For more than a decade, the nonprofit Common Crawl "has been scraping billions of webpages to build a massive archive of the internet," notes the Atlantic, making it freely available for research. "In recent years, however, this archive has been put to a controversial purpose: AI companies including OpenAI, Google, Anthropic, Nvidia, Meta, and Amazon have used it to train large language models.

"In the process, my reporting has found, Common Crawl has opened a back door for AI companies to train their models with paywalled articles from major news websites. And the foundation appears to be lying to publishers about this — as well as masking the actual contents of its archives..." Common Crawl's website states that it scrapes the internet for "freely available content" without "going behind any 'paywalls.'" Yet the organization has taken articles from major news websites that people normally have to pay for — allowing AI companies to train their LLMs on high-quality journalism for free. Meanwhile, Common Crawl's executive director, Rich Skrenta, has publicly made the case that AI models should be able to access anything on the internet. "The robots are people too," he told me, and should therefore be allowed to "read the books" for free. Multiple news publishers have requested that Common Crawl remove their articles to prevent exactly this use. Common Crawl says it complies with these requests. But my research shows that it does not.

I've discovered that pages downloaded by Common Crawl have appeared in the training data of thousands of AI models. As Stefan Baack, a researcher formerly at Mozilla, has written, "Generative AI in its current form would probably not be possible without Common Crawl." In 2020, OpenAI used Common Crawl's archives to train GPT-3. OpenAI claimed that the program could generate "news articles which human evaluators have difficulty distinguishing from articles written by humans," and in 2022, an iteration on that model, GPT-3.5, became the basis for ChatGPT, kicking off the ongoing generative-AI boom. Many different AI companies are now using publishers' articles to train models that summarize and paraphrase the news, and are deploying those models in ways that steal readers from writers and publishers.

Common Crawl maintains that it is doing nothing wrong. I spoke with Skrenta twice while reporting this story. During the second conversation, I asked him about the foundation archiving news articles even after publishers have asked it to stop. Skrenta told me that these publishers are making a mistake by excluding themselves from "Search 2.0" — referring to the generative-AI products now widely being used to find information online — and said that, anyway, it is the publishers that made their work available in the first place. "You shouldn't have put your content on the internet if you didn't want it to be on the internet," he said. Common Crawl doesn't log in to the websites it scrapes, but its scraper is immune to some of the paywall mechanisms used by news publishers. For example, on many news websites, you can briefly see the full text of any article before your web browser executes the paywall code that checks whether you're a subscriber and hides the content if you're not. Common Crawl's scraper never executes that code, so it gets the full articles.

Thus, by my estimate, the foundation's archives contain millions of articles from news organizations around the world, including The Economist, the Los Angeles Times, The Wall Street Journal, The New York Times, The New Yorker, Harper's, and The Atlantic.... A search for nytimes.com in any crawl from 2013 through 2022 shows a "no captures" result, when in fact there are articles from NYTimes.com in most of these crawls.
"In the past year, Common Crawl's CCBot has become the scraper most widely blocked by the top 1,000 websites," the article points out...

San Francisco's local newscast ABC7 runs a consumer advocacy segment called "7 on Your Side". They received a disturbing call for help from Dave Dornlas, treasurer of a nonprofit supporting a local library: GoFundMe has taken upon itself to create "nonprofit pages" for 1.4 million 501C-3 organizations using public IRS data along with information from trusted partners like the PayPal Giving Fund. "The fact that they would just on their own build pages for nonprofits that they've never spoken to is a problem," [Dornlas] said. "I'm a believer in opt-in, not opt-out...." Dornlas says he struggled to find anyone to contact from GoFundMe about this... Dave's other frustration is tied to the company's optional tipping feature on the platform. "GoFundMe also solicits a tip of 14.5%. In other words, 'We're doing this and we're great people. Give us 14.5% to do this' — which doesn't have to happen," Dornlas said. "That's what bothers me." When 7 On Your Side checked, the optional tip was actually set for 16.5%. The consumer is required to move the bar to adjust accordingly... The tip would be in addition to the 2.2% transaction fee GoFundMe charges nonprofits, plus $0.30 per donation. That fee goes up to 2.9% for individual fundraisers.

