Evolving descriptive text of mental content from human brain activity

AI systems can now decode mental content from brain activity with increasing specificity. Research demonstrates non-invasive neural decoding that translates thought patterns into descriptive text without surgical implantation, advancing capabilities previously requiring implanted devices.

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers disclosed "ClawJacked," a high-severity vulnerability in OpenClaw that enabled malicious websites to silently brute-force access to locally-running instances. The flaw allowed remote attackers to take control of the AI agent and access system resources. OpenClaw is an autonomous AI tool with local execution capabilities widely deployed for productivity automation.

Meta won’t let morality get in the way of a product launch

Meta has introduced "Name Tag," a facial recognition feature for Ray-Ban Meta smart glasses that identifies people in real-time using cameras and AI. The launch comes as ICE expands surveillance operations and the administration weaponizes deportation infrastructure, with the company maintaining close ties to federal authorities. Unlike previous facial recognition controversies that sparked public backlash, this deployment arrives amid normalized surveillance conditions where biometric identification is becoming ambient infrastructure embedded in consumer devices.

US court blocks landmark law limiting social media use for children

A federal judge has blocked Virginia's law restricting minors' social media access, ruling the state lacks authority to limit 'minors' access to constitutionally protected speech.' Tech lobbying group NetChoice, representing Meta, Google, X and others, successfully argued the law violated the First Amendment. The Virginia ruling follows similar injunctions in Louisiana and Ohio, while California's narrower law targeting 'addictive feeds' was upheld in January.

Major Data Brokers Tried to Hide Their Opt-Out Pages From Search Engines

Sen. Maggie Hassan's investigation found data brokers Comscore, IQVIA Digital, Telesign, and 6sense Insights used "no index" code to hide opt-out pages from search engines, preventing consumers from exercising privacy rights. The companies changed their practices after being contacted, except Findem, which failed to respond and continues blocking its opt-out form. The report estimates identity theft from four major data broker breaches cost consumers $20.9 billion.

The Case for Why Better Breach Transparency Matters

RSA Conference session led by security consultants Adam Shostack and Adrian Sanabria highlights systemic lack of feedback mechanisms in cybersecurity incident response, arguing that mandated detailed breach disclosure is essential to reduce cyber-risk. Current US requirements vary state-by-state with publicly traded companies only obligated to report material-impact incidents, while The British Library's 2023 ransomware after-action report cited as rare example of comprehensive public accountability.

Met police to pilot facial recognition identity checks, mayor confirms

The Metropolitan Police will deploy 100 officers using roaming facial recognition technology for six months to conduct identity checks on citizens. London Mayor Sadiq Khan backed the pilot despite previously stating the Met would consult stakeholders and ethics panels before implementing operator-initiated facial recognition. Civil liberties groups called the expansion "alarming" as the UK already deploys facial recognition via fixed cameras and retrospective systems nationwide.

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

Congressional Democrats released findings showing data broker breaches have cost consumers tens of billions in identity theft losses. The report follows a WIRED investigation that exposed how data brokers hid opt-out pages from search engines using "no index" codes, making it nearly impossible for consumers to remove their personal information. Four companies subsequently removed the blocking code after congressional scrutiny.

FTC declines to enforce a kids privacy law for data collected to verify users' ages

The Federal Trade Commission announced it will not enforce the Children's Online Privacy Protection Rule (COPPA) against companies collecting personal data solely for age verification technologies, provided strict safeguards are followed. The policy shift incentivizes age verification adoption but privacy advocates warn it creates new risks. The Electronic Frontier Foundation noted that age verification systems have already experienced data breaches, citing a Discord incident where 70,000 users had government IDs exposed through a third-party vendor.

Lawmakers Ask Tech Companies What User Data They Provided to D.H.S.

US lawmakers demanded answers from Meta, Google and other technology companies following reporting that the Department of Homeland Security issued subpoenas for user information tied to accounts tracking or commenting on ICE activities. The requests come amid scrutiny over DHS cooperation with tech platforms on surveillance targeting immigration-related political content.

Hide from Meta's spyglasses with this new Android app

Developer Yves Jeanrenaud has released "Nearby Glasses," an open-source Android application that detects nearby Meta Ray-Ban smart glasses via Bluetooth signals. The app arrives as Meta reportedly prepares to add facial recognition capabilities to its wearable devices, raising concerns from domestic abuse charities about enabling stalkers to covertly identify and track individuals in public spaces.

Ad Tech Company Optimizely Targeted in Cyberattack

Ad technology firm Optimizely confirmed that a voice-phishing attack compromised internal business systems including Zendesk and Salesforce, exposing customer data. The breach affects major enterprise clients including PayPal, Salesforce, Vodafone, and Zoom. Voice phishing enables attackers to bypass technical security measures by targeting employees through social engineering.

