Anthropic just dropped something that should be on every security team's radar right now.

Claude Mythos Preview converts 72% of discovered vulnerabilities into working exploits across major operating systems and browsers, including zero-days.

Read more: https://steelefortress.com/lyacdk

Encryption #Privacy #Security

secureblue is a security-focused Linux OS built on Fedora Atomic, using an immutable (read-only) system to reduce attack surface and prevent tampering.

It ships as bootable container images and includes strong hardening out of the box -- a solid choice for users who want more control and better security.

👉 https://github.com/secureblue/secureblue
More privacy-friendly tools: https://digital-escape-tools-phi.vercel.app/

#Privacy #OpenSource #Linux #Security #FOSS #DigitalFreedom

Alt...

Screenshot of the secureblue GitHub repository readme. Badges show: build passing, integrity tests failing, trivy passing, OpenSSF best practices passing, OpenSSF Scorecard 9.2, Discord with 174 online. Description text reads: “secureblue is a security-focused desktop and server Linux operating system. It is built using BlueBuild and shipped as a set of OCI bootable containers, using Fedora Atomic Desktop’s base images as a starting point. For more information, visit the secureblue website.”

Beat Chat Control with Nofuture (https://safecomms.virebent.art).

This Memguard-powered, post-quantum tool completely detaches encryption from mainstream apps. Encrypt your text outside the chat, then paste the ciphertext anywhere.

When the session ends, keys are permanently wiped from memory.

Try the public demo or self-host it for maximum OpSec.

https://safecomms.virebent.art

#InfoSec #CyberSecurity #Encryption #Security

Fun post pointed out by Werner Koch on the GPG "post-quantum defaults" thread:

https://www.metzdowd.com/pipermail/cryptography/2026-March/039449.html

"""
Quantum Cryptography, while intellectually neat, does not present a
practical attack that we need protection against at this time.
Kleptographic Standards on the other hand are very much a practical
attack that we need to protect against at this time.

When a standards body tells you that you should cast aside well-studied
cryptographic algorithms which have earned their trust through dozens of
years of examination, testing, and motivated attackers, for the sake of
protection against Quantum Crypto? The attack you should be protecting
against isn’t Quantum Crypto.
"""

#cryptography #QuantumCryptography #security

If you want to try a privacy-first email and calendar service, Tuta offers a birthday deal with discounted access to encrypted tools 🔐
The 12th anniversary offer includes Tuta Mail and Tuta Calendar with quantum-safe encryption, with the discount applying to the first year only 📧

@Tutanota

🔗 https://tuta.com/special-offer

#TechNews #Tuta #Tutanota #Email #Calendar #Privacy #Encryption #FOSS #OpenSource #Security #DataProtection #NoAds #Freedom #Transparency #Software #Cloud

EU Parliament ended ePrivacy derogations for chat scanning, and states dropped mandatory encrypted message scanning, limiting mass surveillance 🔐
Platforms still signal “voluntary” monitoring, while Chat Control talks continue with age checks and measures that may pressure services to scan communications ⚖️

🔗 https://www.eff.org/deeplinks/2026/04/eu-parliament-blocks-mass-scanning-our-chats-whats-next

#TechNews #EU #ChatControl #Privacy #Encryption #DataProtection #Surveillance #FOSS #OpenSource #Security #Freedom #Transparency #BigTech #Regulation #DigitalRights

#Europe Gets Serious About #AgeVerification Online

The search for an age-verification system that protects user data may begin and end in the #EU.
#privacy #security #surveillance

https://www.wired.com/story/europe-gets-serious-about-age-verification-online/

Mozilla is adding a built-in VPN and optional AI features to Firefox amid declining share, aiming to restore relevance while balancing privacy, openness, and usability. 🔍
The strategy emphasizes local AI and integrated privacy tools, but opt-out defaults and trust concerns raise risks around user control, transparency, and global access. 🔐

🔗 https://itsfoss.com/opinion/firefox-survival-with-vpn-ai/

#TechNews #Firefox #Mozilla #VPN #AI #Privacy #OpenSource #FOSS #Security #Transparency #Browsers #Software #Freedom #Tech #Data

The Cryptographic Zombie: How Keybase Went from Privacy Darling to Zoom’s Cleanup Crew

Once the ultimate geek flex for cypherpunks, Keybase promised to make PGP cryptography accessible to mere mortals. Today, it hovers in the digital ether as a "zombie" app. Here is the story of how a revolutionary open-sour

https://schulz.dk/2026/04/06/the-cryptographic-zombie-how-keybase-went-from-privacy-darling-to-zooms-cleanup-crew/

#Misc #Privacy #Security #cryptography #nostalgia #security

Engadget: OkCupid settles FTC case on alleged misuse of its users’ personal data . “According to the lawsuit, the FTC accused OkCupid of inappropriately sharing personal user data that includes photos and location info with a third party company, Clarifai, which offers AI-powered software for uses like facial recognition and content moderation.”

