Amid horrific threats from United States president Donald Trump because the US and Iran negotiated a ceasefire, the US authorities warned this week that Iran-linked hackers had been finishing up assaults towards US vitality and water infrastructure targets. With almost one in 5 individuals in Lebanon displaced by Israeli assaults, the federal government is making an attempt to handle the disaster with out fashionable digital infrastructure and an emergency system that’s barely hanging on. Plus, a WIRED evaluation checked out Syrian authorities account hijacks in March and the inadequacies they expose in Syria’s baseline cybersecurity defenses.
Amid rising fears of political violence, a WIRED investigation discovered that US political candidates are spending extra on safety, together with buying tools like residence alarms and bulletproof vests. And up to date analysis Telegram teams discovered that males are sharing 1000’s of nonconsensual photographs of ladies and women, buying spy ware to make use of towards their wives and mates, and fascinating in doxing and sexual abuse. In the meantime, as governments scramble to deal with rising industrial scamming originating from Southeast Asia, China has emerged as the largest enforcer, but in addition a selective one, leading to crime syndicates shifting their focus overseas to keep away from Chinese language targets.
Anthropic formally introduced its new Claude Mythos Preview mannequin this week and mentioned that for now it’ll solely make the mannequin obtainable to a choose group of some dozen main tech and monetary organizations, together with Apple, Microsoft, Google, and the Linux Basis. The consortium, dubbed Undertaking Glasswing, will discover Mythos Preview’s superior hacking and different cybersecurity capabilities and assess the perfect methods to enhance software program and {hardware} defenses earlier than capabilities like those in Mythos Preview proliferate extra broadly throughout different fashions and inevitably find yourself within the arms of attackers. The bulletins sparked controversy about whether or not Mythos Preview and related capabilities will really be as consequential for cybersecurity as Anthropic says. Consultants advised WIRED that whereas it will not be a dramatic disaster, it will be important for defenders to come back collectively and use their early entry to make adjustments in how software program is developed and the way organizations all over the world put money into patching.
Lastly, a WIRED investigation discovered that nonprofit teams linked to Customs and Border Safety amenities had been promoting problem cash that celebrated the Trump administration’s immigration raids, together with one coin that depicted Charlotte’s Internet characters in riot gear.
And there’s extra. Every week, we spherical up the safety and privateness information we didn’t cowl in depth ourselves. Click on the headlines to learn the total tales. And keep secure on the market.
The FBI not too long ago bought its arms on copies of encrypted Sign messages being despatched to a defendant’s iPhone as a result of the contents of these messages had been included in push notifications, 404 Media stories. Regardless that Sign had been faraway from the cellphone previous to it being seized by the FBI, the notifications nonetheless lived on within the cellphone’s inside reminiscence.
The difficulty impacts all apps that ship push notifications, not simply Sign, however customers of that app can alter their settings to not present the content material of a message or the identify of the sender in push notifications. To regulate your settings for notifications going ahead, open Sign and go to Settings, then Notifications, and alter the choice to Identify Solely or No Identify or Content material.
Regardless of the tenuous and contested ceasefire enacted within the US-Israel struggle with Iran, tens of tens of millions of bizarre Iranians are nonetheless with out common and dependable web connectivity. The regime-imposed web blackout, which began throughout the first hours of the struggle on February 28, is now reaching the 1,000 hour level, in keeping with web monitoring group NetBlocks. In current weeks, the web shutdown has develop into the longest in Iranian historical past and one of many longest worldwide—depriving Iranians of correct information in regards to the struggle, stopping them contacting household and family members, and inflicting additional financial hurt to the nation. US-based Iranian digital rights venture Filter Watch has detailed how the Iranian regime, whereas being bombarded throughout the battle, has labeled anti-censorship instruments as “malicious” and claimed to have arrested people utilizing Starlink web connections to get across the block.
The FBI’s annual web crime report sometimes paints a bleak image: year-on-year, the variety of cybercrime stories will increase and the amount of cash misplaced by People shoots up. Sadly, 2025 was no totally different. Final 12 months, in keeping with the FBI’s annual report, losses reported to the Web Crime Grievance Heart topped $20 billion—a rise of 26 % in comparison with 2024. Greater than half of those reported losses ($11.3 billion) had been linked to cryptocurrency scams, typically via fraudulent funding schemes, in keeping with the FBI. Enterprise e mail compromise, tech and buyer assist scams, private information breaches, and confidence or romance scams, make up the opposite commonest crime stories. Crimes mentioning AI led to $893 million in losses.
Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, permitting enterprise customers to compose and skim E2EE messages natively on cell for the primary time with out separate apps or mail portals required. Encrypted emails seem as commonplace threads within the Gmail app for recipients utilizing Gmail, whereas these on different suppliers can entry them through a safe browser view. This rollout builds on the client-side encryption mannequin launched to Google Workspace net customers in April 2025, the place messages are encrypted with customer-controlled keys, stopping Google from accessing their contents. The method is especially interesting for organizations with strict compliance necessities, together with HIPAA, export controls, and information sovereignty rules.
Entry, nevertheless, stays restricted: The characteristic is out there solely to Google Workspace Enterprise Plus clients with the Assured Controls or Assured Controls Plus add-on, and isn’t supported for private Gmail accounts. Directors should additionally explicitly allow the Android and iOS purchasers within the admin interface earlier than eligible customers can entry the characteristic, which is off by default. Finish customers then toggle encryption per-message by tapping the lock icon and choosing “Extra encryption,” mirroring the net workflow. The rollout is out there instantly to each Fast Launch and Scheduled Launch domains.