Teenager first in SA to be prosecuted for allegedly creating deepfake images

William Hamish Yeates, 19, became the first person in South Australia prosecuted under 2024 Commonwealth laws criminalizing non-consensual deepfake pornography. He faces eight counts of creating or altering sexual material without consent for allegedly generating explicit deepfake images of a teenage girl and distributing them on social media. The case marks an early enforcement action against AI-generated intimate image abuse under Australia's federal deepfake legislation.

Facial recognition error prompts police to arrest Asian man for burglary 100 miles away

Thames Valley Police arrested Alvi Choudhury after automated facial recognition software falsely matched him with footage of a burglary suspect in Milton Keynes, 100 miles away. The match was made despite the suspect appearing "10 years younger" with clear physical differences. Choudhury, who was held for 17 hours before being cleared, is claiming damages and calling for transparency about wrongful arrests involving facial recognition technology. The case adds to documented concerns about demographic bias in automated facial recognition systems.

The FDA creates a quicker path for gene therapies

The FDA announced draft guidance for a "plausible mechanism pathway" that would allow gene-editing treatments for ultra-rare diseases to proceed without traditional clinical trials when biological understanding is strong. The policy builds on the successful treatment of "Baby KJ," an infant who received a bespoke CRISPR therapy for a fatal metabolic disorder. The framework specifically targets diseases too rare to attract pharmaceutical investment, potentially opening treatment paths for thousands of conditions affecting 30 million Americans.

Discord distances itself from Persona age verification after user backlash

Discord has removed references to testing Persona's age verification technology in the UK amid privacy concerns. Security researchers discovered exposed code at a government-authorized endpoint containing 2,456 files showing an interface pairing facial recognition with financial reporting. Persona's CEO confirmed the company has no government contracts, though the exposed code appeared powered by an OpenAI chatbot. Discord emphasized it also uses k-ID for age verification, which deletes identity documents and selfies immediately after age confirmation.

Is Age Verification a Trap?

Age verification mandates force platforms to store biometric data, ID images, and verification logs for regulatory defense, creating persistent privacy risks. Facial age estimation systems produce false positives that lock accounts for days while platforms must retain sensitive data long enough to prove compliance decisions to regulators, transforming child safety infrastructure into permanent identity surveillance architecture.

Live facial recognition to be used ahead of Everton v Man Utd

Password Managers Share a Hidden Weakness

Researchers at ETH Zurich and USI Lugano have exposed fundamental flaws in password manager cryptographic implementations, challenging "zero knowledge" claims that companies claim prevent them from accessing user credentials. The study demonstrates that malicious insiders or sophisticated hackers can exploit these cryptographic weaknesses to compromise the supposedly secure vaults across multiple major platforms. The findings undermine years of privacy assurances that have positioned password managers as essential security infrastructure.

Democrats oppose Trump administration's tech buildup for immigration enforcement

Democratic lawmakers and civil liberties advocates are pushing back against the Trump administration's deployment of facial recognition and biometric surveillance technologies to support deportation operations. Representative Pramila Jayapal has introduced the ICE Out of Our Faces Act to ban ICE and Customs and Border Protection from acquiring and using biometric identification systems, while requiring deletion of existing data. Civil rights advocates note facial recognition systems have documented accuracy disparities for women and people of color, raising concerns about wrongful arrests.

America desperately needs new privacy laws

Congress has repeatedly failed to pass comprehensive privacy legislation despite decades of corporate surveillance expansion. The Verge reports that even targeted measures like the Fourth Amendment Is Not for Sale Act—which would restrict police from using data brokers to bypass privacy laws—have stalled. Tech monopolies exacerbate privacy problems by reducing competition and centralizing information in exploitable silos, while new technologies from AR glasses to generative AI create fresh surveillance risks faster than regulatory frameworks can adapt.

DHS Wants a Single Search Engine to Flag Faces and Fingerprints Across Agencies

Homeland Security is consolidating its biometric databases into a unified platform enabling cross-agency face and fingerprint searches. The move follows DHS dismantling centralized privacy oversight mechanisms and removing key restrictions on facial recognition deployment, expanding surveillance capabilities across immigration and law enforcement operations.

California becomes first state to regulate AI companion chatbots

California's SB 243 forces AI companion corporations to implement safety protocols after teenage suicides linked to chatbots, mandating age verification and state surveillance of self-harm data. Tech giants now face $250k penalties for deepfakes as the state claims first regulatory jurisdiction over synthetic relationships.

Mass Pirate Site Domain Suspensions Aim to Slay the Streaming Hydra

Media giants leverage Indian courts for coordinated cross-border crackdown on pirate streaming domains, tightening corporate control over digital content distribution

Ethereum Foundation announces 'Privacy Cluster' team

Ethereum Foundation forms Privacy Cluster of 47 experts to develop privacy features for layer-1 network, countering sophisticated digital surveillance and government overreach with private payments and decentralized identity solutions

California enacts law giving consumers ability to universally opt out of data sharing

California mandates universal opt-out signals for data sharing in web browsers, a small victory against pervasive digital surveillance infrastructure that treats personal data as constant commodity