NEW: Feds announced the arrest and indictment of Eric Council Jr., accusing him of being part of a group of hackers who took over the official Securities and Exchange Commission's X account. Council Jr. allegedly performed a SIM swap to get into the X account of a person with access to the @ SECgov account on X. The hackers then posted a fake tweet about Bitcoin that boosted the price up by $1,000.
TechCrunch
Feds arrest man who allegedly participated in hack of the SEC's X account, boosting Bitcoin's price | TechCrunch
Eric Council Jr. and unnamed co-conspirators were allegedly behind the hack of the official @SECGov account on X.
NEW: Hackers are exploiting a zero-day in 64 different Qualcomm chips to target Android users. No details on this hacking campaign, but everything points to targeted attacks against civil society (journalists, dissidents) given that Google TAG and Amnesty are involved. Qualcomm has released a patch but it's now up to Android phone makers to implement it and push it out to users, which could take a while.
TechCrunch
Hackers targeted Android users by exploiting zero-day bug in Qualcomm chips | TechCrunch
Security researchers at Google and Amnesty International discovered hackers exploiting the bug in an active hacking campaign.
NEW: Kaspersky is shutting down its U.K. office and laying off dozens of employees there. Company spokesperson told us that β€œwill commence a wind-down of the U.K. office operations," and that there are "less than 50 employees" in the London office.
TechCrunch
Kaspersky says it's closing down its UK office and laying off dozens | TechCrunch
Russian cybersecurity giant Kaspersky is shutting down its office in the United Kingdom and laying off its staff, just three months after the company
NEW: Apple's latest operating system, macOS 15 Sequoia, has broken some cybersecurity products and tools. CrowdStrike, for example, has delayed support for Sequoia until Apple fixes the issues. Bugs impact Microsoft Defender for Mac, SentinelOne, and potentially others. "I get it, that writing bug free software is challenging, but maybe if Apple spent less time and money on marketing, and more time on actually testing their software, we'd all be better off!” macOS security expert Patrick Wardle told me.
TechCrunch
Apple's new macOS Sequoia update is breaking some cybersecurity tools | TechCrunch
On Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the
NEW: The FBI director said today that the U.S. government took over and disrupted a botnet made of 260,000 Internet of Things devices. U.S government accused a company in China of running the botnet on behalf of the Chinese government. The botnet was run using Mirai, the infamous malware used in 2016 to launch massive DDoS attacks using hacked IoT devices.
TechCrunch
US government 'took control' of a botnet run by Chinese government hackers, says FBI director | TechCrunch
The FBI, NSA and other U.S. government agencies detailed a Chinese-government operation that used 260,000 of internet-connected devices to launch c...
 image
NEW: Cybersecurity giant Fortinet confirms data breach affecting β€œless than 0.3%” of customers. Based on company's latest earnings, that should be around 1,500 customers.
TechCrunch
Fortinet confirms customer data breach | TechCrunch
On Thursday, cybersecurity giant Fortinet disclosed a breach involving customer data. In a statement posted online, Fortinet said an individual
NEW: A hacker and artist found a way to trick ChatGPT into telling him detailed step by step instructions on how to make a fertilizer bomb. The trick was to tell the chatbot to play a game and then getting it to create an elaborate sci-fi fantasy world. The artist, who goes by Amadon, called it β€œsocial engineering hack to completely break all the guardrails around ChatGPT’s output.”
TechCrunch
Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs | TechCrunch
An explosives expert told TechCrunch that the ChatGPT output could be used to make a detonatable product and was too sensitive to be released.
NEW: A bug in how WhatsApp implements the "View Once" privacy feature lets anyone save pictures and videos that should actually be ephemeral. The bug is being actively exploited online, including with browser extensions that make it trivial to bypass the "View Once" feature. WhatsApp told us it's working on "rolling out updates" to fix the issue.
TechCrunch
Bug lets anyone bypass WhatsApp's 'View Once' privacy feature | TechCrunch
A flaw in the design of WhatsApp's "View Once" privacy feature let's anyone save pictures and videos that should be ephemeral.
NEW: Telegram quietly changed its official FAQ, specifically the part about its policies around illegal content in chats and group chats. Until yesterday, the first line of that FAQ said: β€œAll Telegram chats and group chats are private amongst their participants. We do not process any requests related to them.” That line is now gone. And Telegram also added a line about the EU Digital Services Act.
TechCrunch
Telegram tops 10 million subscribers, underscores private chat reporting | TechCrunch
Telegram has updated its website to explicitly allow users to report private chats to its moderators, the company said in its FAQ page, as it updat...
image image
NEW: X is hiring two dozen trust and safety, and security folks, after two years of layoffs which gutted the company, and those teams in particular. For context, last year X disclosed that it had cut 80% of trust and safety staff in the Musk era. More detailed stats about the mass firings in the below chart, courtesy of Australia's online safety commissioner.
TechCrunch
X is hiring staff for security and safety after two years of layoffs | TechCrunch
The hiring effort comes after X, formerly known as Twitter, laid off 80% of its trust and safety staff since Musk's takeover.
 image