🛡️ #Cybersecurity news & tips across the #fediverse

“Michael Geist: “…a scheme that retains everyone’s data is a reasonable and proportionate response to the need and “it would help us identify bystanders near a crime scene” surely does not meet the necessary standard.”
...”

https://cosocial.ca/@mike_vlasman/116613205918009441

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“What a great set of resources. "[...] people around the world are mobilizing to resist the empires of AI and to nourish visions of the future that work for all of us. Amid an onslaught of negative news, this project cen...”

https://mastodon.social/@mstrlaw/116611357018937368

🤖 via RSS feed. Not an endorsement.

#Ukraine identifies #infostealer operator tied to 28,000 stolen accounts

https://www.bleepingcomputer.com/news/security/ukraine-identifies-infostealer-operator-tied-to-28-000-stolen-accounts/

#cybersecurity #malware

Hackers bypass #SonicWall #VPN #MFA due to incomplete patching

https://www.bleepingcomputer.com/news/security/hackers-bypass-sonicwall-vpn-mfa-due-to-incomplete-patching/

#cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“TAKE ACTION: The House Transportation committee will vote tomorrow morning on a bipartisan amendment that would limit usage of Flock and other ALPRs. https://www. wired.com/story/a-bipartisan-a mendment-would-end-...”

https://pnw.zone/@waprivacy/116609646520683881

🤖 via RSS feed. Not an endorsement.

#Google publishes exploit code threatening millions of #Chromium users

https://arstechnica.com/security/2026/05/google-publishes-exploit-code-threatening-millions-of-chromium-users/

#Chrome #cybersecurity

#Grafana says stolen #GitHub token let hackers steal codebase

https://www.bleepingcomputer.com/news/security/grafana-says-stolen-github-token-let-hackers-steal-codebase/

#privacy #cybersecurity #DataBreach #analytics #TeamPCP #npm #ShaiHulud

🛡️ #Cybersecurity news & tips across the #fediverse

“"In our line of work, you have to be lucky sometimes. In a previous post we explained how unsecured and forgotten dashboard and web pages can reveal a lot about China's security and surveillance system. Now, we can revea...”

https://tldr.nettime.org/@remixtures/116609142416141986

🤖 via RSS feed. Not an endorsement.

Uh-oh! Trump Mobile has finally moved from concept to a physical product that shipped this week, but some customers are reporting their sensitive information has been exposed via a simple security exploit. Android Authority has the details:

https://flip.it/UdlMsX

#TrumpMobile #DataLeak #Cybersecurity

On #AI Security

https://www.schneier.com/blog/archives/2026/05/on-ai-security.html

#cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“# Microsoft Took a Step Toward # HumanRights # Accountability . # Google and # Amazon (and Others) Should Pay Attention! For years, civil society organizations, workers, # journalists , and human rights ...”

https://mas.to/@PrivacyDigest/116609012156492268

🤖 via RSS feed. Not an endorsement.

#Drupal critical update to fix bug with high exploitation risk

https://www.bleepingcomputer.com/news/security/drupal-critical-update-to-fix-bug-with-high-exploitation-risk/

#cybersecurity #CMS

Exploit released for new #PinTheft #ArchLinux root escalation flaw

https://www.bleepingcomputer.com/news/linux/exploit-released-for-new-pintheft-arch-linux-root-escalation-flaw/

#cybersecurity #FOSS #Arch #Linux

#Microsoft shares mitigation for #YellowKey #Windows zero-day

https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-mitigation-for-yellowkey-windows-zero-day/

#BitLocker #cybersecurity #FDE #encryption

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// mastodon.social/@wchr/11660672 7341238099 Security researchers discovered an unsecured and abandoned/forgotten Chinese web app that reveals how much China's surveillance system knows about its locals ...”

https://hachyderm.io/@davidculley/116608958142809510

🤖 via RSS feed. Not an endorsement.

#GitHub confirms breach of 3,800 repos via malicious #VSCode extension

https://www.bleepingcomputer.com/news/security/github-confirms-breach-of-3-800-repos-via-malicious-vscode-extension/

#DataBreach #cybersecurity #Microsoft #TeamPCP

Daily Digest | 21 May 2026

Your daily dose of Privacy, Data Protection, AI & Cybersecurity news.

5 stories you should not miss.

Read more: https://www.nicfab.eu/daily-digest/

#Privacy #AI #GDPR #Cybersecurity #TechLaw

🛡️ #Cybersecurity news & tips across the #fediverse

“The FBI Wants to Buy Nationwide Access to License Plate Readers
# surveillance https://www. 404media.co/the-fbi-wants-to-b uy-nationwide-access-to-license-plate-readers/”

https://social.vivaldi.net/@rogerc2738/116608896511386263

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“Negrodamus strikes again: Data Collection Edition AI companies and data brokers even resort to fake forms to keep selling our data https:// 9to5mac.com/2026/05/20/ai-comp anies-and-data-brokers-even-resort-to-fak...”

https://toot.majorshouse.com/@majorlinux/116608755536223800

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“One of the key concerns from companies such as Signal, NordVPN or Apple is that Bill C-22 would compel them to create decryption keys to make information readable to law enforcement if required. [1] This is a misrepres...”