Now both GoFundMe pages of Dornlas's nonprofits have been removed from the site. Any organization can do so, by clicking "unpublish" on the platform.
But GoFundMe's move drew strong criticism from the Center for Nonprofit Excellence (a Kentucky-based membership organization with over 500 members). GoFundMe's move, they say, creates "confusion for donors and supporters who are unsure of the legitimacy of the fundraising pages. In some cases, GoFundMe included incorrect information, outdated logos, and other inaccuracies that compromise and misrepresent nonprofits' brand, mission, strategy, and message."

And GoFundMe's processing fees and tips "ultimately result in fewer resources for nonprofits than if donors contributed directly through the organization." But there's more... GoFundMe has initiated SEO optimization as the default for the donation pages to improve their visibility when individuals search forinformation about nonprofits online. This could result in GoFundMe'spages ranking higher than the nonprofit's own website, pulling away potential donors and supporters...

Without adequate safeguards in place, nonprofits report serious issues, ranging from unauthorized individuals claiming donations and the inability to remove pages without first agreeing to GoFundMe's terms and conditions or sharing sensitive banking information.
The Center for Nonprofit Excellence has now joined with the National Council of Nonprofits — America's largest network of nonprofits, with over 25,000 members — to officially urge GoFundMe to immediately rectify the situation.

Thanks to long-time Slashdot reader Arrogant-Bastard for sharing the article.

CBS News investigates what happened when police thought they'd tracked down a "porch pirate" who'd stolen a package — and accused an innocent woman.

"You know why I'm here," the police sergeant tells Chrisanna Elser. "You know we have cameras in that town..." "It went right into, 'we have video of you stealing a package,'" Elser said... "Can I see the video?" Elser asked. "If you go to court, you can," the officer replied. "If you're going to deny it, I'm not going to extend you any courtesy...." [You can watch a video of the entire confrontation.] On her doorstep, the officer issued a summons, without ever looking at the surveillance video Elser had. "We can show you exactly where we were," she told him. "I already know where you were," he replied.

Her Rivian — equipped with multiple cameras — had recorded her entire route that day... It took weeks of her collecting her own evidence, building timelines, and submitting videos before someone listened. Finally, she received an email from the Columbine Valley police chief acknowledging her efforts in an email saying, "nicely done btw (by the way)," and informing her the summons would not be filed.
Elser also found the theft video (which the police officer refused to show her) on Nextdoor, reports Electrek. "The woman has the same color hair, but different facial and nose shape and apparent age than Elser, which is all reasonably apparent when viewing the video..."

But Elser does drive a green Rivian truck, which police knew had entered the neighborhood 20 times over the course of a month. (Though in the video the officer is told that a male driver in the same household passes through that neighborhood driving to and from work.) The problem may be their certainty — derived from Flock's network of cameras that automatically read license plates, "tracking movements of vehicles wherever they go..." The system has provoked concern from privacy and freedom focused organizations like the Electronic Frontier Foundation and American Civil Liberties Union. Flock also recently announced a partnership with Ring, seeking to use a network of doorbell cameras to track Americans in even more places.... [The police] didn't even have video of the truck in the area — merely tags of it entering... (it also left the area minutes later, indicating a drive through, rather than crawling through neighborhoods looking for packages — but police neglected to check the exit timestamps)... Elser has asked for an apology for [officer] Milliman's aggressive behavior during the encounter, but has heard nothing back from the department despite a call, email, and physical appearance at the police station.
The article points out that Rivian's "Road Cam" feature can be set to record footage of everything happening around it using the car's built in cameras for driver-assist features. But if you want to record footage all the time, you'll need to plug in a USB-C external drive to store it. (It's ironic how different cameras recorded every part of this story — the theft, the police officer accusing the innocent woman, and that innocent woman's actual whereabouts.)

