education Centre (JATEC) in a move designed to improve its digital infrastructure and strengthen its data governance. NATO was formed in 1949 after Belgium, Canada, Denmark, France, Iceland, Italy, Luxembourg, the Netherlands, Norway, Portugal, the United Kingdom, and the United States signed the North Atlantic Treaty. Since then, 20 more European countries have joined, most recently Finland and Sweden. US President Donald Trump has criticized fellow members' financial contribution to the alliance and at times cast doubt over how likely the US is to defend its NATO allies. In an announcement this week, Google Cloud said the "significant, multimillion-dollar contract" with the NATO Communication and Information Agency (NCIA) would offer highly secure, sovereign cloud capabilities. The agreement promises NATO "uncompromised data residency and operational controls, providing the highest degree of security and autonomy, regardless of scale or complexity," the statement said.

Read more of this story at Slashdot.

An anonymous reader shares a report: With the release of its third version last week, Google's Gemini large language model surged past ChatGPT and other competitors to become the most capable AI chatbot, as determined by consensus industry-benchmark tests. [...] Aaron Levie, chief executive of the cloud content management company Box, got early access to Gemini 3 several days ahead of the launch. The company ran its own evaluations of the model over the weekend to see how well it could analyze large sets of complex documents. "At first we kind of had to squint and be like, 'OK, did we do something wrong in our eval?' because the jump was so big," he said. "But every time we tested it, it came out double-digit points ahead." [...] Google has been scrambling to get an edge in the AI race since the launch of ChatGPT three years ago, which stoked fears among investors that the company's iconic search engine would lose significant traffic to chatbots. The company struggled for months to get traction. Chief Executive Sundar Pichai and other executives have since worked to overhaul the company's AI development strategy by breaking down internal silos, streamlining leadership and consolidating work on its models, employees say. Sergey Brin, one of Google's co-founders, resumed a day-to-day role at the company helping to oversee its AI-development efforts.

Read more of this story at Slashdot.

Google's AI infrastructure chief told employees the company must double its AI serving capacity every six months in order to meet demand. In a presentation earlier this month, Amin Vahdat, a vice president at Google Cloud, gave a presentation titled "AI Infrastructure." It included a slide on "AI compute demand" that said: "Now we must double every 6 months.... the next 1000x in 4-5 years." CNBC reports: The presentation was delivered a week after Alphabet reported better-than-expected third-quarter results and raised its capital expenditures forecast for the second time this year, to a range of $91 billion to $93 billion, followed by a "significant increase" in 2026. Hyperscaler peers Microsoft, Amazon and Meta also boosted their capex guidance, and the four companies now expect to collectively spend more than $380 billion this year. Google's "job is of course to build this infrastructure but it's not to outspend the competition, necessarily," Vahdat said. "We're going to spend a lot," he said, adding that the real goal is to provide infrastructure that is far "more reliable, more performant and more scalable than what's available anywhere else." In addition to infrastructure build-outs, Vahdat said Google bolsters capacity with more efficient models and through its custom silicon. Last week, Google announced the public launch of its seventh generation Tensor Processing Unit called Ironwood, which the company says is nearly 30 times more power efficient than its first Cloud TPU from 2018. Vahdat said the company has a big advantage with DeepMind, which has research on what AI models can look like in future years. Google needs to "be able to deliver 1,000 times more capability, compute, storage networking for essentially the same cost and increasingly, the same power, the same energy level," Vahdat said. "It won't be easy but through collaboration and co-design, we're going to get there."

Read more of this story at Slashdot.

While AI bubble talk fills the air these days, with fears of overinvestment that could pop at any time, something of a contradiction is brewing on the ground: Companies like Google and OpenAI can barely build infrastructure fast enough to fill their AI needs.

During an all-hands meeting earlier this month, Google’s AI infrastructure head Amin Vahdat told employees that the company must double its serving capacity every six months to meet demand for artificial intelligence services, reports CNBC. The comments show a rare look at what Google executives are telling its own employees internally. Vahdat, a vice president at Google Cloud, presented slides to its employees showing the company needs to scale “the next 1000x in 4-5 years.”

While a thousandfold increase in compute capacity sounds ambitious by itself, Vahdat noted some key constraints: Google needs to be able to deliver this increase in capability, compute, and storage networking “for essentially the same cost and increasingly, the same power, the same energy level,” he told employees during the meeting. “It won’t be easy but through collaboration and co-design, we’re going to get there.”

Read full article

Comments

© Google

OpenAI CEO Sam Altman told colleagues last month that Google's recent progress in AI could "create some temporary economic headwinds for our company," though he added that OpenAI would emerge ahead, The Information reports [non-paywalled source]. From the report: After OpenAI researchers heard that Google had created a new AI that appears to have leapfrogged OpenAI's in the way it was developed, Altman said in the memo that "we know we have some work to do but we are catching up fast." Still, he cautioned employees that "I expect the vibes out there to be rough for a bit."

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: Google's meme-friendly Nano Banana image-generation model is getting an upgrade. The new Nano Banana Pro is rolling out with improved reasoning and instruction following, giving users the ability to create more accurate images with legible text and make precise edits to existing images. It's available to everyone in the Gemini app, but free users will find themselves up against the usage limits pretty quickly. Nano Banana Pro is part of the newly launched Gemini 3 Pro -- it's actually called Gemini 3 Pro Image in the same way the original is Gemini 2.5 Flash Image, but Google is sticking with the meme-y name. You can access it by selecting Gemini 3 Pro and then turning on the "Create images" option. Google says the new model can follow complex prompts to create more accurate images. The model is apparently so capable that it can generate an entire usable infographic in a single shot with no weird AI squiggles in place of words. Nano Banana Pro is also better at maintaining consistency in images. You can blend up to 14 images with this tool, and it can maintain the appearance of up to five people in outputs. Google also promises better editing. You can refine your AI images or provide Nano Banana Pro with a photo and make localized edits without as many AI glitches. It can even change core elements of the image like camera angles, color grading, and lighting without altering other elements. Google is pushing the professional use angle with its new model, which has much-improved resolution options. Your creations in Nano Banana Pro can be rendered at up to 4K.

Read more of this story at Slashdot.

An anonymous reader shares a report: Epishine, a company that makes solar cells optimized for indoor lighting, has announced its technology is being used in a new remote control for Google TV devices, as spotted by 9to5Google. The remote will rely on rechargeable batteries instead of disposable ones, and thanks to the use of solar cells on both sides it may only run out of power when it gets buried and forgotten in the dark abyss of your couch cushions.

Read more of this story at Slashdot.

Earlier this year, Google announced the end of its efforts to get Steam running on Chromebooks, but it’s not done trying to make these low-power laptops into gaming machines. Google has teamed up with Nvidia to offer a version of GeForce Now cloud streaming that is perplexingly limited in some ways and generous in others. Starting today, anyone who buys a Chromebook will get a free year of a new service called GeForce Now Fast Pass. There are no ads and less waiting for server slots, but you don’t get to play very long.

Back before Google killed its Stadia game streaming service, it would often throw in a few months of the Pro subscription with Chromebook purchases. In the absence of its own gaming platform, Google has turned to Nvidia to level up Chromebook gaming. GeForce Now (GFN), which has been around in one form or another for more than a decade, allows you to render games on a remote server and stream the video output to the device of your choice. It works on computers, phones, TVs, and yes, Chromebooks.

The new Chromebook feature is not the same GeForce Now subscription you can get from Nvidia. Fast Pass, which is exclusive to Chromebooks, includes a mishmash of limits and bonuses that make it a pretty strange offering. Fast Pass is based on the free tier of GeForce Now, but users will get priority access to server slots. So no queuing for five or 10 minutes to start playing. It also lacks the ads that Nvidia’s standard free tier includes. Fast Pass also uses the more powerful RTX servers, which are otherwise limited to the $10-per-month ($100 yearly) Performance tier.

Read full article

Comments

© Asus

Google’s platform for casting audio and navigation apps from a smartphone to a car’s infotainment system beat Apple’s to market by a good while, but that head start has not always kept Android Auto in the lead ahead of CarPlay. But an upgrade rolls out today—provided you already have Gemini on your phone, now it can interact with you while you drive.

What has sometimes felt like a hands-off approach by Google toward Android Auto didn’t reflect an indifference to making inroads into the automotive world. Apple might have its flashy CarPlay Ultra that lets the company take over the look and feel of a car’s digital UI, but outside of an Aston Martin, where will any of us encounter that?

Meanwhile the confusingly similarly named Android Automotive OS—a version of Android developed to run with the kind of stability required in a vehicle as opposed to a handheld—has made solid inroads with automakers, and you’ll find AAOS running in dozens of makes from OEMs like General Motors, Volkswagen Group, Stellantis, Geely, and more, although not always with the Google Automotive Services—Google Maps, Google Play, and Google Assistant—that impressed us in 2021 when we drove the original Polestar 2.

Read full article

Comments

© Google

Google’s meme-friendly Nano Banana image-generation model is getting an upgrade. The new Nano Banana Pro is rolling out with improved reasoning and instruction following, giving users the ability to create more accurate images with legible text and make precise edits to existing images. It’s available to everyone in the Gemini app, but free users will find themselves up against the usage limits pretty quickly.

Nano Banana Pro is part of the newly launched Gemini 3 Pro—it’s actually called Gemini 3 Pro Image in the same way the original is Gemini 2.5 Flash Image, but Google is sticking with the meme-y name. You can access it by selecting Gemini 3 Pro and then turning on the “Create images” option.

Google says the new model can follow complex prompts to create more accurate images. The model is apparently so capable that it can generate an entire usable infographic in a single shot with no weird AI squiggles in place of words. Nano Banana Pro is also better at maintaining consistency in images. You can blend up to 14 images with this tool, and it can maintain the appearance of up to five people in outputs.

Read full article

Comments

© Google

Google has filed a complaint in court that details the scam:

In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card numbers, or banking information, often by impersonating well-known brands, government agencies, or even people the victim knows.”

These branded “Lighthouse” kits offer two versions of software, depending on whether bad actors want to launch SMS and e-commerce scams. “Members may subscribe to weekly, monthly, seasonal, annual, or permanent licenses,” Google alleged. Kits include “hundreds of templates for fake websites, domain set-up tools for those fake websites, and other features designed to dupe victims into believing they are entering sensitive information on a legitimate website.”...

The post Scam USPS and E-Z Pass Texts and Websites appeared first on Security Boulevard.

