NYT documents 110 AI-generated war images in two weeks as both Iran and the White House deploy fabricated content. Meta reportedly considers cutting 16,000 jobs to fund $600B AI investment while key models miss deadlines. Information warfare now runs on the same synthetic media fueling tech layoffs.
#AIdisinformation #syntheticmedia #AIethics
https://www.implicator.ai/110-fakes-in-two-weeks-16-000-jobs-on-the-table-gtc-today-2/
War Footage or War Fiction? The Deepfake Crisis Reshaping Conflict Reporting
#Deepfakes #AIDisinformation #IranConflict #FactCheck #AusNews #MediaLiteracy
π³οΈ Deepfakes aren't just a cybersecurity problem β they're a democratic one.
Biometric liveness detection and injection attack prevention aren't just technical challenges β they're civic imperatives.
π https://provadivita.com/biometric-injection-attacks/
#DeepfakeDetection #ElectionSecurity #BiometricLiveness #AIDisinformation #DigitalTrust #IdentitySecurity #CyberSecurity #FightingFakes
Friday, February 6, 2026
What happens when oligarchs own media -- Ukraine strikes Russia's Oreshnik launch site in Kapustin Yar with Flamingo missiles -- Epstein's Russia connections, explained -- I tested Russia's AI. It knows the truth, but it's been trained to lie ... and morehttps://activitypub.writeworks.uk/2026/02/friday-february-6-2026/
Alright team, it's been a pretty packed 24 hours in the cyber world! We've got updates on nation-state breaches, some nasty new malware, critical vulnerabilities under active exploitation, and some significant discussions around AI and data privacy. Let's dive in:
F5 Nation-State Breach Update π‘οΈ
- F5 has provided an update on the nation-state attack disclosed on 15 October, confirming the attacker had prolonged access to their systems.
- The incident led to emergency updates for BIG-IP software/hardware and the theft of some customer configuration data and 44 undisclosed vulnerabilities.
- F5 claims the impact on customers was "limited" and the exfiltrated data "not sensitive," while also boosting security with CrowdStrike EDR for BIG-IP and an enhanced bug bounty program.
π€« CyberScoop | https://cyberscoop.com/f5-attack-limited-impact-earnings-call/
Gmail "Breach" Reports Debunked π§
- Reports circulating about a "massive Gmail breach" affecting 183 million accounts have been clarified as false by Google.
- The confusion stemmed from a misunderstanding of aggregated infostealer logs, which contain old, recycled credentials, not evidence of a new Gmail intrusion.
- Google reiterates its strong defences and active monitoring, prompting password resets for affected users when old credentials resurface.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/28/gmail_breach_fake_news/
SideWinder APT Evolves Attack Chain π
- The SideWinder APT group is targeting South Asian diplomats with a new infection chain using malicious PDFs and ClickOnce applications.
- Spear-phishing emails deliver malware like ModuleInstaller and StealerBot, designed for extensive data collection including screenshots, keystrokes, and passwords.
- Attackers employ sophisticated evasion techniques, including legitimate signed executables, region-locked C2 communications, and dynamic payload paths.
πΎ The Hacker News | https://thehackernews.com/2025/10/sidewinder-adopts-new-clickonce-based.html
BlueNoroff's GhostCall & GhostHire Campaigns π»
- North Korean-linked BlueNoroff (Lazarus Group sub-cluster) is actively targeting Web3 and blockchain sectors with new campaigns: GhostCall and GhostHire.
- GhostCall uses fake Zoom/Microsoft Teams calls to deploy macOS malware, while GhostHire lures Web3 developers with booby-trapped GitHub job assessment projects.
- These campaigns deploy a range of sophisticated malware (e.g., DownTroy, CosmicDoor, RooTroy) to harvest credentials and sensitive data from development environments, cloud platforms (AWS, Google Cloud, Azure), and communication tools, with generative AI reportedly accelerating malware development.
πΎ The Hacker News | https://thehackernews.com/2025/10/researchers-expose-ghostcall-and.html
Herodotus Android Malware Mimics Humans π€
- A new Android banking trojan, Herodotus, has been discovered, capable of full device control to steal from banking and crypto apps.
- Its unique evasion technique involves mimicking human typing with random pauses when inputting stolen credentials or transaction details, making automated detection harder.
- Observed in active campaigns in Italy and Brazil, disguising itself as legitimate banking security apps, highlighting the need for advanced fraud controls beyond simple keystroke analysis.
ποΈ The Record | https://therecord.media/android-malware-mimics-humans-avoid-detection
WSUS RCE Under Active Exploitation π¨
- A critical RCE vulnerability, CVE-2025-59287, in Windows Server Update Services (WSUS) is under active exploitation by a new threat actor, UNC6512.
- This unauthenticated deserialization flaw affects Windows Server 2012-2025, allowing arbitrary code execution on exposed WSUS instances.