Electrek's take? "Citizens should not need to own a $70k+ truck, or even a $100 external hard drive, to keep track of everything they do in order to prove to power-tripping officers that they didn't commit a crime."

Slashdot reader BrianFagioli writes: Password manager 1Password's 2025 Annual Report: The Access-Trust Gap exposes how everyday employees are becoming accidental hackers in the AI era. The company's data shows that 73% of workers are encouraged to use AI tools, yet more than a third admit they do not always follow corporate policies. Many employees are feeding sensitive information into large language models or using unapproved AI apps to get work done, creating what 1Password calls "Shadow AI." At the same time, traditional defenses like single sign-on (SSO) and mobile device management (MDM) are failing to keep pace, leaving gaps in visibility and control.

The report warns that corporate security is being undermined from within. More than half of employees have installed software without IT approval, two-thirds still use weak passwords, and 38% have accessed accounts at previous employers. Despite rising enthusiasm for passkeys and passwordless authentication, 1Password says most organizations still depend on outdated systems that were never built for cloud-native, AI-driven work. The result is a growing "Access-Trust Gap" that could allow AI chaos and employee shortcuts to dismantle enterprise security from the inside.

An anonymous reader quotes a report from ZDNet: Even before Azure had a global failure this week, Austria's Ministry of Economy had taken a decisive step toward digital sovereignty. The Ministry achieved this status by migrating 1,200 employees to a Nextcloud-based cloud and collaboration platform hosted on Austrian-based infrastructure. This shift away from proprietary, foreign-owned cloud services, such as Microsoft 365, to an open-source, European-based cloud service aligns with a growing trend among European governments and agencies. They want control over sensitive data and to declare their independence from US-based tech providers.

European companies are encouraging this trend. Many of them have joined forces in the newly created non-profit foundation, the EuroStack Initiative. This foundation's goal is " to organize action, not just talk, around the pillars of the initiative: Buy European, Sell European, Fund European." What's the motive behind these moves away from proprietary tech? Well, in Austria's case, Florian Zinnagl, CISO of the Ministry of Economy, Energy, and Tourism (BMWET), explained, "We carry responsibility for a large amount of sensitive data -- from employees, companies, and citizens. As a public institution, we take this responsibility very seriously. That's why we view it critically to rely on cloud solutions from non-European corporations for processing this information."

Austria's move and motivation echo similar efforts in Germany, Denmark, and other EU states and agencies. The organizations include the German state of Schleswig-Holstein, which abandoned Exchange and Outlook for open-source programs. Other agencies that have taken the same path away from Microsoft include the Austrian military, Danish government organizations, and the French city of Lyon. All of these organizations aim to keep data storage and processing within national or European borders to enhance security, comply with privacy laws such as the EU's General Data Protection Regulation (GDPR), and mitigate risks from potential commercial and foreign government surveillance.

BrianFagioli shares a report from NERDS.xyz: SUSE is making headlines with the release of SUSE Linux Enterprise Server 16, the first enterprise Linux distribution to integrate agentic AI directly into the operating system. It uses the Model Context Protocol (MCP) to securely connect AI models with data sources while maintaining provider freedom. This gives organizations the ability to run AI-driven automation without relying on a single ecosystem. With a 16-year lifecycle, reproducible builds, instant rollback capabilities, and post-2038 readiness, SLES 16 also doubles down on long-term reliability and transparency.

For enterprises, this launch marks a clear step toward embedding intelligence at the infrastructure level. The system can now perform AI-assisted administration via Cockpit or the command line, potentially cutting downtime and operational costs. SUSE's timing might feel late given the AI boom, but its implementation appears deliberate -- balancing innovation with the stability enterprises demand. It's likely to pressure Red Hat and Canonical to follow suit, redefining what "AI-ready" means for Linux in corporate environments.