Update November 22. We’ve updated this article after realising we contributed to a perfect storm of misunderstanding around a recent change in the wording and placement of Gmail’s smart features. The settings themselves aren’t new, but the way Google recently rewrote and surfaced them led a lot of people (including us) to believe Gmail content might be used to train Google’s AI models, and that users were being opted in automatically. After taking a closer look at Google’s documentation and reviewing other reporting, that doesn’t appear to be the case.

Gmail does scan email content to power its own “smart features,” such as spam filtering, categorisation, and writing suggestions. But this is part of how Gmail normally works and isn’t the same as training Google’s generative AI models. Google also maintains that these feature settings are opt-in rather than opt-out, although users’ experiences seem to vary depending on when and how the new wording appeared.

It’s easy to see where the confusion came from. Google’s updated language around “smart features” is vague, and the term “smart” often implies AI—especially at a time when Gemini is being integrated into other parts of Google’s products. When the new wording started appearing for some users without much explanation, many assumed it signalled a broader shift. It’s also come around the same time as a proposed class-action lawsuit in the state of California, which, according to Bloomberg, alleges that Google gave Gemini AI access to Gmail, Chat, and Meet without proper user consent.

We’ve revised this article to reflect what we can confirm from Google’s documentation, as it’s always been our aim to give readers accurate, helpful guidance.

---

Google has updated some Gmail settings around how its “smart features” work, which control how Gmail analyses your messages to power built-in functions.

According to reports we’ve seen, Google has started automatically opting users in to allow Gmail to access all private messages and attachments for its smart features. This means your emails are analyzed to improve your experience with Chat, Meet, Drive, Email and Calendar products. However, some users are now reporting that these settings are switched on by default instead of asking for explicit opt-in—although Google’s help page states that users are opted-out for default.

How to check your settings

Opting in or out requires you to change settings in two places, so I’ve tried to make it as easy to follow as possible. Feel free to let me know in the comments if I missed anything.

To fully opt out, you must turn off Gmail’s smart features in two separate locations in your settings. Don’t miss one, or AI training may continue.

Step 1: Turn off Smart features in Gmail, Chat, and Meet settings

• Open Gmail on your desktop or mobile app.
• Click the gear icon → See all settings (desktop) or Menu → Settings (mobile).
• Find the section called smart features in Gmail, Chat, and Meet. You’ll need to scroll down quite a bit.

• Uncheck this option.
• Scroll down and hit Save changes if on desktop.

Step 2: Turn off Google Workspace smart features

• Still in Settings, locate Google Workspace smart features.
• Click on Manage Workspace smart feature settings.
• You’ll see two options: Smart features in Google Workspace and Smart features in other Google products.

• Toggle both off.
• Save again in this screen.

Step 3: Verify if both are off

• Make sure both toggles remain off.
• Refresh your Gmail app or sign out and back in to confirm changes.

---

We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

Google has filed a complaint in court that details the scam:

In a complaint filed Wednesday, the tech giant accused “a cybercriminal group in China” of selling “phishing for dummies” kits. The kits help unsavvy fraudsters easily “execute a large-scale phishing campaign,” tricking hordes of unsuspecting people into “disclosing sensitive information like passwords, credit card numbers, or banking information, often by impersonating well-known brands, government agencies, or even people the victim knows.”

These branded “Lighthouse” kits offer two versions of software, depending on whether bad actors want to launch SMS and e-commerce scams. “Members may subscribe to weekly, monthly, seasonal, annual, or permanent licenses,” Google alleged. Kits include “hundreds of templates for fake websites, domain set-up tools for those fake websites, and other features designed to dupe victims into believing they are entering sensitive information on a legitimate website.”

Google’s filing said the scams often begin with a text claiming that a toll fee is overdue or a small fee must be paid to redeliver a package. Other times they appear as ads—­sometimes even Google ads, until Google detected and suspended accounts—­luring victims by mimicking popular brands. Anyone who clicks will be redirected to a website to input sensitive information; the sites often claim to accept payments from trusted wallets like Google Pay.

Google released Gemini 3 on Tuesday, launching its latest AI model with a breakthrough score of 1501 Elo on the LMArena Leaderboard alongside state-of-the-art performance across multiple benchmarks including 91.9% on GPQA Diamond for PhD-level reasoning and 37.5% on Humanity's Last Exam without tool usage. The model is available starting today in the Gemini app, AI Mode in Search for Google AI Pro, Google AI Studio, Vertex AI and the newly launched Google Antigravity agentic development platform. Third-party platforms including Cursor, GitHub, JetBrains, Manus, and Replit are also gaining access. Separately, Google said AI Overviews now have 2 billion users every month. Gemini app has topped 650 million users per month.

Read more of this story at Slashdot.

Every company would be affected if the AI bubble were to burst, the head of Google's parent firm Alphabet has told the BBC. From the report: Speaking exclusively to BBC News, Sundar Pichai said while the growth of artificial intelligence investment had been an "extraordinary moment", there was some "irrationality" in the current AI boom. It comes amid fears in Silicon Valley and beyond of a bubble as the value of AI tech companies has soared in recent months and companies spend big on the burgeoning industry. Asked whether Google would be immune to the impact of the AI bubble bursting, Mr Pichai said the tech giant could weather that potential storm, but also issued a warning. "I think no company is going to be immune, including us," he said. In a wide-ranging exclusive interview at Google's California headquarters, he also addressed energy needs, slowing down climate targets, UK investment, the accuracy of his AI models, and the effect of the AI revolution on jobs.

Read more of this story at Slashdot.

Google is suing the Smishing Triad group behind the Lighthouse phishing-as-a-service kit that has been used over the past two years to scam more than 1 million people around the world with fraudulent package delivery or EZ-Pass toll fee messages and stealing millions of credit card numbers. Google also is backing bills in Congress to address the threat.

The post Google Uses Courts, Congress to Counter Massive Smishing Campaign appeared first on Security Boulevard.

A Phishing-as-a-Service (PhaaS) platform based in China, known as “Lighthouse,” is the subject of a new Google lawsuit.

Lighthouse enables smishing (SMS phishing) campaigns, and if you’re in the US there is a good chance you’ve seen their texts about a small amount you supposedly owe in toll fees. Here’s an example of a toll-fee scam text:

Google’s lawsuit brings claims against the Lighthouse platform under federal racketeering and fraud statutes, including the Racketeer Influenced and Corrupt Organizations Act (RICO), the Lanham Act, and the Computer Fraud and Abuse Act.

The texts lure targets to websites that impersonate toll authorities or other trusted organizations. The goal is to steal personal information and credit card numbers for use in further financial fraud.

As we reported in October 2025, Project Red Hook launched to combine the power of the US Homeland Security Investigations (HSI), law enforcement partners, and businesses to raise awareness of how Chinese organized crime groups use gift cards to launder money.

These toll, postage, and refund scams might look different on the surface, but they all feed the same machine, each one crafted to look like an urgent government or service message demanding a small fee. Together, they form an industrialized text-scam ecosystem that’s earned Chinese crime groups more than $1 billion in just three years.

Google says Lighthouse alone affected more than 1 million victims across 120 countries. A September report by Netcraft discussed two phishing campaigns believed to be associated with Lighthouse and “Lucid,” a very similar PhaaS platform. Since identifying these campaigns, Netcraft has detected more than 17,500 phishing domains targeting 316 brands from 74 countries.

As grounds for the lawsuit, Google says it found at least 107 phishing website templates that feature its own branding to boost credibility. But a lawsuit can only go so far, and Google says robust public policy is needed to address the broader threat of scams:

“We are collaborating with policymakers and are today announcing our endorsement of key bipartisan bills in the U.S. Congress.”

Will lawsuits, disruptions, and even bills make toll-fee scams go away? Not very likely. The only thing that will really help is if their source of income dries up because people stop falling for smishing. Education is the biggest lever.

Red flags in smishing messages

There are some tell-tale signs in these scams to look for:

1. Spelling and grammar mistakes: the scammers seem to have problems with formatting dates. For example “September 10nd”, “9st” (instead of 9th or 1st).
2. Urgency: you only have one or two days to pay. Or else…
3. The over-the-top threats: Real agencies won’t say your “credit score will be affected” for an unpaid traffic violation.
4. Made-up legal codes: “Ohio Administrative Code 15C-16.003” doesn’t match any real Ohio BMV administrative codes. When a code looks fake, it probably is!
5. Sketchy payment link: Truly trusted organizations don’t send urgent “pay now or else” links by text.
6. Vague or missing personalization: Genuine government agencies tend to use your legal name, not a generic scare message sent to many people at the same time.

Be alert to scams

Recognizing scams is the most important part of protecting yourself, so always consider these golden rules:

• Always search phone numbers and email addresses to look for associations with known scams.
• When in doubt, go directly to the website of the organization that contacted you to see if there are any messages for you.
• Do not get rushed into decisions without thinking them through.
• Do not click on links in unsolicited text messages.
• Do not reply, even if the text message explicitly tells you to do so.

If you have engaged with the scammers’ website:

• Immediately change your passwords for any accounts that may have been compromised. 
• Contact your bank or financial institution to report the incident and take any necessary steps to protect your accounts, such as freezing them or monitoring for suspicious activity. 
• Consider a fraud alert or credit freeze. To start layering protection, you might want to place a fraud alert or credit freeze on your credit file with all three of the primary credit bureaus. This makes it harder for fraudsters to open new accounts in your name.
• US citizens can report confirmed cases of identity theft to the FTC at identitytheft.gov.

Pro tip: You can upload suspicious messages of any kind to Malwarebytes Scam Guard. It will tell you whether it’s likely to be a scam and advise you what to do.

---

We don’t just report on scams—we help detect them

Cybersecurity risks should never spread beyond a headline. If something looks dodgy to you, check if it’s a scam using Malwarebytes Scam Guard, a feature of our mobile protection products. Submit a screenshot, paste suspicious content, or share a text or phone number, and we’ll tell you if it’s a scam or legit. Download Malwarebytes Mobile Security for iOS or Android and try it today!

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of thousands of infected Internet of Things (IoT) devices to proxy services that help cybercriminals anonymize their traffic. Experts say a glut of proxies from Aisuru and other sources is fueling large-scale data harvesting efforts tied to various artificial intelligence (AI) projects, helping content scrapers evade detection by routing their traffic through residential connections that appear to be regular Internet users.

First identified in August 2024, Aisuru has spread to at least 700,000 IoT systems, such as poorly secured Internet routers and security cameras. Aisuru’s overlords have used their massive botnet to clobber targets with headline-grabbing DDoS attacks, flooding targeted hosts with blasts of junk requests from all infected systems simultaneously.

