Lightnews — Scholar-powered news

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 20h

NEW: ICE purchased custom-made vans from a company called TechOps Specialty Vehicles (TOSV) that are equipped with fake cellphone towers designed to spy on phones.

TOSV president said the company integrates the cell-site simulators into their vans, but does not manufacture the surveillance tool.

ICE bought vehicles equipped with fake cell towers to spy on phones | TechCrunch

The federal contract shows ICE spent $825,000 on vans equipped with “cell-site simulators” which allow the real-world location tracking of nearby phones and their owners.

techcrunch.com

4 100 130

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 20h

NEW: Blockchain monitoring firm Elliptic says North Korean hackers have stolen more than $2 billion in crypto this year, an all-time record, with three more months to go.

The estimate is based on more than thirty hacks against crypto exchanges and also “high-net-worth individuals.”

North Korean hackers stole over $2 billion in crypto so far in 2025, researchers say | TechCrunch

Blockchain monitoring firm Elliptic said this year’s total is already an all-time record for the North Korean regime.

techcrunch.com

2 10 11

Reposted by Lorenzo Franceschi-Bicchierai

Zack Whittaker @zackwhittaker.com · 22h

SCOOP: India's income tax authority has fixed a major bug that was exposing taxpayers' sensitive data to any other signed-in user, according to the researchers who found it.

TechCrunch's @journalistjagmeet.com verified the data exposure by asking the researchers to check his own records.

Exclusive: Bug in India's income tax portal exposed taxpayers’ sensitive data

TechCrunch verified that the security bug in the Indian Income Tax Department's e-Filing portal exposed taxpayers' data to other users. The security researchers who found the flaw say the data leak is...

techcrunch.com

1 11 24

Reposted by Lorenzo Franceschi-Bicchierai

Zack Whittaker @zackwhittaker.com · 4d

Several hacked companies, including Workday, don't appear on the hackers' dark web leak site.

I asked the hackers why, such as if the companies paid them a ransom. ShinyHunters acknowledged that "there are numerous other companies that have not been listed," but declined to say why.

Hacking group claims theft of 1 billion records from Salesforce customer databases | TechCrunch

The hacking group claims to have stolen about a billion records from companies, including FedEx, Qantas, and TransUnion, who store their customer and company data in Salesforce.

techcrunch.com

1 14

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 4d

NEW: The predominantly English-speaking amorphous hacking group known as Scattered Spider/Lapsus$/etc has launched a website to publicize their victims and extort them.

This is the first time the group has such a public presence, indicating an escalation in their strategy.

Hacking group claims theft of 1 billion records from Salesforce customer databases | TechCrunch

The hacking group claims to have stolen about a billion records from companies, including FedEx, Qantas, and TransUnion, who store their customer and company data in Salesforce.

techcrunch.com

2 7 10

Reposted by Lorenzo Franceschi-Bicchierai

Zack Whittaker @zackwhittaker.com · 5d

NEW: Google says hackers associated with the Clop ransomware gang are sending extortion emails to executives at "numerous" organizations after claiming to have stolen their data from a suite of corporate business apps developed by Oracle.

Hackers are sending extortion emails to executives after claiming Oracle apps' data breach | TechCrunch

Google says hackers associated with the Clop ransomware gang are emailing executives at multiple organizations claiming to have stolen their personal information from a suite of Oracle E-Business apps...

techcrunch.com

17 36

Reposted by Lorenzo Franceschi-Bicchierai

Jason Koebler @jasonkoebler.bsky.social · 6d

The Sora thing is so bleak and shows how far we've come from AI companies pretending they did not train on copyrighted material

www.404media.co/openais-sora...

OpenAI’s Sora 2 Copyright Infringement Machine Features Nazi SpongeBobs and Criminal Pikachus

The main use of Sora appears to generate brainrot of major beloved copyrighted characters, to say nothing of the millions of articles, images, and videos OpenAI has scraped.

www.404media.co

20 410 1.5K

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 6d

NEW: Chinese tech giant Anker offered users of its Eufy cameras to upload videos of package and car thefts to train its AI systems in exchange for money.

At least a hundred users participated, but the company did not share the final numbers. Eufy has a similar initiative that offers other rewards.

Anker offered to pay Eufy camera owners to share videos for training its AI | TechCrunch

Hundreds of Eufy customers have donated hundreds of thousands of videos to train the company’s AI systems.

techcrunch.com

6 12

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 6d

UPDATE: Apple told us that it is "gravely disappointed" that it still cannot offer Advanced Data Protection (ADP) to users in the United Kingdom.

The company did not address the report that says the U.K. government sent it a new order to enable backdoor access to end-to-end encrypted iCloud.