An anonymous reader quotes a report from BleepingComputer: The number of victims paying ransomware threat actors has reached a new low, with just 23% of the breached companies giving in to attackers' demands. With some exceptions, the decline in payment resolution rates continues the trend that Coveware has observed for the past six years. In the first quarter of 2024, the payment percentage was 28%. Although it increased over the next period, it continued to drop, reaching an all-time low in the third quarter of 2025.

One explanation for this is that organizations implemented stronger and more targeted protections against ransomware, and authorities increasing pressure for victims not to pay the hackers. [...] Over the years, ransomware groups moved from pure encryption attacks to double extortion that came with data theft and the threat of a public leak. Coveware reports that more than 76% of the attacks it observed in Q3 2025 involved data exfiltration, which is now the primary objective for most ransomware groups. The company says that when it isolates the attacks that do not encrypt the data and only steal it, the payment rate plummets to 19%, which is also a record for that sub-category.

The average and median ransomware payments fell in Q3 compared to the previous quarter, reaching $377,000 and $140,000, respectively, according to Coveware. The shift may reflect large enterprises revising their ransom payment policies and recognizing that those funds are better spent on strengthening defenses against future attacks. The researchers also note that threat groups like Akira and Qilin, which accounted for 44% of all recorded attacks in Q3 2025, have switched focus to medium-sized firms that are currently more likely to pay a ransom. "Cyber defenders, law enforcement, and legal specialists should view this as validation of collective progress," Coveware says. "The work that gets put in to prevent attacks, minimize the impact of attacks, and successfully navigate a cyber extortion -- each avoided payment constricts cyber attackers of oxygen."

Critics question why basic flaws like buffer overflows, command injections, and SQL injections are "being exploited remain prevalent in mission-critical codebases maintained by companies whose core business is cybersecurity," writes CSO Online. Benjamin Harris, CEO of cybersecurity/penetration testing firm watchTowr tells them that "these are vulnerability classes from the 1990s, and security controls to prevent or identify them have existed for a long time. There is really no excuse." Enterprises have long relied on firewalls, routers, VPN servers, and email gateways to protect their networks from attacks. Increasingly, however, these network edge devices are becoming security liabilities themselves... Google's Threat Intelligence Group tracked 75 exploited zero-day vulnerabilities in 2024. Nearly one in three targeted network and security appliances, a strikingly high rate given the range of IT systems attackers could choose to exploit. That trend has continued this year, with similar numbers in the first 10 months of 2025, targeting vendors such as Citrix NetScaler, Ivanti, Fortinet, Palo Alto Networks, Cisco, SonicWall, and Juniper. Network edge devices are attractive targets because they are remotely accessible, fall outside endpoint protection monitoring, contain privileged credentials for lateral movement, and are not integrated into centralized logging solutions...

[R]esearchers have reported vulnerabilities in these systems for over a decade with little attacker interest beyond isolated incidents. That shifted over the past few years with a rapid surge in attacks, making compromised network edge devices one of the top initial access vectors into enterprise networks for state-affiliated cyberespionage groups and ransomware gangs. The COVID-19 pandemic contributed to this shift, as organizations rapidly expanded remote access capabilities by deploying more VPN gateways, firewalls, and secure web and email gateways to accommodate work-from-home mandates. The declining success rate of phishing is another factor... "It is now easier to find a 1990s-tier vulnerability in a border device where Endpoint Detection and Response typically isn't deployed, exploit that, and then pivot from there" [says watchTowr CEL Harris]...

Harris of watchTowr doesn't want to minimize the engineering effort it takes to build a secure system. But he feels many of the vulnerabilities discovered in the past two years should have been caught with automatic code analysis tools or code reviews, given how basic they have been. Some VPN flaws were "trivial to the point of embarrassing for the vendor," he says, while even the complex ones should have been caught by any organization seriously investing in product security... Another problem? These appliances have a lot of legacy code, some that is 10 years or older.
Attackers may need to chain together multiple hard-to-find vulnerabilities across multiple components, the article acknowleges. And "It's also possible that attack campaigns against network-edge devices are becoming more visible to security teams because they are looking into what's happening on these appliances more than they did in the past... "

The article ends with reactions from several vendors of network edge security devices.

