Vos photos ≠ le carburant d’une IA 🧠❌

IMMICH, c’est Google Photos…
👉 en open-source
👉 chez vous
👉 sans abonnement
👉 sans tracking

Reconnaissance faciale & recherche IA 100% locale 🔒
▶️ https://youtu.be/yUpjxrVNBAI?si=J9sCY4FC8F8vHxAh

@immichapp @truenas @docker

Hashtags X (15)

#Immich #GooglePhotos #SelfHosting #OpenSource #Privacy
#HomeServer #Linux #NAS #Tech #IA
#DataPrivacy #Cloud #AutoHebergement #Docker #TrueNAS

Merry Christmas!
May you have a peaceful and joyful few days 🎄 ⛄ 🎁

If you need a last minute present that does not break the bank, consider our unhackable, untrackable, fully encrypted period tracker:
https://github.com/KeepDataPrivate/MyPeriodDataIsMine

#MyPeriodDataIsMine #UnhackablePeriodTracker #DataPrivacy

It's been a busy 24 hours in the cyber world with significant updates on AI-driven scams, a major phishing platform takedown, chatbot vulnerabilities, and big tech's strategic moves. Let's dive in:

AI-Driven Scams and Phishing Takedowns 🎣
- The SEC has charged multiple entities in a $14 million cryptocurrency scam where fraudsters used social media, fake financial professionals, and AI-generated investment tips to lure victims into fake trading platforms and steal their funds.
- The Nomani investment scam has surged by 62%, now leveraging highly realistic AI deepfake videos of public figures and bogus news articles across social media platforms like YouTube to promote non-existent investment products.
- US law enforcement successfully shut down web3adspanels.org, a platform facilitating SEO poisoning campaigns that stole bank account credentials, leading to $14.6 million in losses and highlighting the continued effectiveness of social engineering to bypass MFA.

📰 The Hacker News | https://thehackernews.com/2025/12/sec-files-charges-over-14-million-crypto-scam-using-fake-ai-themed-investment-tips.html
📰 The Hacker News | https://thehackernews.com/2025/12/nomani-investment-scam-surges-62-using-ai-deepfake-ads-on-social-media.html
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/us_shutters_phishermens_146m_passwordhording/

Chatbot Vulnerabilities & Disclosure Woes 🤖
- Researchers at Pen Test Partners uncovered four critical flaws in Eurostar's public AI chatbot, including prompt injection and HTML injection, which could lead to system prompt leakage and potential stored/shared XSS.
- The vulnerabilities stemmed from the chatbot's API design, which only performed guardrail checks on the latest message, allowing attackers to tamper with earlier messages in the chat history.
- The responsible disclosure process was fraught with issues, including Eurostar outsourcing its VDP and its head of security allegedly accusing the pen testers of "blackmail" for following up on their report.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/pentesters_reported_eurostar_chatbot_flaws/

Apple Fined Over ATT Rules ⚖️
- Italy's antitrust authority has fined Apple €98.6 million, asserting that its App Tracking Transparency (ATT) framework unfairly restricts competition in the App Store.
- The AGCM found that ATT imposes "disproportionate" and excessively burdensome double-consent requirements on third-party developers for personalised ads, while Apple's own apps can gain consent in a single tap.
- This ruling highlights ongoing regulatory scrutiny of Apple's privacy policies and their impact on market competition, with similar probes in other European countries.

📰 The Hacker News | https://thehackernews.com/2025/12/24/italy-fines-apple-986-million-over-att-rules-limiting-app-store-competition.html

Strategic Tech Shifts & Acquisitions 🚀
- ServiceNow is set to acquire cybersecurity firm Armis for $7.75 billion, aiming to integrate Armis' real-time security intelligence with its CMDB to enhance cyber exposure management and vulnerability response with AI.
- This acquisition is part of ServiceNow's broader strategy to expand its security and data management capabilities, following other recent buys like identity security platform Veza and data governance platform Data.World.
- Microsoft has announced an ambitious goal to eliminate all C and C++ code from its codebase by 2030, migrating to memory-safe Rust to significantly improve software security and reduce common vulnerabilities.

🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/23/servicenow_to_buy_armis_in/
🗞️ The Record | https://therecord.media/servicenow-cyber-armis-acquisition
🕵🏼 The Register | https://go.theregister.com/feed/www.theregister.com/2025/12/24/microsoft_rust_codebase_migration/

#CyberSecurity #ThreatIntelligence #AIScams #Phishing #Deepfake #Vulnerability #PromptInjection #ResponsibleDisclosure #DataPrivacy #RegulatoryCompliance #Acquisition #ServiceNow #Armis #Microsoft #RustLang #InfoSec

Large language models are ever more commonly handling sensitive data at scale. 📈

RAG Servers and MCP Servers serve completely different purposes. The security implications differ just as much, especially around database access. 🔒

Our latest blog delves into the differences so you can make an informed decision. Check it out 👉 https://www.pgedge.com/blog/rag-servers-vs-mcp-servers-choosing-the-right-approach-for-ai-powered-database-access

#programming #cybersecurity #compliance #pii #hipaa #ccpa #gdpr #privacy #dataprivacy #ai #llm #dataengineering #developers #mcp #rag #postgres

My charity pick for the last 3 years, along with Freedom of the Press and Signal. #nonprofit #charities #dataprivacy

@eff https://mastodon.social/@eff/115774213481914513

What are the best European countries to host a website? What are the advantages of using a secure website host? From environment-friendly data centers to privacy laws, here's why you should consider moving your data to Europe.

#EU #DataCenters #websiteHosting #dataPrivacy #websites

https://negativepid.blog/web-hosting-and-data-residency-in-europe/
https://negativepid.blog/web-hosting-and-data-residency-in-europe/

Here's a case that prompted a massive advance in cybersecurity measures in the United States. The Target data breach prompted the use of pin-and-chip cards and the adoption of SIEM. Here's how this incident sparked such a massive change in payment data protection.

#targetDataBreach #cards #creditCards #SIEM #paymentData #dataPrivacy #dataProtection

https://negativepid.blog/the-target-data-breach/
https://negativepid.blog/the-target-data-breach/