7+ hour, 55+ min ago  (309+ words) OpenAI has revealed that a Chinese law enforcement-linked account used ChatGPT to plan smear campaigns against CCP critics and Japan's Prime Minister Takaichi. Separately, activist Hui Bo had her X account mass-reported until it was restricted as of November 29, 2025, after…...

8+ hour, 9+ min ago  (1013+ words) A hacker has weaponized Anthropic's Claude AI to breach Mexico's tax and voter databases, stealing 150GB of sensitive data in a month-long espionage campaign. In December 2025, an unidentified actor used Anthropic's AI to autonomously breach multiple Mexican government systems over one…...

3+ day, 7+ hour ago  (976+ words) Researchers have exposed OpenAI's covert Persona watchlist, active since 2023, screening users for government agencies via 53 MB of leaked source code. Using only a browser, security researchers pulled 53 MB of unprotected TypeScript source code from a FedRAMP-certified production server. What they…...

3+ day, 8+ hour ago  (595+ words) EFF and F-Droid have led 37 organizations in demanding Google rescind its mandatory Android developer registration policy set to take effect in September 2026. Starting in September 2026, any developer distributing apps outside Google's Play Store who has not registered their identity with…...

3+ day, 8+ hour ago  (449+ words) Microsoft has patched a Copilot bug that exposed confidential Outlook emails and expanded DLP controls to cover all storage locations via Microsoft Purview. The new architecture shifts label provision to the client endpoint, so the DLP policy evaluates sensitivity at…...

5+ day, 6+ hour ago  (278+ words) Moreover, enforcement reached beyond OpenClaw. Forum reports documented bans tied to multiple tools: OpenCode, the antigravity-cockpit browser extension, and pi harness, all routing Antigravity OAuth tokens through non-Google products. Suspension also revoked Gemini CLI access and Cloud Code Private API…...

5+ day, 8+ hour ago  (511+ words) Microsoft has announced Extended Security Update programs for Windows 10 LTSB 2016 and Windows Server 2016, with ESU pricing from $61 per device per year. After those dates, affected systems will no longer receive monthly quality updates, security updates, or technical support from Microsoft....

5+ day, 8+ hour ago  (744+ words) Anthropic has launched Claude Code Security, an AI vulnerability scanner that found 500+ undetected bugs, plus desktop automation and GitHub PR auto-merge. Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches…...

1+ week, 1+ day ago  (779+ words) Russia-linked hackers have hijacked Microsoft Entra accounts by abusing OAuth 2.0 device code flow to bypass MFA, with Storm-2372 leading active campaigns. This technique exploits the OAuth 2.0 device authorization flow, designed for devices like smart TVs and gaming consoles, to bypass…...

1+ week, 1+ day ago  (575+ words) Fake CAPTCHA pages have tricked Windows users into running commands that install StealC malware, exposing browser, Outlook, Steam, and crypto credentials. Security checks that users trust are being repurposed as malware traps. According to security researchers at LevelBlue fake CAPTCHA…...