“Privacy. That’s iPhone.” — and Other Things That Need an Asterisk
Apple isn’t lying about privacy. They’re just very careful about what they don’t say out loud. The Google deal. iCloud’s 5GB trap. The Meta silence. What “we keep your data safe” actually means.
None of it required a lie. That’s kind of the whole point.

https://blog.ppb1701.com/privacy-thats-iphone-and-other-things-that-need-an-asterisk

#apple #privacy #bigtech #userhostile #blog #icloud #security

ZDNet: Proton just launched a Google Workspace alternative – and it’s fully encrypted. “Proton, the organization behind the popular Proton VPN service, is carving a foothold in the productivity arena with the launch of Proton Workspace, available today. Proton, based in Switzerland and subject to the country’s strict privacy and data protection laws, calls its new offering a ‘private […]

Grab a copy of your favourite open source OS and archive it locally.

Because in future it will become infested with LLM code and biometric exfiltration malware.

#opensource #privacy #surveillance #security #AIslop #llm

Alt...

Slackware cd rom

https://linuxiac.com/parrot-linux-takes-stand-against-age-verification/

Parrot Linux has released a statement opposing age verification. This puts them in league with several others that have come out strongly against Age Verification:

- Garuda Linux
- MX Linux
- Ageless Linux
- MidnightBSD
- GrapheneOS
- System76
- Whonix

#Privacy #Security #Linux #OpenSource #AgeVerification

Nekogram, fork of the Open Source messaging app Telegram used by journalists and privacy activists, had just been discovered to include spyware. The malicious code sent all user's private phone numbers to the developer, a Chinese man nicknamed NekoWorkshop (alias tehcneko). The devteam publicly admitted the presence of the spyware code, then started reacting violently against the userbase.

#telegram #nekogram #opensource #fail #chat #hacking #privacy #security #malware #spyware #nekoworkshop

Alt...

Official declaration of the Nekogram developer (posted: April 2nd on t.me/NekoUpdates - channel ID: 1339737452 - discussion ID: 1349472891).

Alt...

Nekogram developer arguing immediately after the spyware scandal.

Alt...

Nekogram developer insulting another user immediately after the spyware scandal.

TeleGuard: A Secure Chat App’s Encryption Is So Bad It Is ‘Meaningless’

https://www.404media.co/a-secure-chat-apps-encryption-is-so-bad-it-is-meaningless/

#tech #technology #news #technews #security #privacy #teleguard #encryption

The alarming data point that would make an SMB owner lose sleep is: "Civil penalties range from $100 to $50,000 per violation, with annual maximums reaching $1.5 million per violation category." To mitigate this risk, the strategic countermeasure is: "Implement role-based access control (RBAC) across all wearable companion apps and backend systems, configure granular permissions distinguishing patient, provider, administrator, and analytics roles." This is a crucial step in achieving HIPAA compliance for wearable tech and health data privacy, as it ensures that only authorized personnel have access to sensitive patient information.

Where would 10 shocking ways wearable tech can get you sued – a... break first in your environment?

Read more: https://steelefortress.com/fortress-feed/10-shocking-ways-wearable-tech-can-get-you-sued-a-guide-for-businesses-to-protect-their-data-now

CyberSecurity #Privacy #InfoSec #Security

🎥 Watch Teaser: https://steelefortress.com/uzbx73

GlobaLeaks is an open-source platform for secure and anonymous leak submissions.
Designed to protect both sources and recipients with strong privacy safeguards.

Used by journalists and organizations to handle sensitive information, with features like Tor support and encrypted communication.

👉 https://github.com/globaleaks/GlobaLeaks
👉 More tools like this: https://digital-escape-tools-phi.vercel.app/

#OpenSource #Privacy #Security #Journalism #SelfHosting #DigitalMinimalism

Alt...

Screenshot of GlobaLeaks project badges: AGPLv3+ license, REUSE compliant, Contributor Covenant v3.0, Verified DPG (Digital Public Good), OpenSSF Best Practices Gold, OpenSSF Scorecard 6.6. Text reads: “GlobaLeaks is free and open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.”

That creepy date isn't the only one swiping right on your dating photos

OkCupid gave 3 million dating-app photos to facial recognition firm, FTC says

https://arstechnica.com/tech-policy/2026/03/okcupid-match-pay-no-fine-for-sharing-user-photos-with-facial-recognition-firm/

#OkCupid #Photos #Privacy #Security #Surveillance #FTC #Tech

https://www.youtube.com/watch?v=adCMNAVBGSQ

Age Verification is beyond Epstein 2.0.

"You are basically laying out your children on a silver platter in the name of protecting them."

"Once these OS-level age verification laws take hold, we're about 3 months from a real-time GPS-located database of verified children for creeps, politicians, and rich Ep-style people to use."

TLS and SSH rely on Certificate Authorities (CAs) for authentication, but they also present a vector for Man in the Middle attacks. What if you could set up your own CA to reduce your exposure?

➡️ https://fedoramagazine.org/make-a-private-ca-with-step-ca/

#WebDev #Linux #Security #InfoSec #Cybersecurity #Fedora