Lightnews — Scholar-powered news

Reposted by Zack Whittaker

Marisa Kabas @marisakabas.bsky.social · 2h

EXCLUSIVE — DHS Acting General Counsel sent out a memo Wednesday to all Federal Protective Service staff (the sub-agency that guards federal buildings) letting officers know they could take any action necessary "in the vicinity" federal property to protect themselves.

The Handbasket reports:

DHS top lawyer says 'no legal barrier' to actions officers can take to defend federal property

In a memo obtained exclusively by The Handbasket, Federal Protective Service (FPS) officers were given free rein.

www.thehandbasket.co

44 480 900

Reposted by Zack Whittaker

Kevin Collier @kevincollier.bsky.social · 8h

New: We jailbroke four versions of ChatGPT to get instructions on how to create viruses and chemical weapons.

The instructions were all flawed, and the it didn't work on GPT-5. But 4 of the 5 big AI companies have internally found their top models are close to being able to tutor bioterrorists.

ChatGPT safety systems can be bypassed to get weapons instructions

NBC News found that OpenAI’s models repeatedly provided answers on making chemical and biological weapons.

www.nbcnews.com

6 57 99

Reposted by Zack Whittaker

TechCrunch @techcrunch.com · 3h

Staffers at U.S. cybersecurity agency CISA have been reassigned to ICE and CBP as part of the Trump administration’s crackdown on immigration.

Homeland Security reassigns 'hundreds' of CISA cyber staffers to support Trump's deportation crackdown | TechCrunch

Staffers at U.S. cybersecurity agency CISA have been reassigned to ICE and CBP as part of the Trump administration’s crackdown on immigration.

techcrunch.com

6 14 18

Reposted by Zack Whittaker

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 3h

SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.

Spyware maker NSO Group confirms acquisition by US investors | TechCrunch

NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.

techcrunch.com

2 45 52

Reposted by Zack Whittaker

Carly Page @carlypage.bsky.social · 8h

Cops have seized the latest incarnation of Breach Forums, which had become the public-facing leak shop for Scattered Lapsus$ Hunters' latest extortion campaign.

The group claims the takedown has "no impact" on its planned leak of ~1 billion Salesforce records www.theregister.com/2025/10/10/c...

Cops seize Scattered Lapsus$ Hunters' BreachForums domain

: US and French fuzz pull the plug on Scattered Lapsus$ Hunters' latest leak shop targeting Salesforce

www.theregister.com

3 4

Reposted by Zack Whittaker

Joseph Cox @josephcox.bsky.social · 20h

They're animating the law enforcement seizure notices now. This was just uploaded to the Scattered LAPSUS$ Hunters site that was threatening to dump Salesforce customer data. The dark web version remains online.

11 12 88

Reposted by Zack Whittaker

Andrew Couts @couts.bsky.social · 1d

NEW: The developers whose ICE-related apps were removed from the Apple App Store say they're preparing to fight back. @thiccreese.bsky.social and @lhn.bsky.social report: www.wired.com/story/apple-...

Apple Took Down ICE-Tracking Apps. Their Developers Aren't Giving Up

“We are going to do everything in our power to fight this,” says ICEBlock developer Joshua Aaron after Apple removed his app from the App Store.

www.wired.com

7 59 200

Reposted by Zack Whittaker

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 1d

NEW: A prominent Italian businessman was reportedly targeted with Paragon spyware, widening the surveillance scandal in Italy, according to local news reports.

techcrunch.com/2025/10/09/i...

Italian businessman's phone reportedly targeted with Paragon spyware | TechCrunch

The alleged targeting of prominent Italian businessman Francesco Gaetano Caltagirone now widens the Paragon spyware scandal in Italy to victims beyond journalists and activists.

techcrunch.com

1 6 7

Reposted by Zack Whittaker

404 Media @404media.co · 1d

BREAKING: A catastrophic breach has impacted Discord user data including selfies and identity documents uploaded as part of the app’s verification process, email addresses, phone numbers, approximately where the user lives, and much more.

🔗 www.404media.co/the-discord-...

