NEW: Security researchers have found another sophisticated hacking campaign against iPhone users.

This one is also by a Russian government group against Ukrainians, and involves both stealing personal data and potentially crypto.

And it raises the question: are iPhone hacks more common that we think?

https://techcrunch.com/2026/03/18/russians-caught-stealing-personal-data-from-ukrainians-with-new-advanced-iphone-hacking-tools/

Interesting: The Rejection of Artificially Generated Slop (RAGS)
[ERROR 406i: AI_SLOP_DETECTED]

"This document specifies the standard protocol for handling and discarding low-effort, machine-generated contributions submitted to source code repositories, issue trackers, vulnerability reporting portals, and community forums, be they public open-source projects or internal corporate monoliths."

https://406.fail/

NEW: The FBI said it is investigating a hack on its networks.

The breach affected the FBI's systems to manage wiretaps and surveillace requests, according to CNN.

https://techcrunch.com/2026/03/05/fbi-investigating-hack-on-its-wiretap-and-surveillance-systems-report/

This Google research on the Coruna iOS exploits is very interesting. And perhaps the most interestig things are all the open questions that are not answered here.

https://cloud.google.com/blog/topics/threat-intelligence/coruna-powerful-ios-exploit-kit

You're paying AI companies a monthly subscription fee to be fingerprinted like a parolee.

I got bored and ran uBlock across Claude, ChatGPT, and Gemini simultaneously.

Claude:

• Six parallel telemetry pipelines.
• A tracking GIF with 40 browser fingerprint data points baked into the URL, routed through a CDN proxy alias specifically to make it harder to block.
• Intercom running a persistent WebSocket whether you use it or not.
• Honeycomb distributed tracing on a chat UI because apparently your conversation needs the same observability stack as a payments microservice.

ChatGPT:

• proxies telemetry through their own backend to hide the Datadog destination URL from blockers.
• uBlock had to deploy scriptlet injection — actual JS injected into the page to intercept fetch() at the API level — because a network rule wasn't enough.
• Also ships your usage data to Google Analytics. OpenAI. To Google. You cannot make this up.
• Also runs a proof-of-work challenge before you're allowed to type anything.

Gemini:

• play.google.com/log getting hammered with your full session behavior, authenticated with three SAPISIDHASH token variants, piped directly into the Google identity supergraph that correlates everything you've ever done across every Google product since 2004.
• Also creates a Web App Activity record in your Google account timeline. Also has "ads" in one of the telemetry endpoint subdomains.

When uBlock blocks Gemini's requests, the JS exceptions bubble up and Gemini dutifully tries to POST the error details back to Google. uBlock blocks that too. The error messages contain the internal codenames for every upsell popup that failed to load.

KETCHUP_DISCOVERY_CARD.
MUSTARD_DISCOVERY_CARD.
MAYO_DISCOVERY_CARD.

Google named their subscription upsell popups after condiments and I found out because their error handler snitched on them.

All three of these products cost money.
One of them is also running ad infrastructure.

Touch grass. Install @ublockorigin

#infosec #privacy #selfhosted #foss #surveillance

universities in the 1980s: writing the majority of internet standard RFCs and their implementations

universities now: moving away from Microsoft cloud is really hard okay? 🥺