In June, Aisuru hit KrebsOnSecurity.com with a DDoS clocking at 6.3 terabits per second — the biggest attack that Google had ever mitigated at the time. In the weeks and months that followed, Aisuru’s operators demonstrated DDoS capabilities of nearly 30 terabits of data per second — well beyond the attack mitigation capabilities of most Internet destinations.

These digital sieges have been particularly disruptive this year for U.S.-based Internet service providers (ISPs), in part because Aisuru recently succeeded in taking over a large number of IoT devices in the United States. And when Aisuru launches attacks, the volume of outgoing traffic from infected systems on these ISPs is often so high that it can disrupt or degrade Internet service for adjacent (non-botted) customers of the ISPs.

“Multiple broadband access network operators have experienced significant operational impact due to outbound DDoS attacks in excess of 1.5Tb/sec launched from Aisuru botnet nodes residing on end-customer premises,” wrote Roland Dobbins, principal engineer at Netscout, in a recent executive summary on Aisuru. “Outbound/crossbound attack traffic exceeding 1Tb/sec from compromised customer premise equipment (CPE) devices has caused significant disruption to wireline and wireless broadband access networks. High-throughput attacks have caused chassis-based router line card failures.”

The incessant attacks from Aisuru have caught the attention of federal authorities in the United States and Europe (many of Aisuru’s victims are customers of ISPs and hosting providers based in Europe). Quite recently, some of the world’s largest ISPs have started informally sharing block lists identifying the rapidly shifting locations of the servers that the attackers use to control the activities of the botnet.

Experts say the Aisuru botmasters recently updated their malware so that compromised devices can more easily be rented to so-called “residential proxy” providers. These proxy services allow paying customers to route their Internet communications through someone else’s device, providing anonymity and the ability to appear as a regular Internet user in almost any major city worldwide.

From a website’s perspective, the IP traffic of a residential proxy network user appears to originate from the rented residential IP address, not from the proxy service customer. Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence. But they are massively abused for hiding cybercrime activity (think advertising fraud, credential stuffing) because they can make it difficult to trace malicious traffic to its original source.

And as we’ll see in a moment, this entire shadowy industry appears to be shifting its focus toward enabling aggressive content scraping activity that continuously feeds raw data into large language models (LLMs) built to support various AI projects.

‘INSANE’ GROWTH

Riley Kilmer is co-founder of spur.us, a service that tracks proxy networks. Kilmer said all of the top proxy services have grown substantially over the past six months.

“I just checked, and in the last 90 days we’ve seen 250 million unique residential proxy IPs,” Kilmer said. “That is insane. That is so high of a number, it’s unheard of. These proxies are absolutely everywhere now.”

Today, Spur says it is tracking an unprecedented spike in available proxies across all providers, including;

LUMINATI_PROXY    11,856,421
NETNUT_PROXY    10,982,458
ABCPROXY_PROXY    9,294,419
OXYLABS_PROXY     6,754,790
IPIDEA_PROXY     3,209,313
EARNFM_PROXY    2,659,913
NODEMAVEN_PROXY    2,627,851
INFATICA_PROXY    2,335,194
IPROYAL_PROXY    2,032,027
YILU_PROXY    1,549,155

Reached for comment about the apparent rapid growth in their proxy network, Oxylabs (#4 on Spur’s list) said while their proxy pool did grow recently, it did so at nowhere near the rate cited by Spur.

“We don’t systematically track other providers’ figures, and we’re not aware of any instances of 10× or 100× growth, especially when it comes to a few bigger companies that are legitimate businesses,” the company said in a written statement.

Bright Data was formerly known as Luminati Networks, the name that is currently at the top of Spur’s list of the biggest residential proxy networks. Bright Data likewise told KrebsOnSecurity that Spur’s current estimates of its proxy network are dramatically overstated and inaccurate.

“We did not actively initiate nor do we see any 10x or 100x expansion of our network, which leads me to believe that someone might be presenting these IPs as Bright Data’s in some way,” said Rony Shalit, Bright Data’s chief compliance and ethics officer. “In many cases in the past, due to us being the leading data collection proxy provider, IPs were falsely tagged as being part of our network, or while being used by other proxy providers for malicious activity.”

“Our network is only sourced from verified IP providers and a robust opt-in only residential peers, which we work hard and in complete transparency to obtain,” Shalit continued. “Every DC, ISP or SDK partner is reviewed and approved, and every residential peer must actively opt in to be part of our network.”

HK NETWORK

Even Spur acknowledges that Luminati and Oxylabs are unlike most other proxy services on their top proxy providers list, in that these providers actually adhere to “know-your-customer” policies, such as requiring video calls with all customers, and strictly blocking customers from reselling access.

Benjamin Brundage is founder of Synthient, a startup that helps companies detect proxy networks. Brundage said if there is increasing confusion around which proxy networks are the most worrisome, it’s because nearly all of these lesser-known proxy services have evolved into highly incestuous bandwidth resellers. What’s more, he said, some proxy providers do not appreciate being tracked and have been known to take aggressive steps to confuse systems that scan the Internet for residential proxy nodes.

Brundage said most proxy services today have created their own software development kit or SDK that other app developers can bundle with their code to earn revenue. These SDKs quietly modify the user’s device so that some portion of their bandwidth can be used to forward traffic from proxy service customers.

“Proxy providers have pools of constantly churning IP addresses,” he said. “These IP addresses are sourced through various means, such as bandwidth-sharing apps, botnets, Android SDKs, and more. These providers will often either directly approach resellers or offer a reseller program that allows users to resell bandwidth through their platform.”

Many SDK providers say they require full consent before allowing their software to be installed on end-user devices. Still, those opt-in agreements and consent checkboxes may be little more than a formality for cybercriminals like the Aisuru botmasters, who can earn a commission each time one of their infected devices is forced to install some SDK that enables one or more of these proxy services.

Depending on its structure, a single provider may operate hundreds of different proxy pools at a time — all maintained through other means, Brundage said.

“Often, you’ll see resellers maintaining their own proxy pool in addition to an upstream provider,” he said. “It allows them to market a proxy pool to high-value clients and offer an unlimited bandwidth plan for cheap reduce their own costs.”

Some proxy providers appear to be directly in league with botmasters. Brundage identified one proxy seller that was aggressively advertising cheap and plentiful bandwidth to content scraping companies. After scanning that provider’s pool of available proxies, Brundage said he found a one-to-one match with IP addresses he’d previously mapped to the Aisuru botnet.

Brundage says that by almost any measurement, the world’s largest residential proxy service is IPidea, a China-based proxy network. IPidea is #5 on Spur’s Top 10, and Brundage said its brands include ABCProxy (#3), Roxlabs, LunaProxy, PIA S5 Proxy, PyProxy, 922Proxy, 360Proxy, IP2World, and Cherry Proxy. Spur’s Kilmer said they also track Yilu Proxy (#10) as IPidea.

Brundage said all of these providers operate under a corporate umbrella known on the cybercrime forums as “HK Network.”

“The way it works is there’s this whole reseller ecosystem, where IPidea will be incredibly aggressive and approach all these proxy providers with the offer, ‘Hey, if you guys buy bandwidth from us, we’ll give you these amazing reseller prices,'” Brundage explained. “But they’re also very aggressive in recruiting resellers for their apps.”

Those apps include a range of low-cost and “free” virtual private networking (VPN) services that indeed allow users to enjoy a free VPN, but which also turn the user’s device into a traffic relay that can be rented to cybercriminals, or else parceled out to countless other proxy networks.

“They have all this bandwidth to offload,” Brundage said of IPidea and its sister networks. “And they can do it through their own platforms, or they go get resellers to do it for them by advertising on sketchy hacker forums to reach more people.”

One of IPidea’s core brands is 922S5Proxy, which is a not-so-subtle nod to the 911S5Proxy service that was hugely popular between 2015 and 2022. In July 2022, KrebsOnSecurity published a deep dive into 911S5Proxy’s origins and apparent owners in China. Less than a week later, 911S5Proxy announced it was closing down after the company’s servers were massively hacked.

That 2022 story named Yunhe Wang from Beijing as the apparent owner and/or manager of the 911S5 proxy service. In May 2024, the U.S. Department of Justice arrested Mr Wang, alleging that his network was used to steal billions of dollars from financial institutions, credit card issuers, and federal lending programs. At the same time, the U.S. Treasury Department announced sanctions against Wang and two other Chinese nationals for operating 911S5Proxy.

DATA SCRAPING FOR AI

In recent months, multiple experts who track botnet and proxy activity have shared that a great deal of content scraping which ultimately benefits AI companies is now leveraging these proxy networks to further obfuscate their aggressive data-slurping activity. That’s because by routing it through residential IP addresses, content scraping firms can make their traffic far trickier to filter out.

“It’s really difficult to block, because there’s a risk of blocking real people,” Spur’s Kilmer said of the LLM scraping activity that is fed through individual residential IP addresses, which are often shared by multiple customers at once.

Kilmer says the AI industry has brought a veneer of legitimacy to residential proxy business, which has heretofore mostly been associated with sketchy affiliate money making programs, automated abuse, and unwanted Internet traffic.

“Web crawling and scraping has always been a thing, but AI made it like a commodity, data that had to be collected,” Kilmer said. “Everybody wanted to monetize their own data pots, and how they monetize that is different across the board.”

Kilmer said many LLM-related scrapers rely on residential proxies in cases where the content provider has restricted access to their platform in some way, such as forcing interaction through an app, or keeping all content behind a login page with multi-factor authentication.

“Where the cost of data is out of reach — there is some exclusivity or reason they can’t access the data — they’ll turn to residential proxies so they look like a real person accessing that data,” Kilmer said of the content scraping efforts.

Aggressive AI crawlers increasingly are overloading community-maintained infrastructure, causing what amounts to persistent DDoS attacks on vital public resources. A report earlier this year from LibreNews found some open-source projects now see as much as 97 percent of their traffic originating from AI company bots, dramatically increasing bandwidth costs, service instability, and burdening already stretched-thin maintainers.

Cloudflare is now experimenting with tools that will allow content creators to charge a fee to AI crawlers to scrape their websites. The company’s “pay-per-crawl” feature is currently in a private beta, and it lets publishers set their own prices that bots must pay before scraping content.

On October 22, the social media and news network Reddit sued Oxylabs (PDF) and several other proxy providers, alleging that their systems enabled the mass-scraping of Reddit user content even though Reddit had taken steps to block such activity.