- Microsoft's initial patch was incomplete, leading to emergency updates, and telemetry shows widespread exploitation attempts, with attackers focusing on initial access and internal reconnaissance.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/27/microsoft_wsus_attacks_multiple_orgs/
AI Browsers Vulnerable to Prompt Injection π§
- New AI browsers like OpenAI's Atlas, Comet, and Fellou are highly susceptible to prompt injection, both direct and indirect, and cross-site request forgery.
- Attackers can manipulate web content (e.g., hidden text, malicious URLs) to inject commands, leading to data exfiltration, malicious actions (like deleting files), or poisoning the AI's memory.
- Security experts consider prompt injection an "unsolved security problem" inherent to LLMs, urging vendors to implement low privileges, human consent, vetted sources, and robust output controls.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/28/ai_browsers_prompt_injection/
π€« CyberScoop | https://cyberscoop.com/openai-atlas-splx-research-cloaking-attacks-browser-agents/
Chatbots Parrot Russian Propaganda π·πΊ
- A study by the Institute for Strategic Dialogue (ISD) found popular chatbots (ChatGPT, Gemini, Grok, DeepSeek) cited Russian state-attributed sources in up to 25% of answers about the Ukraine war.
- This "LLM grooming" technique involves miscreants laundering state media talking points online to influence AI models, with biased or malicious prompts increasing the likelihood of pro-Kremlin content.
- Google's Gemini performed best by implementing safety guardrails, but the findings raise serious concerns about AI's role in disinformation and the enforceability of sanctions on state-backed media.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/28/chatbots_still_parrot_russian_state/
Human Cost of MoD Afghan Data Breach π
- New research submitted to the UK Parliament reveals the devastating human toll of the Ministry of Defence's 2022 Afghan relocation scheme data breach.
- The leak directly led to threats, violent assaults, and even the deaths of family members and colleagues for 49 of the 231 affected individuals, with 87% reporting other personal risks.
- The report highlights severe mental health impacts and calls for urgent government action, including expedited relocations and redress for all affected Afghans.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/28/impact_afghan_data_breach/
Clearview AI Faces Criminal Charges in EU βοΈ
- Privacy advocacy group Noyb has filed a criminal complaint against Clearview AI in Austria for repeatedly ignoring over $100 million in EU GDPR fines.
- Clearview AI's practice of scraping social media images for facial recognition without consent has been deemed illegal across Europe, but the company has largely evaded enforcement.
- The complaint leverages Article 84 of GDPR, which allows criminal proceedings against managers of organisations flouting data protection laws, aiming to set a precedent for cross-border enforcement.
π΅πΌ The Register | https://go.theregister.com/feed/www.theregister.com/2025/10/28/noyb_criminal_charges_clearview/
US Declines UN Cybercrime Treaty π
- The United States notably declined to sign the landmark UN Convention against Cybercrime, which was signed by over 70 countries including the UK, EU, China, and Russia.
- The treaty aims to create a global mechanism for coordinating against digital crime, facilitating electronic evidence sharing, and criminalising internet-dependent offenses.
- The US State Department is "reviewing" the treaty, which has faced criticism from the tech industry and human rights groups over concerns it could criminalise cybersecurity research and enable broad surveillance by authoritarian regimes.
ποΈ The Record | https://therecord.media/us-declines-signing-cybercrime-treaty
NYPD Surveillance System Lawsuit ποΈ
- The Surveillance Technology Oversight Project (STOP) is suing the NYPD, alleging its Domain Awareness System (DAS) is unconstitutional.
- DAS, a partnership with Microsoft since 2012, integrates citywide cameras, biometrics, digital communication monitors, and data analytics to track and profile New Yorkers.
- The lawsuit argues DAS violates constitutional rights to freedom of speech and protection from unreasonable searches, with newly obtained records showing its extensive data aggregation capabilities accessible to all NYPD officers.
ποΈ The Record | https://therecord.media/nypd-domain-awareness-system-civil-rights-lawsuit
#CyberSecurity #ThreatIntelligence #Vulnerabilities #RCE #WSUS #APT #SideWinder #BlueNoroff #Malware #AndroidMalware #PromptInjection #AIDisinformation #DataPrivacy #GDPR #CybercrimeTreaty #Surveillance #InfoSec #IncidentResponse
I'm gonna confess, I used ChatGPT exactly once and it was an attempt to generate the bones of an email to my representatives. The bot refused and I haven't been back.
So you can imagine how frustrating it is to read about a parade of misinformation targeted at our city councillors powered by chatbots.
After a similar resolution at Microsoft, shareholders are following suit at Meta and Apple, demanding a report on risks associated with AI-generated mis/disinfo, and how the companies plan to mitigate those risks.
βArtificial Intelligence offers great promise β and we should be excited about that β but thereβs also enormous concern about how it can be abused,β according to Michael Connor of @openmic.
Shareholders at Alphabet and Meta , following on the success of a similar resolution at Microsoft last month, have filed shareholder proposals recommending that the companies issue annual reports on the risks of misinformation and disinformation produced and amplified by their deployment of gen
Marcus Schuler
The Daily Perspective
ProvaDiVita
Kyiv Independent Daily Headlines
SOC Goulash
π³οΈβπ Bri ππ΄π±β¨
Open MIC
Sereniti