Thanks to Slashdot reader snydeq for sharing the article.

The Associated Press reports that "North Korean hackers have pilfered billions of dollars" by breaking into cryptocurrency exchanges and by creating fake identities to get remote tech jobs at foreign companies — all orchestrated by the North Korean government to finance R&D on nuclear arms.

That's according to a new the 138-page report by a group watching North Korea's compliance with U.N. sanctions (including officials from the U.S., Australia, Canada, France, Germany, Italy, Japan, the Netherlands, New Zealand, South Korea and the United Kingdom). From the Associated Press: North Korea also has used cryptocurrency to launder money and make military purchases to evade international sanctions tied to its nuclear program, the report said. It detailed how hackers working for North Korea have targeted foreign businesses and organizations with malware designed to disrupt networks and steal sensitive data...

Unlike China, Russia and Iran, North Korea has focused much of its cyber capabilities to fund its government, using cyberattacks and fake workers to steal and defraud companies and organizations elsewhere in the world... Earlier this year, hackers linked to North Korea carried out one of the largest crypto heists ever, stealing $1.5 billion worth of ethereum from Bybit. The FBI later linked the theft to a group of hackers working for the North Korean intelligence service.

Federal authorities also have alleged that thousands of IT workers employed by U.S. companies were actually North Koreans using assumed identities to land remote work. The workers gained access to internal systems and funneled their salaries back to North Korea's government. In some cases, the workers held several remote jobs at the same time.

Microsoft is retiring Office Online Server on December 31, 2026, ending support and updates for organizations running browser-based Office apps on-premises. The Register reports: After this, there won't be any more security fixes, updates, or technical support from Microsoft. "This change is part of our ongoing commitment to modernizing productivity experiences and focusing on cloud-first solutions," the company said. Office Online Server provides browser-based versions of Word, Excel, PowerPoint, and OneNote for customers who want to keep things on-prem without having to roll out the full desktop applications. Microsoft's solution is to move to Microsoft 365, its decidedly off-premises version of its applications. The company said it is "focusing its browser-based Office app investments on Office for the Web to deliver secure, collaborative, and feature-rich experiences through Microsoft 365."

Other than migrating to another platform when the vendor pulls the plug, affected customers have few options. The announcement will also hit several customers running SharePoint Server SE or Exchange Server SE. While those products remain supported, Office Online Server integration will go away. The company suggested Microsoft 365 Apps for Enterprise and Office LTSC 2024 as alternatives for viewing and editing documents hosted on those servers.

Skype for Business customers will also lose some key features related to PowerPoint. Presenter notes and high-fidelity PowerPoint rendering will go away. In-meeting annotations, which allow meeting participants to write directly to slides without altering the original file, will no longer be available, and embedded video playback will run at lower fidelity. Features like whiteboards, polls, and app sharing shouldn't be affected. Microsoft's solution is a move to Teams, which the company says "offers modern meeting experiences."

An anonymous reader quotes a report from the BBC: New research coordinated by the European Broadcasting Union (EBU) and led by the BBC has found that AI assistants -- already a daily information gateway for millions of people -- routinely misrepresent news content no matter which language, territory, or AI platform is tested. The intensive international study of unprecedented scope and scale was launched at the EBU News Assembly, in Naples. Involving 22 public service media (PSM) organizations in 18 countries working in 14 languages, it identified multiple systemic issues across four leading AI tools. Professional journalists from participating PSM evaluated more than 3,000 responses from ChatGPT, Copilot, Gemini, and Perplexity against key criteria, including accuracy, sourcing, distinguishing opinion from fact, and providing context.