“Recognizing that Reddit denies scrapers like them access to its site, Defendants scrape the data from Google’s search results instead,” the lawsuit alleges. “They do so by masking their identities, hiding their locations, and disguising their web scrapers as regular people (among other techniques) to circumvent or bypass the security restrictions meant to stop them.”

Denas Grybauskas, chief governance and strategy officer at Oxylabs, said the company was shocked and disappointed by the lawsuit.

“Reddit has made no attempt to speak with us directly or communicate any potential concerns,” Grybauskas said in a written statement. “Oxylabs has always been and will continue to be a pioneer and an industry leader in public data collection, and it will not hesitate to defend itself against these allegations. Oxylabs’ position is that no company should claim ownership of public data that does not belong to them. It is possible that it is just an attempt to sell the same public data at an inflated price.”

As big and powerful as Aisuru may be, it is hardly the only botnet that is contributing to the overall broad availability of residential proxies. For example, on June 5 the FBI’s Internet Crime Complaint Center warned that an IoT malware threat dubbed BADBOX 2.0 had compromised millions of smart-TV boxes, digital projectors, vehicle infotainment units, picture frames, and other IoT devices.

In July, Google filed a lawsuit in New York federal court against the Badbox botnet’s alleged perpetrators. Google said the Badbox 2.0 botnet “compromised more than 10 million uncertified devices running Android’s open-source software, which lacks Google’s security protections. Cybercriminals infected these devices with pre-installed malware and exploited them to conduct large-scale ad fraud and other digital crimes.”

A FAMILIAR DOMAIN NAME

Brundage said the Aisuru botmasters have their own SDK, and for some reason part of its code tells many newly-infected systems to query the domain name fuckbriankrebs[.]com. This may be little more than an elaborate “screw you” to this site’s author: One of the botnet’s alleged partners goes by the handle “Forky,” and was identified in June by KrebsOnSecurity as a young man from Sao Paulo, Brazil.

Brundage noted that only systems infected with Aisuru’s Android SDK will be forced to resolve the domain. Initially, there was some discussion about whether the domain might have some utility as a “kill switch” capable of disrupting the botnet’s operations, although Brundage and others interviewed for this story say that is unlikely.

For one thing, they said, if the domain was somehow critical to the operation of the botnet, why was it still unregistered and actively for-sale? Why indeed, we asked. Happily, the domain name was deftly snatched up last week by Philippe Caturegli, “chief hacking officer” for the security intelligence company Seralys.

Caturegli enabled a passive DNS server on that domain and within a few hours received more than 700,000 requests for unique subdomains on fuckbriankrebs[.]com.

But even with that visibility into Aisuru, it is difficult to use this domain check-in feature to measure its true size, Brundage said. After all, he said, the systems that are phoning home to the domain are only a small portion of the overall botnet.

“The bots are hardcoded to just spam lookups on the subdomains,” he said. “So anytime an infection occurs or it runs in the background, it will do one of those DNS queries.”

The domain fuckbriankrebs[.]com has a storied history. On its initial launch in 2009, it was used to spread malicious software by the Cutwail spam botnet. In 2011, the domain was involved in a notable DDoS against this website from a botnet powered by Russkill (a.k.a. “Dirt Jumper”).

Domaintools.com finds that in 2015, fuckbriankrebs[.]com was registered to an email address attributed to David “Abdilo” Crees, a 27-year-old Australian man sentenced in May 2025 to time served for cybercrime convictions related to the Lizard Squad hacking group.

Update, Nov. 1, 2025, 10:25 a.m. ET: An earlier version of this story erroneously cited Spur’s proxy numbers from earlier this year; Spur said those numbers conflated residential proxies — which are rotating and attached to real end-user devices — with “ISP proxies” located at AT&T. ISP proxies, Spur said, involve tricking an ISP into routing a large number of IP addresses that are resold as far more static datacenter proxies.

Google has rolled out an emergency update for its Chrome browser, version 142, to address a series of serious remote code execution (RCE) vulnerabilities that could allow attackers to take control of affected systems. The update, released on November 5, 2025, is being distributed gradually across desktop platforms, Windows, macOS, and Linux, as well as Android devices through Google Play and Chrome’s built-in update mechanism.  The latest update fixes five distinct security flaws, three of which have been rated as high severity due to their potential for memory corruption and remote code execution. Among these, the most critical issue is CVE-2025-12725, a flaw found in WebGPU, Chrome’s graphics processing interface.   This vulnerability, caused by an out-of-bounds write error, could allow malicious code to overwrite crucial system memory and execute arbitrary commands. An anonymous security researcher first discovered CVE-2025-12725 on September 9, 2025. Google has restricted technical details of the exploit to prevent attackers from leveraging it before most users have applied the update. 

Other High-Severity Issues: CVE-2025-12726 and CVE-2025-12727

Two other high-severity vulnerabilities were also patched. CVE-2025-12726, reported by researcher Alesandro Ortiz on September 25, involves an inappropriate implementation in Chrome’s Views component, the part responsible for handling the browser’s user interface. Meanwhile, CVE-2025-12727, identified by researcher 303f06e3 on October 23, affects Chrome’s V8 JavaScript engine, the core of Chrome’s performance and execution environment.  Both CVE-2025-12726 and CVE-2025-12727 could allow attackers to manipulate memory and potentially execute malicious code remotely. According to Google’s internal assessments, these vulnerabilities received CVSS 3.1 scores of 8.8, indicating direct risk. 

Medium-Severity Omnibox Issues

Alongside these critical patches, Google addressed two medium-severity vulnerabilities in Chrome’s Omnibox, the combined search and address bar. CVE-2025-12728, reported by Hafiizh, and CVE-2025-12729, discovered by Khalil Zhani, both stem from inappropriate implementations that could lead to data exposure or UI manipulation. While not as severe as the WebGPU or V8 flaws, these issues still warrant prompt user updates to prevent potential misuse.  According to Google’s official release notes: 

• Desktop (Windows, macOS, Linux): Version 142.0.7444.134/.135 
• Android: Version 142.0.7444.138 

Google emphasized that the Android release contains the same security fixes as its desktop counterparts. The rollout will continue over the next few days and weeks as part of the company’s staged deployment process. 

Official Statement and Update Details

In the official blog post, Chrome team member Krishna Govind confirmed the emergency patch for Android and desktop. The post highlighted ongoing efforts to enhance stability and performance, while ensuring that users receive timely security updates.  “We’ve just released Chrome 142 (142.0.7444.138) for Android,” the statement read. “It’ll become available on Google Play over the next few days. If you find a new issue, please let us know by filing a bug.”  The blog also reiterated that Chrome’s Stable Channel Update for Windows, macOS, and Linux began rolling out simultaneously on November 5, 2025.  Google credited the security researchers who responsibly disclosed these vulnerabilities before they could be exploited. The company stated that detailed technical information will remain withheld until “a majority of users have updated,” reducing the risk of targeted attacks exploiting CVE-2025-12725, CVE-2025-12726, or CVE-2025-12727. 

User Recommendations

It is recommended that all users update Chrome immediately. Desktop users should go to Settings → About Chrome to check for version 142.0.7444.134 or later, while Android users can verify updates via the Google Play Store. Enabling automatic updates is strongly advised to ensure future patches are applied as soon as they are released.  Even though the two Omnibox vulnerabilities (CVE-2025-12728 and CVE-2025-12729) are less critical, delaying updates can still expose users to phishing or injection risks through manipulated browser interfaces. 

Breathless news stories about a Gmail data breach began to appear online after media outlets misinterpreted a report about Gmail passwords stolen by infostealers. Urgent headlines like “Urgent alert issued to anyone who uses Gmail after 183 million passwords leaked” created some panic among Google account holders, necessitating a response from Google and a security researcher who had posted the infostealer logs that started the panic. “Reports of a “Gmail security breach impacting millions of users” are false,” Google said in a post on X. “Gmail’s defenses are strong, and users remain protected. “The inaccurate reports are stemming from a misunderstanding of infostealer databases, which routinely compile various credential theft activity occurring across the web," Google added. "It’s not reflective of a new attack aimed at any one person, tool, or platform.” The researcher, Troy Hunt of HaveIBeenPwned, said in his own X post that “This story has suddenly gained *way* more traction in recent hours, and something I thought was obvious needs clarifying: this *is not* a Gmail leak, it simply has the credentials of victims infected with malware, and Gmail is the dominant email provider.”

Gmail Data Breach Stories Appeared After Infostealer Data Published

The news stories began to appear after HaveIBeenPwned published an infostealer data set containing 183 million unique email addresses, the websites they were entered into, and the passwords used. Hunt wrote about the data set in a separate blog post, and stories misunderstanding the nature of infostealer malware took over from there. Gmail may have been the most common email address type in the data set, but hardly the only one, as Hunt noted: “There is every imaginable type of email address in this corpus: Outlook, Yahoo, corporate, government, military and yes, Gmail. This is typical of a corpus of data like this and there is nothing Google specific about it.” Leaks of all manner of account credentials appear in infostealer databases, and Gmail’s wide usage simply makes it one of the more common email credentials stolen by the malware. Credentials involving Gmail addresses appear in Cyble’s “Leaked Credentials” threat intelligence database more than 6 billion times, but many may be duplicates because stolen credentials frequently appear on more than one dark web marketplace or forum.

Protecting Your Gmail Account

Google said that Gmail users “can protect themselves from credential theft by turning on 2-step verification and adopting passkeys as a stronger and safer alternative to passwords, and resetting passwords when they are found in large batches like this. “Gmail takes action when we spot large batches of open credentials, helping users reset passwords and resecure accounts,” the company added. Using complex, unique passwords and resetting them often is another email security step to take. As Hunt noted, “The primary risk is for people who continue to use those credentials on *any* websites, and the mitigation is a password manager and 2FA.”

The UK’s Competition and Markets Authority (CMA) ruled that both Google and Apple have a “strategic market status.” Basically, they have a monopoly over their respective mobile platforms.

As a result, Apple may soon be required to allow rival app stores on iPhones—a major shift for the smartphone industry. Between them, Apple and Google power nearly all UK mobile devices, according to the CMA:

“Around 90–100% of UK mobile devices run on Apple or Google’s mobile platforms.”

According to analyst data cited by the BBC, around 48.5% of British consumers use iPhones, with most of the rest on Android devices. 

If enforced, this change will reshape the experience of most of the smartphone users in the UK, and we have heard similar noises coming from the EU.

Apple has pushed back, warning that EU-style regulation could limit access to new features. The company points to Apple Intelligence, which has been rolled out in other parts of the world but is not available in the EU—something Apple blames on heavy regulation.