The Discord Hack is Every Users’ Worst Nightmare

A hack impacting Discord’s age verification process shows in stark terms the risk of tech companies collecting users’ ID documents. Now the hackers are posting peoples’ IDs and other sensitive informa...

www.404media.co

83 1.6K 2.4K

Reposted by Zack Whittaker

Troy Hunt @troyhunt.com · 1d

As the clock counts down to the deadline the Qantas hackers have threatened to publish their data on, how much will the court injunction actually help the breach victims (which includes me)? www.troyhunt.com/court-injunc...

Court Injunctions are the Thoughts and Prayers of Data Breach Response

You see it all the time after a tragedy occurs somewhere, and people flock to offer their sympathies via the "thoughts and prayers" line. Sympathy is great, and we should all express that sentiment…

www.troyhunt.com

2 9 23

Zack Whittaker @zackwhittaker.com · 2d

cat-in-the-middle attack

3

Reposted by Zack Whittaker

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 2d

Here's an updated list of all the technology ICE has in its arsenal to mass deport people.

We've added new sections on cell-site simulators and cellphone location data.

techcrunch.com/2025/10/08/h...

Here's the tech powering ICE's deportation crackdown | TechCrunch

From phone spyware and facial recognition to phone unlocking technology and databases and more, this tech powers Trump's deportation machine.

techcrunch.com

1 22 28

Zack Whittaker @zackwhittaker.com · 2d

Exactly. Advanced persistent teenagers are one of the loudest and most disruptive threats today.

Cynthia Brumfield @metacurity.com · 2d

Forget about nation-states for a moment: The top four items in today's Metacurity all deal with serious cybersecurity threats emanating from teen hackers.

Don't miss today's issue for the complete run-down of infosec developments you should know, including 1/5
www.metacurity.com/shinyhunters...

ShinyHunters threatens to release data stolen from dozens of Fortune 500 firms

Salesforce refuses to pay ShinyHunters ransom, Qantas braces for the release of its data, Two teens busted for Kido nurseries cyberattack, Qilin claims attack on Asahi, Chinese hackers infiltrated Wil...

www.metacurity.com

10

Reposted by Zack Whittaker

Frederic Lardinois @fredericl.bsky.social · 2d

Got a tip last night that GitHub is moving all of its infra over to Azure. Ideally within the next year. It's such a priority for the company, with its own data center resource-constrained, that it will delay feature development to get that done ASAP. thenewstack.io/github-will-...

GitHub Will Prioritize Migrating to Azure Over Feature Development

GitHub is working on migrating all of its infrastructure to Azure, even though this means it'll have to delay some feature development.

thenewstack.io

1 4 10

Reposted by Zack Whittaker

Ed Zitron @edzitron.com · 2d

Kind of pissed off now because I’ve now seen at least four different pieces that are just this but reworded lol but oh well if you want to know stuff early sign up for my premium

Ed Zitron @edzitron.com · 14d

Premium newsletter: Based on my estimates and analysis, OpenAI needs one trillion dollars in the next four years to build 17GW of data centers and other commitments, with at least $500 billion needed for company operations. There is not enough capital to do this.

www.wheresyoured.at/openai-onetr...

OpenAI Needs A Trillion Dollars In The Next Four Years

Shortly before publishing this newsletter, I spoke with analyst Gil Luria, Managing Director and Analyst at D.A. Davidson, and asked him whether the capital was there to build the 17 Gigawatts of capa...

www.wheresyoured.at

9 45 450

Reposted by Zack Whittaker

Cynthia Brumfield @metacurity.com · 2d

www.bloomberg.com/news/article...

Salesforce Tells Clients It Won’t Pay Hackers for Data Extortion

Salesforce Inc. told customers Tuesday that it won’t pay a ransom demand from a hacker who claimed to have stolen a large amount of client data and threatened to publish it, according to an email seen...

www.bloomberg.com

1 2

Zack Whittaker @zackwhittaker.com · 3d

Scoop, by @lorenzofb.bsky.social: A federal contract shows ICE spent $825,000 on vans equipped with fake cellphone towers known as cell-site simulators, which can be used to spy on nearby phones.

ICE bought vehicles equipped with fake cell towers to spy on phones | TechCrunch

The federal contract shows ICE spent $825,000 on vans equipped with “cell-site simulators” which allow the real-world location tracking of nearby phones and their owners.

techcrunch.com

14 210 290

Reposted by Zack Whittaker

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 3d

NEW: ICE purchased custom-made vans from a company called TechOps Specialty Vehicles (TOSV) that are equipped with fake cellphone towers designed to spy on phones.

