It's been a busy 24 hours in the cyber world with significant updates on AI-driven scams, a major phishing platform takedown, chatbot vulnerabilities, and big tech's strategic moves. Let's dive in:

AI-Driven Scams and Phishing Takedowns 🎣
- The SEC has charged multiple entities in a $14 million cryptocurrency scam where fraudsters used social media, fake financial professionals, and AI-generated investment tips to lure victims into fake trading platforms and steal their funds.
- The Nomani investment scam has surged by 62%, now leveraging highly realistic AI deepfake videos of public figures and bogus news articles across social media platforms like YouTube to promote non-existent investment products.
- US law enforcement successfully shut down web3adspanels.org, a platform facilitating SEO poisoning campaigns that stole bank account credentials, leading to $14.6 million in losses and highlighting the continued effectiveness of social engineering to bypass MFA.

📰 The Hacker News | https://thehackernews.com/2025/12/sec-files-charges-over-14-million-crypto-scam-using-fake-ai-themed-investment-tips.html
📰 The Hacker News | https://thehackernews.com/2025/12/nomani-investment-scam-surges-62-using-ai-deepfake-ads-on-social-media.html
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/us_shutters_phishermens_146m_passwordhording/

Chatbot Vulnerabilities & Disclosure Woes 🤖
- Researchers at Pen Test Partners uncovered four critical flaws in Eurostar's public AI chatbot, including prompt injection and HTML injection, which could lead to system prompt leakage and potential stored/shared XSS.
- The vulnerabilities stemmed from the chatbot's API design, which only performed guardrail checks on the latest message, allowing attackers to tamper with earlier messages in the chat history.
- The responsible disclosure process was fraught with issues, including Eurostar outsourcing its VDP and its head of security allegedly accusing the pen testers of "blackmail" for following up on their report.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/pentesters_reported_eurostar_chatbot_flaws/

Apple Fined Over ATT Rules ⚖️
- Italy's antitrust authority has fined Apple €98.6 million, asserting that its App Tracking Transparency (ATT) framework unfairly restricts competition in the App Store.
- The AGCM found that ATT imposes "disproportionate" and excessively burdensome double-consent requirements on third-party developers for personalised ads, while Apple's own apps can gain consent in a single tap.
- This ruling highlights ongoing regulatory scrutiny of Apple's privacy policies and their impact on market competition, with similar probes in other European countries.

📰 The Hacker News | https://thehackernews.com/2025/12/24/italy-fines-apple-986-million-over-att-rules-limiting-app-store-competition.html

Strategic Tech Shifts & Acquisitions 🚀
- ServiceNow is set to acquire cybersecurity firm Armis for $7.75 billion, aiming to integrate Armis' real-time security intelligence with its CMDB to enhance cyber exposure management and vulnerability response with AI.
- This acquisition is part of ServiceNow's broader strategy to expand its security and data management capabilities, following other recent buys like identity security platform Veza and data governance platform Data.World.
- Microsoft has announced an ambitious goal to eliminate all C and C++ code from its codebase by 2030, migrating to memory-safe Rust to significantly improve software security and reduce common vulnerabilities.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/23/servicenow_to_buy_armis_in/
🗞️ The Record | https://therecord.media/servicenow-cyber-armis-acquisition
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/

#CyberSecurity #ThreatIntelligence #AIScams #Phishing #Deepfake #Vulnerability #PromptInjection #ResponsibleDisclosure #DataPrivacy #RegulatoryCompliance #Acquisition #ServiceNow #Armis #Microsoft #RustLang #InfoSec

AI scams are rising fast.

Scammers are using AI to create believable deepfakes, targeted phishing, and automated fraud that’s harder to spot.

Learn how to protect yourself with practical, easy-to-follow advice: https://techputs.com/ai-scams-2026-how-to-protect-yourself/

Stay smart. Stay safe.

#AIScams #Security #Privacy #CyberAwareness #tech #technology #technews #scam

How many of these AI-powered scams are you familiar with?

🐡 Chatfishing
🐷 Pig butchering
📣 Voice cloning

Any stories to share that you or a friend experienced?

Not sure what any of these are about? Let me walk you through them in my newsletter: https://bit.ly/quaesita_3scams

#aiscams #ai #security

If you found this useful, a ♻️ repost makes my heart happy. And a subscription to my newsletter makes my day. 💌

Jeweller Battles AI Scammers Copying Her Business Name

Deanna Newman, a jeweller from Ontario, Canada, started C'est la vie Jewellery as a side project with hopes of growing it into a full-time business. However, her brand has been hijacked by scammers operating out of China who copied her business name to trick customers into buying low-quality jewelle... [More info]

AI-Powered Scams Devastates Seniors, Draining Billions

https://fed.brid.gy/r/https://cordcuttersnews.com/ai-powered-scams-devastates-seniors-draining-billions/

For $100 I can write you a shitty song in under 4 minutes too.

Sure, it will be whatever pops into my head, and just me singing into my phone, but it will be a 100% authentic artisanal organic* human creation.

*mostly organic. Part of me contains plastic, and I don’t eat all organic foods, so ya know. ¯\_(ツ)_/¯

https://youtu.be/u-DDHSfBBeo

#AI #AIMusic #AIScam #AISucks #GenerativeAI #AIScams #ScamBaiter #MusicProduction #MusicNews

The FBI has issued an important alert regarding a scam leveraging Artificial Intelligence. 🌐 Bad actors are using AI-generated text and voice messages to impersonate senior U.S. officials, primarily targeting individuals and their contacts to gain access to personal information.

This scheme, active since April 2025, emphasizes the need for heightened digital awareness. Here’s how you can protect yourself and your network:

🚫 Be wary of any unsolicited messages, especially those claiming to be from high-ranking officials.
✅ Always verify contact information through official, trusted sources, not links provided in the message.
🔒 Implement two-factor or multi-factor authentication on all your accounts for an added layer of security.
📵 Never share personal or sensitive information with unverified contacts online or over the phone.

Staying informed and proactive is crucial in combating these evolving cyber threats. Share this information to help protect others. What measures do you take to safeguard your digital presence?
https://www.pennlive.com/life/2025/05/fbi-alerts-public-in-pa-beyond-to-emerging-scam-heres-what-to-know.html
#CyberSecurity #AIScams #FraudPrevention #FBIWarning #DigitalSafety