For app developers, the move could have profound effects. Smaller software makers, often frustrated by Apple’s 15–30% commission on in-app purchases, might gain alternative distribution routes. Competing app stores might offer lower fees or more flexible rules, making the app ecosystem more diverse, and potentially more affordable for users.

Apple, however, argues that relaxing control could hurt users by weakening privacy standards and delaying feature updates.

Security and privacy

Allowing multiple app stores will undeniably reshape the iPhone’s security model. Apple’s current “closed system” approach minimizes risk by funneling all apps through its vetted App Store, where every submission goes through security reviews and malware screening. This walled approach has kept large-scale malware incidents on iPhones relatively rare compared to Android.

It remains to be seen whether competing app stores will hold the same standards or have the resources to enforce them. Users can expect more variability in safety practices, which could increase exposure to fraudulent or malware-infested software.

On the other hand, we may also see app stores that prioritize safety or cater to a more privacy-focused audience. So, it doesn’t have to be all bad—but Apple has a point when it warns about higher risk.

For most users, the safest approach will be to stick with Apple’s store or other trusted marketplaces, at least in the early days. Android’s history shows that third-party app stores often become hotspots for adware and phishing, so security education is key. Regulators and developers will need to work together to make the review process and data-handling practices transparent.

There is no set timeline for when or how the CMA will enforce these changes, or how far Apple will go to comply. The company could challenge the decision or introduce limited reforms. Either way, it’s a major step toward redefining how trust, privacy, and control are balanced in the mobile age.

---

We don’t just report on phone security—we provide it

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

This week on the Lock and Code podcast…

Google is everywhere in our lives. It’s reach into our data extends just as far.

After investigating how much data Facebook had collected about him in his nearly 20 years with the platform, Lock and Code host David Ruiz had similar questions about the other Big Tech platforms in his life, and this time, he turned his attention to Google.

Google dominates much of the modern web. It has a search engine that handles billions of requests a day. Its tracking and metrics service, Google Analytics, is embedded into reportedly 10s of millions of websites. Its Maps feature not only serves up directions around the world, it also tracks traffic patterns across countless streets, highways, and more. Its online services for email (Gmail), cloud storage (Google Drive), and office software (Google Docs, Sheets, and Slides) are household names. And it also runs the most popular web browser in the world, Google Chrome, and the most popular operating system in the world, Android.

Today, on the Lock and Code podcast, Ruiz explains how he requested his data from Google and what he learned not only about the company, but about himself, in the process. That includes the 142,729 items in his Gmail inbox right now, along with the 8,079 searches he made, 3,050 related websites he visited, and 4,610 YouTube videos he watched in just the past 18 months. It also includes his late-night searches for worrying medical symptoms, his movements across the US as his IP address was recorded when logging into Google Maps, his emails, his photos, his notes, his old freelance work as a journalist, his outdated cover letters when he was unemployed, his teenage-year Google Chrome bookmarks, his flight and hotel searches, and even the searches he made within his own Gmail inbox and his Google Drive.

After digging into the data for long enough, Ruiz came to a frightening conclusion: Google knows whatever the hell it wants about him, it just has to look.

But Ruiz wasn’t happy to let the company’s access continue. So he has a plan.

 ”I am taking steps to change that [access] so that the next time I ask, “What does Google know about me?” I can hopefully answer: A little bit less.”

Tune in today to listen to the full episode.

Show notes and credits:

Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 4.0 License
http://creativecommons.org/licenses/by/4.0/
Outro Music: “Good God” by Wowa (unminus.com)

---

Listen up—Malwarebytes doesn’t just talk cybersecurity, we provide it.

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium Security for Lock and Code listeners.

Text ads on the search results page will now be grouped with a single “Sponsored results” label. This new, larger label stays visible as people scroll, making it clear which results are sponsored — upholding our industry-leading standards for ad label prominence. We’re also adding a new “Hide sponsored results” control that allows you to collapse text ads with a single click if you want to focus only on organic results. In our testing, we found that the new design helps people navigate the top of the page more easily. The new design keeps the size of ads the same and you’ll still never see more than four text ads in a grouping.

↫ Omkar Muralidharan on Google’s Ads and Commerce Blog

I guess this is an improvement, but I doubt this will convince anyone to turn off their ad blocker or switch back to Google from another search engine. The option to collapse sponsored results is especially welcome, but I wish they’d gone a step further and added an option in settings to permanently collapse them – which, of course, is never going to happen. Removing any and all “AI” summaries would be nice, too, but with the entire technology industry pushing stringent “AI” KPIs on employees, that’s not going to happen, either.

Regardless, it’s still an improvement to Google’s results page, and while we may not realise it in our little bubble here, the number of people whose search experience this will improve is absolutely massive. It’s been a while since I’ve seen Google make a change to their search results page that doesn’t make it substantially worse, so I’ll take what I can get.

Popular period-tracking app Flo Health shared users’ intimate health data—such as menstrual cycles and fertility information—with Google and Meta, allegedly for targeted advertising purposes, according to multiple class-action lawsuits filed in the US and Canada.

Between 2016 and 2019, the developers of Flo Health shared intimate user data with companies including Facebook and Google, mobile marketing firm AppsFlyer, and Yahoo!-owned mobile analytics platform Flurry. 

Google and Flo Health reached settlements with plaintiffs in July, just before the case went to trial. The terms, disclosed this week in San Francisco federal court, stipulate that Google will pay $48 million and Flo Health will pay $8 million to compensate users who entered information about menstruation or pregnancy between November 2016 and February 2019.

In an earlier trial, co-defendant Meta was found liable for violating the California Invasion of Privacy Act by collecting the information of Flo app users without their consent. Meta is expected to appeal the verdict.

The FTC investigated Flo Health and concluded in 2021 that the company misled users about its data privacy practices. This led to a class-action lawsuit which also involved the now-defunct analytics company Flurry, which settled separately for $3.5 million in March.

Flo and Google denied the allegations despite agreeing to pay settlements. Big tech companies have increasingly chosen to settle class action lawsuits while explicitly denying any wrongdoing or legal liability—a common trend in high-profile privacy, antitrust, and data breach cases.

It depicts a worrying trend where big tech pays off victims of privacy violations and other infractions. High-profile class-action lawsuits against, for example, Google, Meta, and Amazon, grab headlines for holding tech giants accountable. But the only significant winners are often the lawyers, leaving victims to submit personal details yet again in exchange for, at best, a token payout.

By settling, companies can keep a grip on the potential damages and avoid the unpredictability of a jury verdict, which in large classes could reach into billions. Moreover, settlements often resolve legal uncertainty for these corporations without setting a legal precedent that could be used against them in future litigation or regulatory actions.

Looking at it from a cynical perspective, these companies treat such settlements as just another operational expense and continue with their usual practices.

In the long run, such agreements may undermine public trust and accountability, as affected consumers receive minimal compensation but never see a clear acknowledgment of harm or misconduct.

---

We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this month’s bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft’s most-dire “critical” label. Meanwhile, both Apple and Google recently released updates to fix zero-day bugs in their devices.

Microsoft assigns security flaws a “critical” rating when malware or miscreants can exploit them to gain remote access to a Windows system with little or no help from users. Among the more concerning critical bugs quashed this month is CVE-2025-54918. The problem here resides with Windows NTLM, or NT LAN Manager, a suite of code for managing authentication in a Windows network environment.

Redmond rates this flaw as “Exploitation More Likely,” and although it is listed as a privilege escalation vulnerability, Kev Breen at Immersive says this one is actually exploitable over the network or the Internet.

“From Microsoft’s limited description, it appears that if an attacker is able to send specially crafted packets over the network to the target device, they would have the ability to gain SYSTEM-level privileges on the target machine,” Breen said. “The patch notes for this vulnerability state that ‘Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network,’ suggesting an attacker may already need to have access to the NTLM hash or the user’s credentials.”

Breen said another patch — CVE-2025-55234, a 8.8 CVSS-scored flaw affecting the Windows SMB client for sharing files across a network — also is listed as privilege escalation bug but is likewise remotely exploitable. This vulnerability was publicly disclosed prior to this month.

“Microsoft says that an attacker with network access would be able to perform a replay attack against a target host, which could result in the attacker gaining additional privileges, which could lead to code execution,” Breen noted.

CVE-2025-54916 is an “important” vulnerability in Windows NTFS — the default filesystem for all modern versions of Windows — that can lead to remote code execution. Microsoft likewise thinks we are more than likely to see exploitation of this bug soon: The last time Microsoft patched an NTFS bug was in March 2025 and it was already being exploited in the wild as a zero-day.

“While the title of the CVE says ‘Remote Code Execution,’ this exploit is not remotely exploitable over the network, but instead needs an attacker to either have the ability to run code on the host or to convince a user to run a file that would trigger the exploit,” Breen said. “This is commonly seen in social engineering attacks, where they send the user a file to open as an attachment or a link to a file to download and run.”

Critical and remote code execution bugs tend to steal all the limelight, but Tenable Senior Staff Research Engineer Satnam Narang notes that nearly half of all vulnerabilities fixed by Microsoft this month are privilege escalation flaws that require an attacker to have gained access to a target system first before attempting to elevate privileges.

“For the third time this year, Microsoft patched more elevation of privilege vulnerabilities than remote code execution flaws,” Narang observed.

On Sept. 3, Google fixed two flaws that were detected as exploited in zero-day attacks, including CVE-2025-38352, an elevation of privilege in the Android kernel, and CVE-2025-48543, also an elevation of privilege problem in the Android Runtime component.

Also, Apple recently patched its seventh zero-day (CVE-2025-43300) of this year. It was part of an exploit chain used along with a vulnerability in the WhatsApp (CVE-2025-55177) instant messenger to hack Apple devices. Amnesty International reports that the two zero-days have been used in “an advanced spyware campaign” over the past 90 days. The issue is fixed in iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Sequoia 15.6.1, macOS Sonoma 14.7.8, and macOS Ventura 13.7.8.

The SANS Internet Storm Center has a clickable breakdown of each individual fix from Microsoft, indexed by severity and CVSS score. Enterprise Windows admins involved in testing patches before rolling them out should keep an eye on askwoody.com, which often has the skinny on wonky updates.

AskWoody also reminds us that we’re now just two months out from Microsoft discontinuing free security updates for Windows 10 computers. For those interested in safely extending the lifespan and usefulness of these older machines, check out last month’s Patch Tuesday coverage for a few pointers.

As ever, please don’t neglect to back up your data (if not your entire system) at regular intervals, and feel free to sound off in the comments if you experience problems installing any of these fixes.

