It’s an ideal time of year for snuggling up on a countryside break. We pick accommodation from shepherds’ huts in Somerset to a chateau in Wales
Six vintage-style “luxury huts” spaced out around a lake make up The Shepherds Hut Retreat in south Somerset. They have modern kitchens and bathrooms, private areas with hot tubs, and fancy features such as telescopes, gin bars, pizza ovens, fire pits and hammocks. There is also a woodland sauna on site. The newest hut, 1898, is the grandest, and is inspired by the Pig hotels. It is a mile’s walk to the Lord Poulett Arms, a thatched 17th-century pub in the village of Hinton St George, and half an hour’s drive to the beaches of the Jurassic Coast in east Devon and Dorset. From £169, coolstays.com
Amazon and Flock Safety have ended a partnership that would've given law enforcement access to a vast web of Ring cameras.
The decision came after Amazon faced substantial backlash for airing a Super Bowl ad that was meant to be warm and fuzzy, but instead came across as disturbing and dystopian.
The ad begins with a young girl surprised to receive a puppy as a gift. It then warns that 10 million dogs go missing annually. Showing a series of lost dog posters, the ad introduces a new "Search Party" feature for Ring cameras that promises to revolutionize how neighbors come together to locate missing pets.
High court refuses injunction to stop CMA naming company penalised for failing to hand over information
Euro Car Parks is infamous for dishing out fines but the private parking company has been hit with an almost £475,000 penalty of its own after it failed to hand over information to a regulator.
The Competition and Markets Authority (CMA) said it had imposed a £473,000 fine after the company did not respond for three months to seven requests for information, including by registered post, email and hand-delivered letter.
An alleged Uzbekistan cyberattack that triggered widespread concern online has exposed around 60,000 unique data records, not the personal data of 15 million citizens, as previously claimed on social media.
The clarification came from Uzbekistan’s Digital Technologies Minister Sherzod Shermatov during a press conference on 12 February, addressing mounting speculation surrounding the scale of the breach.
From 27 to 30 January, information systems of three government agencies in Uzbekistan were targeted by cyberattacks. The names of the agencies have not been disclosed. However, officials were firm in rejecting viral claims suggesting a large-scale national data leak.
“There is no information that the personal data of 15 million citizens of Uzbekistan is being sold online. 60,000 pieces of data — that could be five or six pieces of data per person. We are not talking about 60,000 citizens,” the minister noted, adding that law enforcement agencies were examining the types of data involved.
For global readers, the distinction matters. In cybersecurity reporting, raw data units are often confused with the number of affected individuals.
A single record can include multiple data points such as a name, date of birth, address, or phone number. According to Shermatov, the 60,000 figure refers to individual data units, not the number of citizens impacted.
The Uzbekistan cyberattack targeted three government information systems over a four-day period in late January. While the breach did result in unauthorized access to certain systems, the ministry emphasized that it was not a mass compromise of citizen accounts.
“Of course, there was an attack. The hackers were skilled and sophisticated. They made attempts and succeeded in gaining access to a specific system. In a sense, this is even useful — an incident like this helps to further examine other systems and increase vigilance. Some data, in a certain amount, could indeed have been obtained from some systems,” Shermatov said.
His remarks reveal a balanced acknowledgment: the attack was real, the threat actors were capable, and some data exposure did occur. At the same time, the scale appears significantly smaller than initially portrayed online.
The ministry also stressed that a “personal data leak” does not mean citizens’ accounts were hacked or that full digital identities were compromised. Instead, limited personal details may have been accessed.
Rising Cyber Threats in Uzbekistan
The Uzbekistan cyberattack comes amid a sharp increase in attempted digital intrusions across the country. According to the ministry, more than 7 million cyber threats were prevented in 2024 through Uzbekistan’s cybersecurity infrastructure. In 2025, that number reportedly exceeded 107 million.
Looking ahead, projections suggest that over 200 million cyberattacks could target Uzbekistan in 2026.
These figures highlight a broader global trend: as countries accelerate digital transformation, they inevitably expand their attack surface. Emerging digital economies, in particular, often face intense pressure from transnational cybercriminal groups seeking to exploit gaps in infrastructure and rapid system expansion.
Uzbekistan’s growing digital ecosystem — from e-government services to financial platforms — is becoming a more attractive target for global threat actors. The recent Uzbekistan cyberattack illustrates that no country, regardless of size, is immune.
Strengthening Security After the Breach
Following the breach, authorities blocked further unauthorized access attempts and reinforced technical safeguards. Additional protections were implemented within the Unified Identification System (OneID), Uzbekistan’s centralized digital identity platform.
Under the updated measures, users must now personally authorize access to their data by banks, telecom operators, and other organizations. This shifts more control, and responsibility, directly to citizens.
The ministry emphasized that even with partial personal data, fraudsters cannot fully act on behalf of a citizen without direct involvement. However, officials warned that attackers may attempt secondary scams using exposed details.
