Amid horrific threats from United States president Donald Trump because the US and Iran negotiated a ceasefire, the US authorities warned this week that Iran-linked hackers have been carrying out attacks towards US vitality and water infrastructure targets. With practically one in 5 folks in Lebanon displaced by Israeli assaults, the federal government is attempting to manage the crisis with out trendy digital infrastructure and an emergency system that’s barely hanging on. Plus, a WIRED evaluation checked out Syrian government account hijacks in March and the inadequacies they expose in Syria’s baseline cybersecurity defenses.
Amid rising fears of political violence, a WIRED investigation discovered that US political candidates are spending more on security, together with buying tools like residence alarms and bulletproof vests. And up to date analysis taking a look at Telegram teams discovered that males are sharing thousands of nonconsensual images of women and girls, buying spy ware to make use of towards their wives and mates, and interesting in doxing and sexual abuse. In the meantime, as governments scramble to deal with rising industrial scamming originating from Southeast Asia, China has emerged as the biggest enforcer, but additionally a selective one, leading to crime syndicates shifting their focus overseas to keep away from Chinese language targets.
Anthropic formally announced its new Claude Mythos Preview model this week and stated that for now it should solely make the mannequin obtainable to a choose group of some dozen main tech and monetary organizations, together with Apple, Microsoft, Google, and the Linux Basis. The consortium, dubbed Undertaking Glasswing, will discover Mythos Preview’s superior hacking and different cybersecurity capabilities and assess the very best methods to enhance software program and {hardware} defenses earlier than capabilities like those in Mythos Preview proliferate extra broadly throughout different fashions and inevitably find yourself within the fingers of attackers. The bulletins sparked controversy about whether or not Mythos Preview and related capabilities will actually be as consequential for cybersecurity as Anthropic says. Specialists advised WIRED that whereas it will not be a dramatic disaster, it will be significant for defenders to return collectively and use their early entry to make adjustments in how software program is developed and the way organizations around the globe spend money on patching.
Lastly, a WIRED investigation discovered that nonprofit groups linked to Customs and Border Protection facilities have been promoting problem cash that celebrated the Trump administration’s immigration raids, together with one coin that depicted Charlotte’s Internet characters in riot gear.
And there’s extra. Every week, we spherical up the safety and privateness information we didn’t cowl in depth ourselves. Click on the headlines to learn the total tales. And keep secure on the market.
The FBI not too long ago acquired its fingers on copies of encrypted Sign messages being despatched to a defendant’s iPhone as a result of the contents of these messages have been included in push notifications, 404 Media reviews. Though Sign had been faraway from the cellphone previous to it being seized by the FBI, the notifications nonetheless lived on within the cellphone’s inner reminiscence.
The problem affects all apps that ship push notifications, not simply Sign, however customers of that app can modify their settings to not present the content material of a message or the identify of the sender in push notifications. To regulate your settings for notifications going ahead, open Sign and go to Settings, then Notifications, and alter the choice to Title Solely or No Title or Content material.
Regardless of the tenuous and contested ceasefire enacted within the US-Israel battle with Iran, tens of tens of millions of unusual Iranians are nonetheless with out common and dependable web connectivity. The regime-imposed web blackout, which began through the first hours of the battle on February 28, is now reaching the 1,000 hour level, in line with internet monitoring group NetBlocks. In current weeks, the internet shutdown has become the longest in Iranian history and one of many longest worldwide—depriving Iranians of correct information concerning the battle, stopping them contacting household and family members, and inflicting additional financial hurt to the nation. US-based Iranian digital rights undertaking Filter Watch has detailed how the Iranian regime, whereas being bombarded through the battle, has labeled anti-censorship instruments as “malicious” and claimed to have arrested people utilizing Starlink web connections to get across the block.
The FBI’s annual web crime report usually paints a bleak image: year-on-year, the variety of cybercrime reviews will increase and the sum of money misplaced by Individuals shoots up. Sadly, 2025 was no completely different. Final 12 months, in line with the FBI’s annual report, losses reported to the Web Crime Criticism Heart topped $20 billion—a rise of 26 p.c in comparison with 2024. Greater than half of those reported losses ($11.3 billion) have been linked to cryptocurrency scams, typically via fraudulent investment schemes, in line with the FBI. Enterprise e mail compromise, tech and buyer help scams, private knowledge breaches, and confidence or romance scams, make up the opposite most typical crime reviews. Crimes mentioning AI led to $893 million in losses.
Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, permitting enterprise customers to compose and browse E2EE messages natively on cellular for the primary time with out separate apps or mail portals required. Encrypted emails seem as commonplace threads within the Gmail app for recipients utilizing Gmail, whereas these on different suppliers can entry them by way of a safe browser view. This rollout builds on the client-side encryption mannequin launched to Google Workspace net customers in April 2025, the place messages are encrypted with customer-controlled keys, stopping Google from accessing their contents. The method is especially interesting for organizations with strict compliance necessities, together with HIPAA, export controls, and knowledge sovereignty laws.
Entry, nonetheless, stays restricted: The function is offered solely to Google Workspace Enterprise Plus prospects with the Assured Controls or Assured Controls Plus add-on, and isn’t supported for private Gmail accounts. Directors should additionally explicitly enable the Android and iOS purchasers within the admin interface earlier than eligible customers can entry the function, which is off by default. Finish customers then toggle encryption per-message by tapping the lock icon and deciding on “Further encryption,” mirroring the net workflow. The rollout is offered instantly to each Rapid Release and Scheduled Release domains.