A court has ordered Google to pay $425m in a class action lawsuit after it was found to have misled users about their online privacy.

In July 2020, Google user Anibal Rodriguez filed a lawsuit against the search giant, arguing that it misled users with its “Web & App Activity” setting. The setting was supposed to stop Google collecting data about users’ activities online and in apps.

In reality, Google continued to collect data about how people were using their apps, even after they had switched off data collection in the Web & App Activity setting. Although it said that it was anonymizing that data.

The company collected this information via Firebase, a database that it uses to monitor activities across 1.5 million apps for analytics purposes which operates separately to the Web & App Activity setting. It’s reportedly in 97% of the top thousand Android apps, and 54% of leading iOS apps. Google harvested data from apps including Uber, Venmo, Shazam, the New York Times, Duolingo, and Instagram.

This arrangement created a dual data collection system. It misled 98 million Google users into thinking that their actions were completely private, argued the case, which became a class action suit.

Google’s lawyers protested that users were properly informed about how the company collects information and what it does with it. They pointed out that when confirming their choice, Google displays an “Are You Sure?” prompt that lets them check on what information Google collects, according to Bloomberg Law.

This clearly didn’t resonate with jurors, one of whom said after the verdict that Google needed to be clearer in how it communicated its data handling to its users. They’re generally “skimmers, not readers” he said.

Plaintiffs originally asked for $31bn in damages, but the amount awarded is far less, equating to around $4 per user.

Nevertheless, Google plans to appeal. “This decision misunderstands how our products work,” its spokesperson Jose Castaneda reportedly said. “Our privacy tools give people control over their data, and when they turn off personalization, we honor that choice.”

A history of questionable tactics

This isn’t the first time that Google has been found guilty of misleading users. In February 2023, it agreed to pay $392m in a settlement with 40 states for storing users’ locations when it told them it wouldn’t. It coughed up another $40m in a separate arrangement with Washington state later that year and also settled with Arizona for $85m.

In December 2023, the search giant also settled in a class action over alleged misleading language in its incognito mode service, which promised not to collect data about browsing activity but actually did. It deleted records costing it at least $5bn to settle that claim, but didn’t pay damages to users. However, in May this year it settled with Texas to pay $1.38bn to resolve the state’s own claims in the location and incognito mode affairs.

One interesting snippet is that Google has a habit of internally playing down its privacy claims because it knows that explaining exactly what it keeps might alarm users. In a ruling that denied a motion to dismiss the Web & App Activites-related case in January, district judge Richard Seeborg said:

“Internal Google communications also indicate that Google knew it was being ‘intentionally vague’ about the technical distinction between data collected within a Google account and that which is collected outside of it because the truth ‘could sound alarming to users.'”

Google executives had also privately discussed the need to soften up the privacy language in the company’s services to avoid alarming users of incognito mode. The message here to Joe and Jane Public is even clearer now than it was before; take privacy claims from big tech vendors with the skepticism they deserve, and adopt the ‘mom rule’ when dealing with them: never let them see anything you wouldn’t want them to know.

---

We don’t just report on privacy—we offer you the option to use it.

Privacy risks should never spread beyond a headline. Keep your online privacy yours by using Malwarebytes Privacy VPN.

Cybersecurity publications are rife with headlines about breaches and threats, but sometimes things aren’t always what they seem. In fact sometimes they’re plain wrong (remember toothbrushgate)? This week, Google highlighted another story that it said was fake – and this one was about its own services.

“Several inaccurate claims surfaced recently that incorrectly stated that we issued a broad warning to all Gmail users about a major Gmail security issue. This is entirely false,” it said in a blog post debunking the claim.

The blog post doesn’t actually mention what the fake claim is, presumably in an attempt not to spread it. So we’re left guessing. What’s the biggest, scariest cybersecurity claim made about Google lately? Probably the one about Google warning 2.5 billion users about a recent attack on its systems.

The most difficult falsehoods to debunk are those where there’s a grain of truth. In this case there was an attack on Google’s systems. What’s at issue is how bad the attack was and what it did afterwards.

Here’s what happened. In June, Google was compromised by a group that it calls UNC6040 (the group is also widely known as ‘ShinyHunters’). This group targets companies that use the Salesforce enterprise software. It ‘voice phishes’ employees from those companies, impersonating IT staff and persuading them to enter their credentials on a web page. that page authorizes the intruders to access their Salesforce account, downloading sensitive data.

“The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details,” Google said in its blog post about the incident, adding that it had notified all users by August 8.

However, some have suggested that Google’s ShinyHunters compromise has put 2.5 billion users at risk from phishing attacks, and that Google sent out an emergency warning to them. That story appears to have gone viral, and Google says it’s wrong. It didn’t send out that warning, and in spite of the attack on its systems, most of its users aren’t at any more risk than they were before.

“While it’s always the case that phishers are looking for ways to infiltrate inboxes, our protections continue to block more than 99.9% of phishing and malware attempts from reaching users,” the company said in its refutation.

The cybersecurity press is prone to sensational headlines. But publishing clickbait helps no one in the end, of course, because people can only stand so much panic. Eventually they’ll switch off, making it more difficult for legitimate, measured security alerts to make it through.

The fact that Google users aren’t in imminent elevated danger doesn’t change the need for basic cybersecurity hygiene. As Google points out, potential attackers are always rattling our digital doorknobs. We should always be on our guard and make it more difficult for them to get in.

“As best practices for additional protection, we encourage users to use a secure password alternative like Passkeys, and to follow these best practices to spot and report phishing attacks,” it concluded.

---

We don’t just report on threats—we remove them

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google warns the breach goes far beyond access to Salesforce data, noting the hackers responsible also stole valid authentication tokens for hundreds of online services that customers can integrate with Salesloft, including Slack, Google Workspace, Amazon S3, Microsoft Azure, and OpenAI.

Salesloft disclosed on August 20 that, “Today, we detected a security issue in the Drift application,” referring to the technology that powers an AI chatbot used by so many corporate websites. The alert urged customers to re-authenticate the connection between the Drift and Salesforce apps to invalidate their existing authentication tokens, but it said nothing then to indicate those tokens had already been stolen.

On August 26, the Google Threat Intelligence Group (GTIG) warned that unidentified hackers tracked as UNC6395 used the access tokens stolen from Salesloft to siphon large amounts of data from numerous corporate Salesforce instances. Google said the data theft began as early as Aug. 8, 2025 and lasted through at least Aug. 18, 2025, and that the incident did not involve any vulnerability in the Salesforce platform.

Google said the attackers have been sifting through the massive data haul for credential materials such as AWS keys, VPN credentials, and credentials to the cloud storage provider Snowflake.

“If successful, the right credentials could allow them to further compromise victim and client environments, as well as pivot to the victim’s clients or partner environments,” the GTIG report stated.

The GTIG updated its advisory on August 28 to acknowledge the attackers used the stolen tokens to access email from “a very small number of Google Workspace accounts” that were specially configured to integrate with Salesloft. More importantly, it warned organizations to immediately invalidate all tokens stored in or connected to their Salesloft integrations — regardless of the third-party service in question.

“Given GTIG’s observations of data exfiltration associated with the campaign, organizations using Salesloft Drift to integrate with third-party platforms (including but not limited to Salesforce) should consider their data compromised and are urged to take immediate remediation steps,” Google advised.

On August 28, Salesforce blocked Drift from integrating with its platform, and with its productivity platforms Slack and Pardot.

The Salesloft incident comes on the heels of a broad social engineering campaign that used voice phishing to trick targets into connecting a malicious app to their organization’s Salesforce portal. That campaign led to data breaches and extortion attacks affecting a number of companies including Adidas, Allianz Life and Qantas.

On August 5, Google disclosed that one of its corporate Salesforce instances was compromised by the attackers, which the GTIG has dubbed UNC6040 (“UNC” stands for “uncategorized threat group”). Google said the extortionists consistently claimed to be the threat group ShinyHunters, and that the group appeared to be preparing to escalate its extortion attacks by launching a data leak site.

ShinyHunters is an amorphous threat group known for using social engineering to break into cloud platforms and third-party IT providers, and for posting dozens of stolen databases to cybercrime communities like the now-defunct Breachforums.

The ShinyHunters brand dates back to 2020, and the group has been credited with or taken responsibility for dozens of data leaks that exposed hundreds of millions of breached records. The group’s member roster is thought to be somewhat fluid, drawing mainly from active denizens of the Com, a mostly English-language cybercrime community scattered across an ocean of Telegram and Discord servers.

Recorded Future’s Alan Liska told Bleeping Computer that the overlap in the “tools, techniques and procedures” used by ShinyHunters and the Scattered Spider extortion group likely indicate some crossover between the two groups.

To muddy the waters even further, on August 28 a Telegram channel that now has nearly 40,000 subscribers was launched under the intentionally confusing banner “Scattered LAPSUS$ Hunters 4.0,” wherein participants have repeatedly claimed responsibility for the Salesloft hack without actually sharing any details to prove their claims.

The Telegram group has been trying to attract media attention by threatening security researchers at Google and other firms. It also is using the channel’s sudden popularity to promote a new cybercrime forum called “Breachstars,” which they claim will soon host data stolen from victim companies who refuse to negotiate a ransom payment.

But Austin Larsen, a principal threat analyst at Google’s threat intelligence group, said there is no compelling evidence to attribute the Salesloft activity to ShinyHunters or to other known groups at this time.

“Their understanding of the incident seems to come from public reporting alone,” Larsen told KrebsOnSecurity, referring to the most active participants in the Scattered LAPSUS$ Hunters 4.0 Telegram channel.

Joshua Wright, a senior technical director at Counter Hack, is credited with coining the term “authorization sprawl” to describe one key reason that social engineering attacks from groups like Scattered Spider and ShinyHunters so often succeed: They abuse legitimate user access tokens to move seamlessly between on-premises and cloud systems.

Wright said this type of attack chain often goes undetected because the attacker sticks to the resources and access already allocated to the user.

“Instead of the conventional chain of initial access, privilege escalation and endpoint bypass, these threat actors are using centralized identity platforms that offer single sign-on (SSO) and integrated authentication and authorization schemes,” Wright wrote in a June 2025 column. “Rather than creating custom malware, attackers use the resources already available to them as authorized users.”

It remains unclear exactly how the attackers gained access to all Salesloft Drift authentication tokens. Salesloft announced on August 27 that it hired Mandiant, Google Cloud’s incident response division, to investigate the root cause(s).