Key findings:
- 45% of all AI answers had at least one significant issue.
- 31% of responses showed serious sourcing problems - missing, misleading, or incorrect attributions.
- 20% contained major accuracy issues, including hallucinated details and outdated information.
- Gemini performed worst with significant issues in 76% of responses, more than double the other assistants, largely due to its poor sourcing performance.
- Comparison between the BBC's results earlier this year and this study show some improvements but still high levels of errors. The team has released a News Integrity in AI Assistants Toolkit to help develop solutions to these problems and boost users' media literacy. They're also urging regulators to enforce laws on information integrity and continue independent monitoring of AI assistants.

An anonymous reader quotes a report from Reuters: The hack of Jaguar Land Rover, owned by India's Tata Motors, cost the British economy an estimated $2.55 billion and affected over 5,000 organizations, an independent cybersecurity body said in a report published on Wednesday. The report was produced by the Cyber Monitoring Centre, an independent, not for profit organization made up of industry specialists, including the former head of Britain's National Cyber Security Centre. It said losses could be higher if there were unexpected delays to the restoration of production at the vehicle manufacturer to levels before the hack took place in August.

"This incident appears to be the most economically damaging cyber event to hit the UK, with the vast majority of the financial impact being due to the loss of manufacturing output at JLR and its suppliers," the report said. JLR will report its financial results in November, according to the company's website. A spokesperson for JLR declined to comment on the report. [...] JLR, which analysts estimated was losing around 50 million pounds per week from the shutdown, was provided with a 1.5 billion pound loan guarantee by the British government in late September to help it support suppliers.

Meta removed a deepfake video from Facebook that falsely depicted Catherine Connolly withdrawing from Ireland's presidential election. The video was posted to an account called RTE News AI and viewed almost 30,000 times over 12 hours before the Irish Independent contacted the platform. The fabricated bulletin featured AI-generated versions of RTE newsreader Sharon Ni Bheolain and political correspondent Paul Cunningham announcing that Connolly had ended her campaign and the election scheduled for Friday would be cancelled.

Connolly responded in a statement that she remained a candidate and called the video a disgraceful attempt to mislead voters. Meta confirmed the account violated its community standards against impersonating people and organizations. Ireland's media regulator Coimisiun na Mean contacted Meta about the incident and reminded the platform of its obligations under the EU Digital Services Act. An Irish Times poll published last Thursday found Connolly leading the race with 38% support.

The German Koblenz Regional Court has banned the internet service provider 1&1 from marketing its fiber-to-the-curb service as fiber-optic DSL. The court found that the company misled customers because its network uses copper cables for the final stage of connections, sometimes extending up to a mile from the distribution box to subscribers' homes.

Customers who visited the ISP's website and checked connection availability received a notification stating that a "1&1 fiber optic DSL connection" was available, even though fiber optic cables terminate at street-level distribution boxes or building service rooms. The company pairs the copper lines with vectoring technology to boost DSL speeds to 100 megabits per second. The Federation of German Consumer Organizations filed the lawsuit. Ramona Pop, the organization's chairperson, said that anyone who promises fiber optics but delivers only DSL is deceiving customers.

Foreign hackers breached the National Nuclear Security Administration's Kansas City National Security Campus (KCNSC) by exploiting unpatched Microsoft SharePoint vulnerabilities. The intrusion happened in August and is possibly linked to either Chinese state actors or Russian cybercriminals. CSO Online notes that "roughly 80% of the non-nuclear parts in the nation's nuclear stockpile originate from KCNSC," making it "one of the most sensitive facilities in the federal weapons complex." From the report: The breach targeted a plant that produces the vast majority of critical non-nuclear components for US nuclear weapons under the NNSA, a semi-autonomous agency within the Department of Energy (DOE) that oversees the design, production, and maintenance of the nation's nuclear weapons. Honeywell Federal Manufacturing & Technologies (FM&T) manages the Kansas City campus under contract to the NNSA. [...] The attackers exploited two recently disclosed Microsoft SharePoint vulnerabilities -- CVE-2025-53770, a spoofing flaw, and CVE-2025-49704, a remote code execution (RCE) bug -- both affecting on-premises servers. Microsoft issued fixes for the vulnerabilities on July 19.