TOSV president said the company integrates the cell-site simulators into their vans, but does not manufacture the surveillance tool.

ICE bought vehicles equipped with fake cell towers to spy on phones | TechCrunch

The federal contract shows ICE spent $825,000 on vans equipped with “cell-site simulators” which allow the real-world location tracking of nearby phones and their owners.

techcrunch.com

4 120 160

Reposted by Zack Whittaker

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 3d

NEW: Blockchain monitoring firm Elliptic says North Korean hackers have stolen more than $2 billion in crypto this year, an all-time record, with three more months to go.

The estimate is based on more than thirty hacks against crypto exchanges and also “high-net-worth individuals.”

North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say | TechCrunch

Blockchain monitoring firm Elliptic said this year’s total is already an all-time record for the North Korean regime.

techcrunch.com

2 10 12

Reposted by Zack Whittaker

Zack Whittaker @zackwhittaker.com · 3d

The bug (known as an IDOR) was really easy to exploit, thanks to a lack of security checks. Anyone logged in to India's income tax dept's e-Filing system could've accessed the sensitive financial and personal information of anyone else.

The e-Filing system has over 135 million registered users. 🫠

Exclusive: Bug in India's income tax portal exposed taxpayers’ sensitive data

TechCrunch verified that the security bug in the Indian Income Tax Department's e-Filing portal exposed taxpayers' data to other users. The security researchers who found the flaw say the data leak is...

techcrunch.com

1 4

Zack Whittaker @zackwhittaker.com · 3d

The bug (known as an IDOR) was really easy to exploit, thanks to a lack of security checks. Anyone logged in to India's income tax dept's e-Filing system could've accessed the sensitive financial and personal information of anyone else.

The e-Filing system has over 135 million registered users. 🫠

Exclusive: Bug in India's income tax portal exposed taxpayers’ sensitive data

TechCrunch verified that the security bug in the Indian Income Tax Department's e-Filing portal exposed taxpayers' data to other users. The security researchers who found the flaw say the data leak is...

techcrunch.com

1 4

Zack Whittaker @zackwhittaker.com · 3d

SCOOP: India's income tax authority has fixed a major bug that was exposing taxpayers' sensitive data to any other signed-in user, according to the researchers who found it.

TechCrunch's @journalistjagmeet.com verified the data exposure by asking the researchers to check his own records.

Exclusive: Bug in India's income tax portal exposed taxpayers’ sensitive data

TechCrunch verified that the security bug in the Indian Income Tax Department's e-Filing portal exposed taxpayers' data to other users. The security researchers who found the flaw say the data leak is...

techcrunch.com

1 11 24

Zack Whittaker @zackwhittaker.com · 3d

Oracle is the same company tapped to store data on U.S. TikTok users, so... not a great look to have spilled a ton of executives' personal data.

Clop raid on Oracle EBS started months ago, say researchers

: Strap in, admins. Exploits began in August and now the code is out there

www.theregister.com

2 8 24

Reposted by Zack Whittaker

Jason Koebler @jasonkoebler.bsky.social · 3d

NEW: In May, a Texas police department said they used the powerful Flock surveillance network against a woman who had an abortion "for her safety"

Newly obtained court records show it was a 'death investigation,' and they considered charging her with a crime

www.404media.co/police-said-...

Police Said They Surveilled Woman Who Had an Abortion for Her 'Safety.' Court Records Show They Considered Charging Her With a Crime

Court records show that the narrative Flock and a Texas Sheriff's Office has told the public isn't the whole story, and that police were conducting a 'death investigation' into the abortion.

www.404media.co

30 750 1.4K

Reposted by Zack Whittaker

Cynthia Brumfield @metacurity.com · 3d

Things are moving fast in cyber world, so don't miss today's Metacurity for the most critical developments you should know, including

--ShinyHunters is extorting Red Hat, LAPSUS$ teen in UK custody may be connected, 1/4
www.metacurity.com/shinyhunters...

ShinyHunters is extorting Red Hat, LAPSUS$ teen in UK custody may be connected

Jaguar Land Rover to resume production at some sites, Apple faces French probe over Siri recordings, SEC probes AppLovin's data collection practices, Google's CodeMender is a security Swiss army knife...

www.metacurity.com

1 1 4