“We are working with Salesloft Drift to investigate the root cause of what occurred and then it’ll be up to them to publish that,” Mandiant Consulting CTO Charles Carmakal told Cyberscoop. “There will be a lot more tomorrow, and the next day, and the next day.”

A 22-year-old Oregon man has been arrested on suspicion of operating “Rapper Bot,” a massive botnet used to power a service for launching distributed denial-of-service (DDoS) attacks against targets — including a March 2025 DDoS that knocked Twitter/X offline. The Justice Department asserts the suspect and an unidentified co-conspirator rented out the botnet to online extortionists, and tried to stay off the radar of law enforcement by ensuring that their botnet was never pointed at KrebsOnSecurity.

On August 6, 2025, federal agents arrested Ethan J. Foltz of Springfield, Ore. on suspicion of operating Rapper Bot, a globally dispersed collection of tens of thousands of hacked Internet of Things (IoT) devices.

The complaint against Foltz explains the attacks usually clocked in at more than two terabits of junk data per second (a terabit is one trillion bits of data), which is more than enough traffic to cause serious problems for all but the most well-defended targets. The government says Rapper Bot consistently launched attacks that were “hundreds of times larger than the expected capacity of a typical server located in a data center,” and that some of its biggest attacks exceeded six terabits per second.

Indeed, Rapper Bot was reportedly responsible for the March 10, 2025 attack that caused intermittent outages on Twitter/X. The government says Rapper Bot’s most lucrative and frequent customers were involved in extorting online businesses — including numerous gambling operations based in China.

The criminal complaint was written by Elliott Peterson, an investigator with the Defense Criminal Investigative Service (DCIS), the criminal investigative division of the Department of Defense (DoD) Office of Inspector General. The complaint notes the DCIS got involved because several Internet addresses maintained by the DoD were the target of Rapper Bot attacks.

Peterson said he tracked Rapper Bot to Foltz after a subpoena to an ISP in Arizona that was hosting one of the botnet’s control servers showed the account was paid for via PayPal. More legal process to PayPal revealed Foltz’s Gmail account and previously used IP addresses. A subpoena to Google showed the defendant searched security blogs constantly for news about Rapper Bot, and for updates about competing DDoS-for-hire botnets.

According to the complaint, after having a search warrant served on his residence the defendant admitted to building and operating Rapper Bot, sharing the profits 50/50 with a person he claimed to know only by the hacker handle “Slaykings.” Foltz also shared with investigators the logs from his Telegram chats, wherein Foltz and Slaykings discussed how best to stay off the radar of law enforcement investigators while their competitors were getting busted.

Specifically, the two hackers chatted about a May 20 attack against KrebsOnSecurity.com that clocked in at more than 6.3 terabits of data per second. The brief attack was notable because at the time it was the largest DDoS that Google had ever mitigated (KrebsOnSecurity sits behind the protection of Project Shield, a free DDoS defense service that Google provides to websites offering news, human rights, and election-related content).

The May 2025 DDoS was launched by an IoT botnet called Aisuru, which I discovered was operated by a 21-year-old man in Brazil named Kaike Southier Leite. This individual was more commonly known online as “Forky,” and Forky told me he wasn’t afraid of me or U.S. federal investigators. Nevertheless, the complaint against Foltz notes that Forky’s botnet seemed to diminish in size and firepower at the same time that Rapper Bot’s infection numbers were on the upswing.

“Both FOLTZ and Slaykings were very dismissive of attention seeking activities, the most extreme of which, in their view, was to launch DDoS attacks against the website of the prominent cyber security journalist Brian Krebs,” Peterson wrote in the criminal complaint.

“You see, they’ll get themselves [expletive],” Slaykings wrote in response to Foltz’s comments about Forky and Aisuru bringing too much heat on themselves.

“Prob cuz [redacted] hit krebs,” Foltz wrote in reply.

“Going against Krebs isn’t a good move,” Slaykings concurred. “It isn’t about being a [expletive] or afraid, you just get a lot of problems for zero money. Childish, but good. Let them die.”

“Ye, it’s good tho, they will die,” Foltz replied.

The government states that just prior to Foltz’s arrest, Rapper Bot had enslaved an estimated 65,000 devices globally. That may sound like a lot, but the complaint notes the defendants weren’t interested in making headlines for building the world’s largest or most powerful botnet.

Quite the contrary: The complaint asserts that the accused took care to maintain their botnet in a “Goldilocks” size — ensuring that “the number of devices afforded powerful attacks while still being manageable to control and, in the hopes of Foltz and his partners, small enough to not be detected.”

The complaint states that several days later, Foltz and Slaykings returned to discussing what that they expected to befall their rival group, with Slaykings stating, “Krebs is very revenge. He won’t stop until they are [expletive] to the bone.”

“Surprised they have any bots left,” Foltz answered.

“Krebs is not the one you want to have on your back. Not because he is scary or something, just because he will not give up UNTIL you are [expletive] [expletive]. Proved it with Mirai and many other cases.”

[Unknown expletives aside, that may well be the highest compliment I’ve ever been paid by a cybercriminal. I might even have part of that quote made into a t-shirt or mug or something. It’s also nice that they didn’t let any of their customers attack my site — if even only out of a paranoid sense of self-preservation.]

Foltz admitted to wiping the user and attack logs for the botnet approximately once a week, so investigators were unable to tally the total number of attacks, customers and targets of this vast crime machine. But the data that was still available showed that from April 2025 to early August, Rapper Bot conducted over 370,000 attacks, targeting 18,000 unique victims across 1,000 networks, with the bulk of victims residing in China, Japan, the United States, Ireland and Hong Kong (in that order).

According to the government, Rapper Bot borrows much of its code from fBot, a DDoS malware strain also known as Satori. In 2020, authorities in Northern Ireland charged a then 20-year-old man named Aaron “Vamp” Sterritt with operating fBot with a co-conspirator. U.S. prosecutors are still seeking Sterritt’s extradition to the United States. fBot is itself a variation of the Mirai IoT botnet that has ravaged the Internet with DDoS attacks since its source code was leaked back in 2016.

The complaint says Foltz and his partner did not allow most customers to launch attacks that were more than 60 seconds in duration — another way they tried to keep public attention to the botnet at a minimum. However, the government says the proprietors also had special arrangements with certain high-paying clients that allowed much larger and longer attacks.

Most people who have never been on the receiving end of a monster DDoS attack have no idea of the cost and disruption that such sieges can bring. The DCIS’s Peterson wrote that he was able to test the botnet’s capabilities while interviewing Foltz, and that found that “if this had been a server upon which I was running a website, using services such as load balancers, and paying for both outgoing and incoming data, at estimated industry average rates the attack (2+ Terabits per second times 30 seconds) might have cost the victim anywhere from $500 to $10,000.”

“DDoS attacks at this scale often expose victims to devastating financial impact, and a potential alternative, network engineering solutions that mitigate the expected attacks such as overprovisioning, i.e. increasing potential Internet capacity, or DDoS defense technologies, can themselves be prohibitively expensive,” the complaint continues. “This ‘rock and a hard place’ reality for many victims can leave them acutely exposed to extortion demands – ‘pay X dollars and the DDoS attacks stop’.”

The Telegram chat records show that the day before Peterson and other federal agents raided Foltz’s residence, Foltz allegedly told his partner he’d found 32,000 new devices that were vulnerable to a previously unknown exploit.

Shortly before the search warrant was served on his residence, Foltz allegedly told his partner that “Once again we have the biggest botnet in the community.” The following day, Foltz told his partner that it was going to be a great day — the biggest so far in terms of income generated by Rapper Bot.

“I sat next to Foltz while the messages poured in — promises of $800, then $1,000, the proceeds ticking up as the day went on,” Peterson wrote. “Noticing a change in Foltz’ behavior and concerned that Foltz was making changes to the botnet configuration in real time, Slaykings asked him ‘What’s up?’ Foltz deftly typed out some quick responses. Reassured by Foltz’ answer, Slaykings responded, ‘Ok, I’m the paranoid one.”

The case is being prosecuted by Assistant U.S. Attorney Adam Alexander in the District of Alaska (at least some of the devices found to be infected with Rapper Bot were located there, and it is where Peterson is stationed). Foltz faces one count of aiding and abetting computer intrusions. If convicted, he faces a maximum penalty of 10 years in prison, although a federal judge is unlikely to award anywhere near that kind of sentence for a first-time conviction.

At the heart of multiple data breaches against sophisticated and robust companies, including Google, Adidas, Louis Vuitton, and Chanel, was a rudimentary attack method that required little technical finesse—making a phone call.

By disguising themselves as IT support personnel on the phone, hackers belonging to the group “ShinyHunters” successfully tricked the employees at several multinational corporations into handing over the data within their own Salesforce platforms. The attacks underscore the vulnerability that all businesses face—large or small—in preventing cyberattacks that begin through basic social engineering scams.

In a bizarre twist of irony, security researchers at Google Threat Intelligence Group (GITG) originally uncovered the hacking campaign in June, only to announce that Google itself had been hit by the very same tactic this week. Other victims in the hacking campaign include Allianz Life, the airline Qantas, and the jeweler Pandora.

The data breaches all leverage a Salesforce feature that allows users to connect to various, external apps. This functionality allows business owners and employees to, for instance, connect their Salesforce data to mapping tools to visualize the locations of a customer base, or to connect their Salesforce data with a newsletter platform to deliver email marketing campaigns to specific customer segments.  

In the attacks, the hackers trick employees into connecting to a fraudulent version of Salesforce’s “Data Loader” app, which lets users import, export, update, and delete large quantities of data that are stored or managed within Salesforce itself. The process for connecting to an external app is simple, as employees just enter an 8-digit code when prompted by Salesforce. But once ensnared in the phone scam, employees are tricked into entering an 8-digit code that will connect to a data exfiltration program owned and operated entirely by the hackers.

Once connected, the hackers are free to roam inside the company’s Salesforce data and steal what they see fit. Some attacks reportedly included an expansion by the hackers into other corporate online accounts, including Microsoft 365, which could reveal a company’s emails and other sensitive messages.

In the attack against Google, the hackers accessed a Salesforce “instance,” which is a term used to describe a company or user’s implementation of software and the data they manage through that software (Think of it like when a hacker breaches an online account and then pilfers all the data related to that account and what it can access). In the Google attack, the Salesforce instance “was used to store contact information and related notes for small and medium businesses.”

“Analysis revealed that data was retrieved by the threat actor during a small window of time before the access was cut off,” Google said. “The data retrieved by the threat actor was confined to basic and largely publicly available business information, such as business names and contact details.”

