Amid horrific threats from United States president Donald Trump because the US and Iran negotiated a ceasefire, the US authorities warned this week that Iran-linked hackers have been finishing up assaults towards US power and water infrastructure targets. With almost one in 5 folks in Lebanon displaced by Israeli assaults, the federal government is making an attempt to handle the disaster with out fashionable digital infrastructure and an emergency system that’s barely hanging on. Plus, a WIRED evaluation checked out Syrian authorities account hijacks in March and the inadequacies they expose in Syria’s baseline cybersecurity defenses.
Amid rising fears of political violence, a WIRED investigation discovered that US political candidates are spending extra on safety, together with buying gear like house alarms and bulletproof vests. And up to date analysis taking a look at Telegram teams discovered that males are sharing 1000’s of nonconsensual photographs of ladies and ladies, buying adware to make use of towards their wives and buddies, and fascinating in doxing and sexual abuse. In the meantime, as governments scramble to handle rising industrial scamming originating from Southeast Asia, China has emerged as the most important enforcer, but additionally a selective one, leading to crime syndicates shifting their focus overseas to keep away from Chinese language targets.
Anthropic formally introduced its new Claude Mythos Preview mannequin this week and mentioned that for now it’s going to solely make the mannequin obtainable to a choose group of some dozen main tech and monetary organizations, together with Apple, Microsoft, Google, and the Linux Basis. The consortium, dubbed Undertaking Glasswing, will discover Mythos Preview’s superior hacking and different cybersecurity capabilities and assess one of the best methods to enhance software program and {hardware} defenses earlier than capabilities like those in Mythos Preview proliferate extra broadly throughout different fashions and inevitably find yourself within the arms of attackers. The bulletins sparked controversy about whether or not Mythos Preview and related capabilities will actually be as consequential for cybersecurity as Anthropic says. Consultants informed WIRED that whereas it is probably not a dramatic disaster, it will be significant for defenders to come back collectively and use their early entry to make modifications in how software program is developed and the way organizations all over the world spend money on patching.
Lastly, a WIRED investigation discovered that nonprofit teams linked to Customs and Border Safety services have been promoting problem cash that celebrated the Trump administration’s immigration raids, together with one coin that depicted Charlotte’s Internet characters in riot gear.
And there’s extra. Every week, we spherical up the safety and privateness information we didn’t cowl in depth ourselves. Click on the headlines to learn the complete tales. And keep protected on the market.
The FBI lately obtained its arms on copies of encrypted Sign messages being despatched to a defendant’s iPhone as a result of the contents of these messages have been included in push notifications, 404 Media stories. Regardless that Sign had been faraway from the cellphone previous to it being seized by the FBI, the notifications nonetheless lived on within the cellphone’s inner reminiscence.
The difficulty impacts all apps that ship push notifications, not simply Sign, however customers of that app can alter their settings to not present the content material of a message or the identify of the sender in push notifications. To regulate your settings for notifications going ahead, open Sign and go to Settings, then Notifications, and alter the choice to Identify Solely or No Identify or Content material.
Regardless of the tenuous and contested ceasefire enacted within the US-Israel struggle with Iran, tens of tens of millions of atypical Iranians are nonetheless with out common and dependable web connectivity. The regime-imposed web blackout, which began through the first hours of the struggle on February 28, is now reaching the 1,000 hour level, in response to web monitoring group NetBlocks. In current weeks, the web shutdown has grow to be the longest in Iranian historical past and one of many longest worldwide—depriving Iranians of correct information concerning the struggle, stopping them contacting household and family members, and inflicting additional financial hurt to the nation. US-based Iranian digital rights challenge Filter Watch has detailed how the Iranian regime, whereas being bombarded through the battle, has labeled anti-censorship instruments as “malicious” and claimed to have arrested people utilizing Starlink web connections to get across the block.
The FBI’s annual web crime report usually paints a bleak image: year-on-year, the variety of cybercrime stories will increase and the sum of money misplaced by Individuals shoots up. Sadly, 2025 was no totally different. Final yr, in response to the FBI’s annual report, losses reported to the Web Crime Grievance Middle topped $20 billion—a rise of 26 % in comparison with 2024. Greater than half of those reported losses ($11.3 billion) have been linked to cryptocurrency scams, usually by fraudulent funding schemes, in response to the FBI. Enterprise e mail compromise, tech and buyer assist scams, private knowledge breaches, and confidence or romance scams, make up the opposite commonest crime stories. Crimes mentioning AI led to $893 million in losses.
Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, permitting enterprise customers to compose and skim E2EE messages natively on cell for the primary time with out separate apps or mail portals required. Encrypted emails seem as normal threads within the Gmail app for recipients utilizing Gmail, whereas these on different suppliers can entry them by way of a safe browser view. This rollout builds on the client-side encryption mannequin launched to Google Workspace net customers in April 2025, the place messages are encrypted with customer-controlled keys, stopping Google from accessing their contents. The strategy is especially interesting for organizations with strict compliance necessities, together with HIPAA, export controls, and knowledge sovereignty laws.
Entry, nonetheless, stays restricted: The function is obtainable solely to Google Workspace Enterprise Plus prospects with the Assured Controls or Assured Controls Plus add-on, and isn’t supported for private Gmail accounts. Directors should additionally explicitly allow the Android and iOS shoppers within the admin interface earlier than eligible customers can entry the function, which is off by default. Finish customers then toggle encryption per-message by tapping the lock icon and deciding on “Further encryption,” mirroring the online workflow. The rollout is obtainable instantly to each Fast Launch and Scheduled Launch domains.