https://zeroes.ca/@datum/116608637110848710

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“RE: https:// zeroes.ca/@datum/1166085401469 92311 ❝ Your job as journalists is not just to repeat the official's stance, but to fact check.❞ 🗣 LOUDER FOR THE PEOPLE IN THE BACK!!! # journalism # tech # f...”

https://mastodon.social/@blogdiva/116608636719193956

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“After Town Bans Flock, Councilmember Crashes Out, Proposes Internet and Phone Ban https://www. 404media.co/after-town-bans-fl ock-councilmember-crashes-out-proposes-internet-and-phone-ban/ # Texas # flock # ...”

https://mas.to/@kctipton/116608444085551224

🤖 via RSS feed. Not an endorsement.

🚨 New Episode Live: Is BitLocker a Backdoor?

A new zero-day, "YellowKey," allows attackers to bypass default Windows encryption instantly. The discoverer claims it looks like an intentional flaw in the recovery environment.

We dive into the evidence, the "bug vs. backdoor" debate, and the critical steps you must take to secure your drive right now.

Don't wait for a patch. Fix it yourself.

Listen now: ImpracticalPrivacy.com

#BitLocker #Privacy #InfoSec #CyberSecurity #OpenSource #microsoft

Alt...

Image was generated with AI.

🛡️ #Cybersecurity news & tips across the #fediverse

“@ cwebber I did the same as soon as I heard it was an option. 👍 For those who may have only a partial picture, it is my understanding that: 1) Main # DuckDuckGo is Bing (Microsoft) under the covers, with the ...”

https://c.im/@nickrauchen/116607892515088220

🤖 via RSS feed. Not an endorsement.

"An independent cybersecurity review has confirmed a critical Telegram vulnerability previously reported by OCCRP and its Russian partner Important Stories, finding that the messaging app exposes persistent device identifiers that could allow users to be tracked across networks and locations.

The review, conducted by Symbolic Software and obtained by Important Stories, found that Telegram clients transmit messages in a way that exposes an identifier known as ‘auth_key_id’ in cleartext or in a form that can be easily deobfuscated. The identifier remains stable across sessions, IP address changes, network switches, and geographic locations.

That means an internet service provider, network administrator, state surveillance system, or other actor with passive access to Telegram traffic could collect the identifiers without breaking encryption, intercepting certificates, or actively manipulating the connection.

The experts said such access could allow an observer to build a database linking specific devices to network locations, timestamps, and traffic patterns. If the user’s identity is known through other means, the same data could be used to track that person’s device over time."

https://www.occrp.org/en/news/review-confirms-telegram-tracking-vulnerability

#CyberSecurity #SocialMedia #Telegram #Russia #Privacy

Mozilla warned the UK against targeting VPNs to enforce Online Safety Act age checks, calling them essential privacy and security infrastructure. 🔐
The Firefox maker said age-gating VPNs would expand surveillance while failing to address weak verification systems and platform design issues. 🌐

🔗 https://www.theregister.com/security/2026/05/18/mozilla-warns-uk-breaking-vpns-will-not-magically-fix-britains-age-check-mess/5241770

#TechNews #Mozilla #Firefox #VPN #Privacy #OnlineSafetyAct #Firefox #DigitalRights #Cybersecurity #Surveillance #Encryption #Security #OpenWeb #UK #DataPrivacy #AgeVerification

🛡️ #Cybersecurity news & tips across the #fediverse

“New Hampshire just passed a bill to preserve their law (the most robust in the U.S.) that protects against invasive use of license plate readers:
https://www. billtrack50.com/billdetail/191 1335 # ALPR # Floc...”

https://better.boston/@athorn/116607157722318180

🤖 via RSS feed. Not an endorsement.

🛡️ #Cybersecurity news & tips across the #fediverse

“This Cambridge Day gives a fairly clear picture of Monday's City Council vote to end use of ShotSpotter: https://www. cambridgeday.com/2026/05/19/co uncil-drops-shotspotter-in-close-vote/ Many thanks once again to...”

https://better.boston/@athorn/116606397626229357

🤖 via RSS feed. Not an endorsement.

#Poland urges officials to ditch #Signal for state-run messaging apps

https://cyberinsider.com/poland-urges-officials-to-ditch-signal-for-state-run-messaging-apps/

#cybersecurity #politics

Max-severity flaw in #ChromaDB for #AI apps allows server hijacking

https://www.bleepingcomputer.com/news/security/max-severity-flaw-in-chromadb-for-ai-apps-allows-server-hijacking/

#cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“🛡️ FBI Plans Nationwide License Plate Data Access, Sparking Privacy Debate The FBI aims to access a vast network of license plate cameras across the US, prompting privacy concerns and legal challenges. https://www. ...”

https://mastodon.social/@BytePulseNet/116604080463337237

🤖 via RSS feed. Not an endorsement.