According to the outlet Bleeping Computer, the ShinyHunters cybercrime group is still stealing business data through this attack campaign. Once the hackers have the data, they then extort the victims to pay a hefty ransom or risk having the data exposed online.

How to stay safe from the Salesforce scam

Because this attack is so targeted—every corporate victim uses Salesforce—the defense strategies are clear and actionable. Here’s how you can help yourself and your staff in avoiding this attack.

• Audit your Salesforce access. Ensure that the only employees or staff who have access to Salesforce are those who need to use it for their job. When there are fewer employees who can access Salesforce, there are fewer entry points for hackers.
• Train your staff. Recognizing a social engineering scam is important for any workforce, no matter the size. Inform your employees and yourself about your current IT support provider so that any rogue phone calls are immediately caught.
• Use multifactor authentication (MFA) for important accounts. The hackers in these attacks managed to gain access to other cloud applications like Microsoft 365. Protect all your employee accounts on sensitive platforms with MFA.

Social engineering scams are some of the most effective and serious threats to small businesses. It’s important to recognize them when they happen. And for all else, use always-on cybersecurity to protect your business from malware, viruses, and nefarious break-in attempts.

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of Staff Susie Wiles was reportedly used to fuel a series of text messages and phone calls impersonating her to U.S. lawmakers. But in a letter this week to the FBI, one of the Senate’s most tech-savvy lawmakers says the feds aren’t doing enough to recommend more appropriate security protections that are already built into most consumer mobile devices.

On May 29, The Wall Street Journal reported that federal authorities were investigating a clandestine effort to impersonate Ms. Wiles via text messages and in phone calls that may have used AI to spoof her voice. According to The Journal, Wiles told associates her cellphone contacts were hacked, giving the impersonator access to the private phone numbers of some of the country’s most influential people.

The execution of this phishing and impersonation campaign — whatever its goals may have been — suggested the attackers were financially motivated, and not particularly sophisticated.

“It became clear to some of the lawmakers that the requests were suspicious when the impersonator began asking questions about Trump that Wiles should have known the answers to—and in one case, when the impersonator asked for a cash transfer, some of the people said,” the Journal wrote. “In many cases, the impersonator’s grammar was broken and the messages were more formal than the way Wiles typically communicates, people who have received the messages said. The calls and text messages also didn’t come from Wiles’s phone number.”

Sophisticated or not, the impersonation campaign was soon punctuated by the murder of Minnesota House of Representatives Speaker Emerita Melissa Hortman and her husband, and the shooting of Minnesota State Senator John Hoffman and his wife. So when FBI agents offered in mid-June to brief U.S. Senate staff on mobile threats, more than 140 staffers took them up on that invitation (a remarkably high number considering that no food was offered at the event).

But according to Sen. Ron Wyden (D-Ore.), the advice the FBI provided to Senate staffers was largely limited to remedial tips, such as not clicking on suspicious links or attachments, not using public wifi networks, turning off bluetooth, keeping phone software up to date, and rebooting regularly.

“This is insufficient to protect Senate employees and other high-value targets against foreign spies using advanced cyber tools,” Wyden wrote in a letter sent today to FBI Director Kash Patel. “Well-funded foreign intelligence agencies do not have to rely on phishing messages and malicious attachments to infect unsuspecting victims with spyware. Cyber mercenary companies sell their government customers advanced ‘zero-click’ capabilities to deliver spyware that do not require any action by the victim.”

Wyden stressed that to help counter sophisticated attacks, the FBI should be encouraging lawmakers and their staff to enable anti-spyware defenses that are built into Apple’s iOS and Google’s Android phone software.

These include Apple’s Lockdown Mode, which is designed for users who are worried they may be subject to targeted attacks. Lockdown Mode restricts non-essential iOS features to reduce the device’s overall attack surface. Google Android devices carry a similar feature called Advanced Protection Mode.

Wyden also urged the FBI to update its training to recommend a number of other steps that people can take to make their mobile devices less trackable, including the use of ad blockers to guard against malicious advertisements, disabling ad tracking IDs in mobile devices, and opting out of commercial data brokers (the suspect charged in the Minnesota shootings reportedly used multiple people-search services to find the home addresses of his targets).

The senator’s letter notes that while the FBI has recommended all of the above precautions in various advisories issued over the years, the advice the agency is giving now to the nation’s leaders needs to be more comprehensive, actionable and urgent.

“In spite of the seriousness of the threat, the FBI has yet to provide effective defensive guidance,” Wyden said.

Nicholas Weaver is a researcher with the International Computer Science Institute, a nonprofit in Berkeley, Calif. Weaver said Lockdown Mode or Advanced Protection will mitigate many vulnerabilities, and should be the default setting for all members of Congress and their staff.

“Lawmakers are at exceptional risk and need to be exceptionally protected,” Weaver said. “Their computers should be locked down and well administered, etc. And the same applies to staffers.”

Weaver noted that Apple’s Lockdown Mode has a track record of blocking zero-day attacks on iOS applications; in September 2023, Citizen Lab documented how Lockdown Mode foiled a zero-click flaw capable of installing spyware on iOS devices without any interaction from the victim.

Earlier this month, Citizen Lab researchers documented a zero-click attack used to infect the iOS devices of two journalists with Paragon’s Graphite spyware. The vulnerability could be exploited merely by sending the target a booby-trapped media file delivered via iMessage. Apple also recently updated its advisory for the zero-click flaw (CVE-2025-43200), noting that it was mitigated as of iOS 18.3.1, which was released in February 2025.

Apple has not commented on whether CVE-2025-43200 could be exploited on devices with Lockdown Mode turned on. But HelpNetSecurity observed that at the same time Apple addressed CVE-2025-43200 back in February, the company fixed another vulnerability flagged by Citizen Lab researcher Bill Marczak: CVE-2025-24200, which Apple said was used in an extremely sophisticated physical attack against specific targeted individuals that allowed attackers to disable USB Restricted Mode on a locked device.

In other words, the flaw could apparently be exploited only if the attacker had physical access to the targeted vulnerable device. And as the old infosec industry adage goes, if an adversary has physical access to your device, it’s most likely not your device anymore.

I can’t speak to Google’s Advanced Protection Mode personally, because I don’t use Google or Android devices. But I have had Apple’s Lockdown Mode enabled on all of my Apple devices since it was first made available in September 2022. I can only think of a single occasion when one of my apps failed to work properly with Lockdown Mode turned on, and in that case I was able to add a temporary exception for that app in Lockdown Mode’s settings.

My main gripe with Lockdown Mode was captured in a March 2025 column by TechCrunch’s Lorenzo Francheschi-Bicchierai, who wrote about its penchant for periodically sending mystifying notifications that someone has been blocked from contacting you, even though nothing then prevents you from contacting that person directly. This has happened to me at least twice, and in both cases the person in question was already an approved contact, and said they had not attempted to reach out.

Although it would be nice if Apple’s Lockdown Mode sent fewer, less alarming and more informative alerts, the occasional baffling warning message is hardly enough to make me turn it off.

The U.S. government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot, a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. The FBI says a newer version of DanaBot was used for espionage, and that many of the defendants exposed their real-life identities after accidentally infecting their own systems with the malware.

Initially spotted in May 2018 by researchers at the email security firm Proofpoint, DanaBot is a malware-as-a-service platform that specializes in credential theft and banking fraud.

Today, the U.S. Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform.

The government says the malware infected more than 300,000 systems globally, causing estimated losses of more than $50 million. The ringleaders of the DanaBot conspiracy are named as Aleksandr Stepanov, 39, a.k.a. “JimmBee,” and Artem Aleksandrovich Kalinkin, 34, a.k.a. “Onix”, both of Novosibirsk, Russia. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is “Maffiozi.”

According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. The government alleges that the second version of DanaBot — emerging in January 2021 — was provided to co-conspirators for use in targeting military, diplomatic and non-governmental organization computers in several countries, including the United States, Belarus, the United Kingdom, Germany, and Russia.

“Unindicted co-conspirators would use the Espionage Variant to compromise computers around the world and steal sensitive diplomatic communications, credentials, and other data from these targeted victims,” reads a grand jury indictment dated Sept. 20, 2022. “This stolen data included financial transactions by diplomatic staff, correspondence concerning day-to-day diplomatic activity, as well as summaries of a particular country’s interactions with the United States.”

The indictment says the FBI in 2022 seized servers used by the DanaBot authors to control their malware, as well as the servers that stored stolen victim data. The government said the server data also show numerous instances in which the DanaBot defendants infected their own PCs, resulting in their credential data being uploaded to stolen data repositories that were seized by the feds.

“In some cases, such self-infections appeared to be deliberately done in order to test, analyze, or improve the malware,” the criminal complaint reads. “In other cases, the infections seemed to be inadvertent – one of the hazards of committing cybercrime is that criminals will sometimes infect themselves with their own malware by mistake.”

A statement from the DOJ says that as part of today’s operation, agents with the Defense Criminal Investigative Service (DCIS) seized the DanaBot control servers, including dozens of virtual servers hosted in the United States. The government says it is now working with industry partners to notify DanaBot victims and help remediate infections. The statement credits a number of security firms with providing assistance to the government, including ESET, Flashpoint, Google, Intel 471, Lumen, PayPal, Proofpoint, Team CYMRU, and ZScaler.

It’s not unheard of for financially-oriented malicious software to be repurposed for espionage. A variant of the ZeuS Trojan, which was used in countless online banking attacks against companies in the United States and Europe between 2007 and at least 2015, was for a time diverted to espionage tasks by its author.

As detailed in this 2015 story, the author of the ZeuS trojan created a custom version of the malware to serve purely as a spying machine, which scoured infected systems in Ukraine for specific keywords in emails and documents that would likely only be found in classified documents.

The public charging of the 16 DanaBot defendants comes a day after Microsoft joined a slew of tech companies in disrupting the IT infrastructure for another malware-as-a-service offering — Lumma Stealer, which is likewise offered to affiliates under tiered subscription prices ranging from $250 to $1,000 per month. Separately, Microsoft filed a civil lawsuit to seize control over 2,300 domain names used by Lumma Stealer and its affiliates.

Further reading:

Danabot: Analyzing a Fallen Empire

ZScaler blog: DanaBot Launches DDoS Attack Against the Ukrainian Ministry of Defense

Flashpoint: Operation Endgame DanaBot Malware

Team CYMRU: Inside DanaBot’s Infrastructure: In Support of Operation Endgame II

March 2022 criminal complaint v. Artem Aleksandrovich Kalinkin

September 2022 grand jury indictment naming the 16 defendants