UK government tries again to access encrypted Apple customer data: report | TechCrunch

The U.K. Home Office is seeking access to Apple users’ encrypted iCloud backups for a second time, after an earlier attempt failed earlier this year.

techcrunch.com

1 4 7

Reposted by Lorenzo Franceschi-Bicchierai

Joseph Cox @josephcox.bsky.social · 7d

New from 404 Media: ICE to buy tool that tracks locations of hundreds of millions of phones every day. Billions of pieces of location data. ICE previously stopped using data remotely harvested from smartphones. Now it's buying it again. Usually used w/o warrant
www.404media.co/ice-to-buy-t...

ICE to Buy Tool that Tracks Locations of Hundreds of Millions of Phones Every Day

Documents show that ICE has gone back on its decision to not use location data remotely harvested from peoples' phones. The database is updated every day with billions of pieces of location data.

www.404media.co

19 250 340

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 6d

NEW: The U.K. government is reportedly once again requesting Apple build a backdoor so government officials can access end-to-end encrypted iCloud backups in the U.K.

Last time this happened, Apple disabled iCloud's Advanced Data Protection, the opt-in feature that lets users encypt cloud backups.

UK government tries again to access encrypted Apple customer data: report | TechCrunch

The U.K. Home Office is seeking access to Apple users’ encrypted iCloud backups for a second time, after an earlier attempt failed earlier this year.

techcrunch.com

2 11 22

Reposted by Lorenzo Franceschi-Bicchierai

John Scott-Railton @jsrailton.bsky.social · 7d

NEW: turns out the EU helped finance a bunch of spyware companies with..public money.

Extremely bad look.

Group of MEPs calls for action.👇

apache.be/2025/10/01/e...

1 65 94

Reposted by Lorenzo Franceschi-Bicchierai

Zack Whittaker @zackwhittaker.com · 7d

New: Last night in the Senate, Ted Cruz blocked a bill that would have prevented data brokers from selling personal data on anyone in the United States, and not just federal lawmakers and government officials.

Ted Cruz blocks bill that would extend privacy protections to all Americans | TechCrunch

The Texas senator blocked a bill that would have prevented data brokers from selling personal data on anyone in the United States, and not just federal lawmakers and government officials.

techcrunch.com

51 620 1.4K

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 7d

NEW: A cyberattack has forced Japan's beer maker Asahi to suspend operations at its plants in the country since Monday.

For now, the company said it's experiencing a "system failure" but did not confirm "leakage of personal information or customer data to external parties."

Japan's beer-making giant Asahi stops production after cyberattack | TechCrunch

A day after one of Japan's biggest brewers, Asahi Group, announced it suspended production due to a cyberattack, the company said it has no timeline for its recovery.

techcrunch.com

1 9 13

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 8d

One step closer to AGI. Amazing.

Techmeme @techmeme.com · 8d

OpenAI rolls out Instant Checkout to let users make single-item purchases directly in ChatGPT, starting with US Etsy sellers, and plans to add Shopify merchants (Ashley Capoot/CNBC)

Main Link | Techmeme Permalink

2 3 18

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 8d

For the record this is a non original copy of the sock puppet we used for the video interview

2

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 11d

I am not an AI expert nor I write about it that much at all. But y’all, chatbots don’t and never will have opinions. Stop pretending they do.

Kashmir Hill @kashhill.bsky.social · 11d

Not the point of this piece exactly but a great example of how chatbot validation could increase polarization

www.nytimes.com/2025/09/26/w...

3 4 20

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 12d

Alternative headline: app based on a terrible idea didn’t even bother taking care of the most basic of precautions to protect its users.

Zack Whittaker @zackwhittaker.com · 12d

NEW: Neon, an app that pays you to record your calls so your audio can be used to train AI, and already rose to the top #5 free apps on Apple's App Store, has gone offline after a security lapse.

We found the app exposed users' phone numbers, call recordings, and text transcripts of those calls.

Exclusive: Neon takes down app after exposing users' phone numbers, call recordings, and transcripts

Call recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user.

techcrunch.com

4 19

Reposted by Lorenzo Franceschi-Bicchierai

Zack Whittaker @zackwhittaker.com · 12d

NEW: Neon, an app that pays you to record your calls so your audio can be used to train AI, and already rose to the top #5 free apps on Apple's App Store, has gone offline after a security lapse.

We found the app exposed users' phone numbers, call recordings, and text transcripts of those calls.

Exclusive: Neon takes down app after exposing users' phone numbers, call recordings, and transcripts

Call recording app Neon was one of the top-ranked iPhone apps, but was pulled offline after a security bug allowed any logged-in user to access the call recordings and transcripts of any other user.

techcrunch.com