On July 22, the NNSA confirmed it was one of the organizations hit by attacks enabled by the SharePoint flaws. "On Friday, July 18th, the exploitation of a Microsoft SharePoint zero-day vulnerability began affecting the Department of Energy," a DOE spokesperson said. However, the DOE contended at the time, "The department was minimally impacted due to its widespread use of the Microsoft M365 cloud and very capable cybersecurity systems. A very small number of systems were impacted. All impacted systems are being restored." By early August, federal responders, including personnel from the NSA, were on-site at the Kansas City facility, the source tells CSO.

Microsoft said in a blog post this week that "over half of cyberattacks with known motives were driven by extortion or ransomware... while attacks focused solely on espionage made up just 4%."

And Microsoft's annual digital threats report found operations expanding even more through AI, with cybercriminals "accelerating malware development and creating more realistic synthetic content, enhancing the efficiency of activities such as phishing and ransomware attacks." [L]egacy security measures are no longer enough; we need modern defenses leveraging AI and strong collaboration across industries and governments to keep pace with the threat...

Over the past year, both attackers and defenders harnessed the power of generative AI. Threat actors are using AI to boost their attacks by automating phishing, scaling social engineering, creating synthetic media, finding vulnerabilities faster, and creating malware that can adapt itself... For defenders, AI is also proving to be a valuable tool. Microsoft, for example, uses AI to spot threats, close detection gaps, catch phishing attempts, and protect vulnerable users. As both the risks and opportunities of AI rapidly evolve, organizations must prioritize securing their AI tools and training their teams...

Amid the growing sophistication of cyber threats, one statistic stands out: more than 97% of identity attacks are password attacks. In the first half of 2025 alone, identity-based attacks surged by 32%. That means the vast majority of malicious sign-in attempts an organization might receive are via large-scale password guessing attempts. Attackers get usernames and passwords ("credentials") for these bulk attacks largely from credential leaks. However, credential leaks aren't the only place where attackers can obtain credentials. This year, we saw a surge in the use of infostealer malware by cybercriminals...

Luckily, the solution to identity compromise is simple. The implementation of phishing-resistant multifactor authentication (MFA) can stop over 99% of this type of attack even if the attacker has the correct username and password combination.
"Security is not only a technical challenge but a governance imperative..." Microsoft adds in their blog post. "Governments must build frameworks that signal credible and proportionate consequences for malicious activity that violates international rules." (The report also found that America is the #1 most-targeted country — and that many U.S. companies have outdated cyber defenses.)

But while "most of the immediate attacks organizations face today come from opportunistic criminals looking to make a profit," Microsoft writes that nation-state threats "remain a serious and persistent threat." More details from the Associated Press: Russia, China, Iran and North Korea have sharply increased their use of artificial intelligence to deceive people online and mount cyberattacks against the United States, according to new research from Microsoft. This July, the company identified more than 200 instances of foreign adversaries using AI to create fake content online, more than double the number from July 2024 and more than ten times the number seen in 2023.
Examples of foreign espionage cited by the article:

• China is continuing its broad push across industries to conduct espionage and steal sensitive data...

• Iran is going after a wider range of targets than ever before, from the Middle East to North America, as part of broadening espionage operations..

• "[O]utside of Ukraine, the top ten countries most affected by Russian cyber activity all belong to the North Atlantic Treaty Organization (NATO) — a 25% increase compared to last year."

• North Korea remains focused on revenue generation and espionage...

There was one especially worrying finding. The report found that critical public services are often targeted, partly because their tight budgets limit their incident response capabilities, "often resulting in outdated software.... Ransomware actors in particular focus on these critical sectors because of the targets' limited options. For example, a hospital must quickly resolve its encrypted systems, or patients could die, potentially leaving no other recourse but to pay."

The U.S. is awash with scam text messages. Officials say it has become a billion-dollar, highly sophisticated business benefiting criminals in China. From a report: Your highway toll payment is now past due, one text warns. You have U.S. Postal Service fees to pay, another threatens. You owe the New York City Department of Finance for unpaid traffic violations. The texts are ploys to get unsuspecting victims to fork over their credit-card details. The gangs behind the scams take advantage of this information to buy iPhones, gift cards, clothing and cosmetics.