For example, a fraudster could call a citizen, pose as a bank employee, cite known personal details, and claim that someone is applying for a loan in their name — requesting an SMS code to “cancel” the transaction. Such social engineering tactics remain one of the most effective tools for cybercriminals globally.
A Reality Check on Digital Risk
The Uzbekistan cyberattack highlights two critical lessons. First, misinformation can amplify panic faster than technical facts. Second, even limited data exposure carries real risk if exploited creatively.
Shermatov’s comment that the incident can help “increase vigilance” reflects a pragmatic view shared by many cybersecurity professionals worldwide: breaches, while undesirable, often drive improvements in resilience.
For Uzbekistan, the challenge now is sustaining public trust while hardening systems against a growing global cyber threats. For the rest of the world, the incident serves as a reminder that cybersecurity transparency — clear communication about scope and impact — is just as important as technical defense.
Very few people alive today have seen the Appalachian forests as they existed a century ago. Even as state and national parks preserved ever more of the ecosystem, fungal pathogens from Asia nearly wiped out one of the dominant species of these forests, the American chestnut, killing an estimated 3 billion trees. While new saplings continue to sprout from the stumps of the former trees, the fungus persists, killing them before they can seed a new generation.
But thanks in part to trees planted in areas where the two fungi don't grow well, the American chestnut isn't extinct. And efforts to revive it in its native range have continued, despite the long generation times needed to breed resistant trees. In Thursday's issue of Science, researchers describe their efforts to apply modern genomic techniques and exhaustive testing to identify the best route to restoring chestnuts to their native range.
Multiple paths to restoration
While the American chestnut is functionally extinct—it's no longer a participant in the ecosystems it once dominated—it's most certainly not extinct. Two Asian fungi that have killed it off in its native range; one causes chestnut blight, while a less common pathogen causes a root rot disease. Both prefer warmer, humid environments and persist there because they can grow asymptomatically on distantly related trees, such as oaks. Still, chestnuts planted outside the species' original range—primarily in drier areas of western North America—have continued to thrive.
AI is giving online romance scammers even more ways to hide and accelerate their schemes while making it more difficult for people to detect fraud operations that are resulting in billions of dollars being stolen every year from millions of victims.
The company, long focused on cars and trucks, plans to begin manufacturing large batteries used by utilities, data centers, other businesses and homeowners.
Ford Motor shut down a battery factory and laid off 1,600 workers after President Trump and Republicans gutted government support for electric vehicles.
Whether you want the basic safety net or complete rescue package, the bill depends as much on what’s needed as what is included
It is not a legal requirement to have breakdown cover – it is a safety net to ensure you are not left on the roadside if something happens to your vehicle. But you should be aware of all of the policy’s limitations when you buy one.
The U.S. justice system has sent away an individual behind one of the largest global cryptocurrency investment scam cases, for two decades. While the sentence signals accountability, the individual remains a fugitive after cutting off his electronic ankle monitor and fleeing in December 2025.
Daren Li, a 42-year-old dual national of China and St. Kitts and Nevis, has been sentenced in absentia to 20 years in prison for carrying out a $73 million cryptocurrency fraud scheme that targeted American victims.
Inside the $73 Million Global Cryptocurrency Investment Scam
According to court documents, Li pleaded guilty in November 2024 to conspiring to launder funds obtained through cryptocurrency scams. Prosecutors revealed that the global cryptocurrency investment scam was operated from scam centers in Cambodia, a growing hotspot for transnational cyber fraud.
The operation followed a now-familiar pattern often referred to as a “pig butchering scam.” Victims were approached through social media, unsolicited calls, text messages, and even online dating platforms. Fraudsters built professional or romantic relationships over weeks or months. Once trust was secured, victims were directed to spoofed cryptocurrency trading platforms that looked legitimate.
In other cases, scammers posed as tech support or customer service representatives, convincing victims to transfer funds to fix non-existent viruses or fabricated technical problems.
The numbers are staggering. Li admitted that at least $73.6 million flowed into accounts controlled by him and his co-conspirators. Of that, nearly $60 million was funneled through U.S. shell companies designed to disguise the origins of the stolen funds. This was not random fraud—it was organized, calculated, and industrial in scale.
Crypto Money Laundering Through U.S. Shell Companies
What makes this global cryptocurrency investment scam particularly troubling is the complex crypto money laundering infrastructure behind it.
Li directed associates to establish U.S. bank accounts under shell companies. These accounts received interstate and international wire transfers from victims. The stolen money was then converted into cryptocurrency, further complicating efforts to trace and recover funds.
Eight co-conspirators have already pleaded guilty. Li is the first defendant directly involved in receiving victim funds to be sentenced. Prosecutors pushed for the maximum penalty after hearing from victims who lost life savings, retirement funds, and, in some cases, their entire financial security.