#Cybercrime service disrupted for abusing #Microsoft platform to sign #malware

https://www.bleepingcomputer.com/news/security/cybercrime-service-disrupted-for-abusing-microsoft-platform-to-sign-malware/

#cybersecurity #FoxTempest

GitHub’s recent incident: a fake VS Code extension may have compromised 3,800 internal repos. TeamPCP is suspected. Strengthening code security with multi‑factor authentication and preventive code encryption is essential. We recommend reviewing all repo access controls and conducting thorough audit trails. #CyberSecurity #DevOps #DataProtection

🚩

#Microsoft Self-Service #Password Reset abused in #Azure data theft attacks

https://www.bleepingcomputer.com/news/security/microsoft-self-service-password-reset-abused-in-azure-data-theft-attacks/

#cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“🚨 Your BitLocker might not be locking anything. A new zero-day called "YellowKey" bypasses default Windows encryption with just a USB stick and a key press. The researcher who found it calls it a backdoor. Microsoft ha...”

https://mastodon.social/@ImpracticalPrivacy/116602452619063179

🤖 via RSS feed. Not an endorsement.

A new way to fund internet freedom

https://blog.torproject.org/fund-internet-freedom/

#privacy #cybersecurity #activism #crypto #anonymity

Option 2: Mastodon
🚨 New Episode Live: YellowKey

A new zero-day called "YellowKey" lets attackers bypass default BitLocker encryption with a simple USB trick. Microsoft hasn't patched it yet.

We break down the exploit, the "backdoor" accusations, and exactly how to secure your drive today.

Don't trust the default. Listen now: ImpracticalPrivacy.com

#BitLocker #Privacy #InfoSec #CyberSecurity #OpenSource #YellowKey #Microsoft #Surveillance #Windows #Windows11 #OpSec #Encryption

Alt...

Image was created with AI.

New #ShaiHulud #malware wave compromises 600 #npm packages

https://www.bleepingcomputer.com/news/security/new-shai-hulud-malware-wave-compromises-600-npm-packages/

#cybersecurity

#7Eleven confirms #DataBreach claimed by the #ShinyHunters gang

https://www.bleepingcomputer.com/news/security/7-eleven-confirms-data-breach-claimed-by-the-shinyhunters-gang/

#privacy #cybersecurity

🛡️ #Cybersecurity news & tips across the #fediverse

“The # FBI Wants to Buy Nationwide Access to License Plate Readers https://www. 404media.co/the-fbi-wants-to-b uy-nationwide-access-to-license-plate-readers/ # ALPR # privacy # surveillance # Flock ...”

https://mastodon.thenewoil.org/@thenewoil/116602306838912194

🤖 via RSS feed. Not an endorsement.

#Discord finally rolls out end-to-end #encryption by default for all voice and video calls

https://alternativeto.net/news/2026/5/discord-finally-rolls-out-end-to-end-encryption-by-default-for-all-voice-and-video-calls/

#privacy #cybersecurity #E2EE #SocialMedia

New Release: #Tor Browser 15.0.14

https://blog.torproject.org/new-release-tor-browser-15014/

#privacy #cybersecurity #anonymity #FOSS

Android 17 adds scam-call detection for banking apps, expanded anti-stalkerware protections, and stronger theft recovery controls across devices. 📲
Google is also rolling out OTP shielding, post-quantum cryptography, and tighter app access limits to reduce tracking and credential theft risks. 🔐

🔗 https://www.bleepingcomputer.com/news/security/android-17-to-expand-banking-scam-call-and-privacy-protections/

#TechNews #Android17 #Android #Google #Privacy #Cybersecurity #MobileSecurity #Scam #Encryption #PostQuantum #PlayProtect #Security #Infosec #DataProtection #Technology

Apple backed Google in opposing EU proposals that would require Android to give rival AI services deeper access to apps and system features. 📱
Apple warned the DMA measures could weaken privacy, security, and device integrity as regulators push for more user choice in AI assistants. ⚖️

🔗 https://9to5mac.com/2026/05/13/apple-warns-eu-against-forcing-google-to-open-android-to-ai-rivals/

#TechNews #Apple #iPhone #iOS #Google #Android #AI #DMA #Europe #EU #Privacy #Cybersecurity #Antitrust #OpenSource #Regulation #Mobile #Security #Technology #ArtificialIntelligence

🛡️ #Cybersecurity news & tips across the #fediverse

“The # FBI Wants to Buy Nationwide Access to # LicensePlateReaders The FBI says it is looking for a vendor that will let it log into a Software-as-a-Service system and then query the collected # ALPR data with l...”

https://mas.to/@PrivacyDigest/116602229889968166

🤖 via RSS feed. Not an endorsement.

#INTERPOL ‘#OperationRamz’ seizes 53 #malware, #phishing servers

https://www.bleepingcomputer.com/news/security/interpol-operation-ramz-seizes-53-malware-phishing-servers/

#cybercrime #cybersecurity

Daily Digest | 20 May 2026

Your daily dose of Privacy, Data Protection, AI & Cybersecurity news.

5 stories you should not miss.

Read more: https://www.nicfab.eu/daily-digest/

#Privacy #AI #GDPR #Cybersecurity #TechLaw