Criminal organizations operating out of China, which investigators blame for the toll and postage messages, have used them to make more than $1 billion over the last three years, according to the Department of Homeland Security. Behind the con, investigators say, is a black market connecting foreign criminal networks to server farms that blast scam texts to victims. The scammers use phishing websites to collect credit-card information. They then find gig workers in the U.S. who will max out the stolen cards for a small fee. Making the fraud possible: an ingenious trick allowing criminals to install stolen card numbers in Google and Apple Wallets in Asia, then share the cards with the people in the U.S. making purchases half a world away.

Anthropic is projecting its annualized revenue run rate to soar from roughly $7 billion today to as much as $26 billion in 2026, driven by rapid enterprise adoption of its Claude AI models. Reuters reports: Anthropic debuted a new version of its cheapest AI model, Haiku, on Wednesday, as part of a broader effort to appeal to companies that are looking for capable AI systems that are dramatically cheaper than its more advanced models. The Haiku 4.5 model sells for about one-third the price of Sonnet 4, one of its medium-sized models.

The revenue projections underscore continued strong demand for generative AI tools among businesses and help explain investor enthusiasm, even as AI spending, especially in infrastructure buildout, comes under scrutiny. Some people worry the level of investment might be unsustainable. Fueling the expansion is the uptake of enterprise products, which are built for organizations. Anthropic has more than 300,000 business and enterprise customers, which account for about 80% of its revenue.

Several leading news organizations with access to Pentagon briefings have formally said they will not agree to a new defense department policy that requires them to pledge they will not obtain unauthorized material and restricts access to certain areas unless accompanied by an official. The Guardian: The policy, presented last month by the defense secretary, Pete Hegseth, has been widely criticized by media organizations asked to sign the pledge by Tuesday at 5pm or have 24 hours to turn in their press credentials.

The move follows a shake-up in February in which long-credentialed media outlets were required to vacate assigned workspaces which was cast as an "annual media rotation program." A similar plan was presented at the White House where some briefing room spots were given to podcasters and other representatives of non-traditional media.

On Monday, the Washington Post joined the New York Times, CNN, the Atlantic, the Guardian, Reuters, the Associated Press, NPR, HuffPost and trade publication Breaking Defense in saying it would not sign on to the agreement.

The U.S. Department of Justice seized about $15 billion in bitcoin from wallets tied to Chen Zhi, founder of Cambodia's Prince Holding Group, who is accused of running one of the world's biggest "pig butchering" scams. Prosecutors say Zhi's network trafficked people into forced-labor scam compounds that defrauded victims worldwide through fake crypto investment schemes. CNBC reports: The seizure is the largest forfeiture action by the DOJ in history. An indictment charging the alleged pig butcher, Chen Zhi, was unsealed Tuesday in federal court in Brooklyn, New York. Zhi, who is also known as "Vincent," remains at large, according to the U.S. Attorney's Office for the Eastern District of New York. He was identified in court filings as the founder and chairman of Prince Holding Group, a multinational business conglomerate based in Cambodia, which prosecutors said grew "in secret .... into one of Asia's largest transnational criminal organizations. [...]

The scams duped people contacted via social media and messaging applications online into transferring cryptocurrency into accounts controlled by the scheme with false promises that the crypto would be invested and produce profits, according to the office. "In reality, the funds were stolen from the victims and laundered for the benefit of the perpetrators," the release said. "The scam perpetrators often built relationships with their victims over time, earning their trust before stealing their funds."

Prosecutors said that hundreds of people were trafficked and forced to work in the scam compounds, "often under the threat of violence." Zhi and a network of top executives in the Prince Group are accused of using political influence in multiple countries to protect their criminal enterprise and paid bribes to public officials to avoid actions by law enforcement authorities targeting the scheme, according to prosecutors.