Japan to allow ‘proactive cyber-defense’ from October 1st • The Register - online the nation faces “the most complicated national security environment” since World War II, and because “society as a whole is proceeding with digitalization.”
Linux Foundation wants to shield FOSS devs from AI bug slop • The Register - “OpenSSF has the active resources needed to support numerous projects that will help these overworked maintainers with the triage and processing of the increased AI-generated security reports they are currently receiving.”
Iran cyberattack against med tech firm ‘just the beginning’ • The Register - “Cyber and terrorism are the two levers that I believe Iran will pull now that their navy is decimated,” retired US Army Lt. Gen. Ross Coffman told The Register. “What we saw against Stryker - it’s just the beginning.”
World pitch: scan eyeballs to tie identity to AI agents • The Register - According to World, AgentKit allows verified World ID holders (i.e., those who’ve had their irises scanned by an orb) to delegate their World IDs to AI agents, essentially serving as cryptographic proof of the individual behind the agent. A single human is allowed to delegate their World ID to as many agents as they want.
North Korean’s 100k fake IT workers net $500M a year for Kim • The Register - It cites information from the US Government that these IT workers can earn more than $300,000 a year, and upwards of 100,000 North Koreans are spread across 40 countries generating approximately $500 million a year for Pyongyang.
Google creates installation path for unverified Android apps • The Register - “There is a one-time, one-day wait and then you can confirm that this is really you who’s making this change with our biometric authentication (fingerprint or face unlock) or device PIN,” said Forsythe. “Scammers rely on manufactured urgency, so this breaks their spell and gives you time to think.”
Microsoft: Removing some Copilots will improve Windows 11 • The Register - “You will see us be more intentional about how and where Copilot integrates across Windows, focusing on experiences that are genuinely useful and well crafted,” Davuluri wrote. “As part of this, we are reducing unnecessary Copilot entry points, starting with apps like Snipping Tool, Photos, Widgets and Notepad.”
UK cops suspend live facial recog as study finds racial bias • The Register - A UK police force has suspended its deployment of live facial recognition (LFR) technology after a study revealed it was statistically more likely to identify Black people on a watchlist database.
Author’s Note: It’s not just Black people, its older white women, and others. Basically any demographic that the tech wasn’t including in the original training pool Tennessee grandmother jailed after AI facial recognition error links her to fraud | Tennessee | The Guardian
Chip tester shrugged off ransomware – then came the leak • The Register - “On March 18, the incident escalated and resulted in the unauthorized disclosure of certain Company data,” the company said in an 8-K filing with the SEC. “Following this development, management concluded that the incident may constitute a material cybersecurity event.”
US bans any new consumer-grade routers not made in America • The Register - The Federal Communications Commission (FCC) has updated its Covered List to include all foreign-made consumer routers, prohibiting the approval of any new models. For clarification, the FCC says this change does not prevent the import, sale, or use of any existing models that the agency previously authorized.
Cyberattack on vehicle breathalyzer company leaves drivers stranded across the US | TechCrunch - These breathalyzer devices need to be calibrated every few months or so, but the cyberattack has left Intoxalock unable to perform these calibrations. The company said customers whose devices require calibration may experience delays starting their vehicles.
Someone has publicly leaked an exploit kit that can hack millions of iPhones | TechCrunch - Researchers are warning that this will allow any hacker to easily use the tools to target iPhone users running older versions of Apple’s operating systems who have not yet updated to its latest iOS 26 software. This likely affects hundreds of millions of actively used iPhones and iPads, according to Apple’s own data on out-of-date devices. Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Self-propagating malware poisons open source software and wipes Iran-based machines - Ars Technica - Initially, an attacker had to manually spread the worm across every package a compromised npm token had access to. Later versions pushed over the weekend removed this requirement, giving it ever more reach.
Supply-chain attack using invisible code hits GitHub and other repositories - Ars Technica - The invisible code is rendered with Private Use Areas (sometimes called Private Use Access), which are ranges in the Unicode specification for special characters reserved for private use in defining emojis, flags, and other symbols. The code points represent every letter of the US alphabet when fed to computers, but their output is completely invisible to humans. People reviewing code or using static analysis tools see only whitespace or blank lines. To a JavaScript interpreter, the code points translate into executable code.
Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages - “If the URL contains youtube[.]com, the script skips it,” Eriksen explained. “This is the canister’s dormant state. The attacker arms the implant by pointing the canister at a real binary, and disarms it by switching back to a YouTube link. If the attacker updates the canister to point to a new URL, every infected machine picks up the new binary on its next poll. The old binary keeps running in the background since the script never kills previous processes.”
Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware - The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients into opening malicious attachments, scanning QR code, or interacting with suspicious links.