Assistant Attorney General A. Tysen Duva described the damage as “devastating.” And that word is not an exaggeration. Behind every dollar in this $73 million cryptocurrency scam is a real person whose trust was manipulated.
“As part of an international cryptocurrency investment scam, Daren Li and his co-conspirators laundered over $73 million dollars stolen from American victims,” said Assistant Attorney General A. Tysen Duva of the Justice Department’s Criminal Division. “The Court’s sentence reflects the gravity of Li’s conduct, which caused devastating losses to victims throughout our country. The Criminal Division will work with our law enforcement partners around the world to ensure that Li is returned to the United States to serve his full sentence.”
Scam Centers in Cambodia Under Global Scrutiny
The sentencing comes amid increasing international pressure to dismantle scam centers in Cambodia and across Southeast Asia. For years, these operations flourished with limited oversight. Now, authorities in the U.S., China, and other nations are escalating crackdowns.
China recently executed members of two crime families accused of running cyber scam compounds in Myanmar. In Cambodia, the arrest and extradition of Prince Group chairman Chen Zhi—a key figure in cyber scam money laundering—triggered chaotic scenes as human trafficking victims and scam workers sought refuge at embassies.
These developments show that the global cryptocurrency investment scam network is not isolated. It is part of a larger ecosystem of organized crime, human trafficking, and digital exploitation.
Law Enforcement’s Expanding Response
The U.S. Secret Service’s Global Investigative Operations Center led the investigation, supported by Homeland Security Investigations, Customs and Border Protection, the U.S. Marshals Service, and international partners. The Justice Department’s Criminal Division continues targeting scam centers by seizing cryptocurrency, dismantling digital infrastructure, and disrupting money laundering networks.
Since 2020, the Computer Crime and Intellectual Property Section (CCIPS) has secured more than 180 cybercrime convictions and recovered over $350 million in victim funds.
Still, the fact that Li escaped before serving his sentence highlights a sobering truth: enforcement is improving, but global coordination must move even faster.
Why This Global Cryptocurrency Investment Scam Matters
Technology has erased borders, but it has also erased barriers for criminals. The global cryptocurrency investment scam case shows how encrypted apps, fake trading platforms, and shell corporations can be stitched together into a seamless fraud machine.
The bigger concern is scale. These operations are not small-time scams run from a basement. They are corporate-style enterprises with recruiters, relationship builders, financial handlers, and laundering specialists.
For investors, the lesson is clear: unsolicited investment advice, especially involving cryptocurrency, should raise immediate red flags. For regulators and governments, the message is even stronger. Financial transparency laws, international cooperation, and aggressive enforcement are no longer optional—they are essential.
Daren Li’s 20-year sentence may serve as a warning, but until fugitives like him are brought back to face prison time, the fight against the next $73 million cryptocurrency scam continues.
In a meeting with employees at his company xAI, Mr. Musk revealed a vision for a facility that includes a giant catapult to launch his satellites into space.
The Snapchat hacking investigation involving an Illinois man accused of stealing and selling private images of hundreds of women is not just another cybercrime case, it is a reminder of how easily social engineering can be weaponized against trust, privacy, and young digital users.
Federal prosecutors say the case exposes a disturbing intersection of identity theft, online exploitation, and misuse of social media platforms that continues to grow largely unchecked.
Kyle Svara, a 26-year-old from Oswego, Illinois, has been charged in federal court in Boston for his role in a wide-scale Snapchat account hacking scheme that targeted nearly 600 women.
According to court documents, Svara used phishing and impersonation tactics to steal Snapchat access codes, gain unauthorized account access, and extract nude or semi-nude images that were later sold or traded online.
Snapchat Hacking Investigation Reveals Scale of Phishing Abuse
At the core of the Snapchat hacking investigation is a textbook example of social engineering. Between May 2020 and February 2021, Svara allegedly gathered emails, phone numbers, and Snapchat usernames using online tools and research techniques. He then deliberately triggered Snapchat’s security system to send one-time access codes to victims.
Using anonymized phone numbers, Svara allegedly impersonated a Snap Inc. representative and texted more than 4,500 women, asking them to share their security codes. About 570 women reportedly complied—handing over access to their accounts without realizing they were being manipulated.
Once inside, prosecutors say Svara accessed at least 59 Snapchat accounts and downloaded private images. These images were allegedly kept, sold, or exchanged on online forums. The investigation found that Svara openly advertised his services on platforms such as Reddit, offering to “get into girls’ snap accounts” for a fee or trade.
Snapchat Hacking for Hire
What makes this Snapchat hacking case especially troubling is that it was not driven solely by curiosity or personal motives. Investigators allege that Svara operated as a hacking-for-hire service. One of his co-conspirators was Steve Waithe, a former Northeastern University track and field coach, who allegedly paid Svara to hack Snapchat accounts of women he coached or knew personally.
Waithe was convicted in November 2023 on multiple counts, including wire fraud and cyberstalking, and sentenced to five years in prison. The link between authority figures and hired cybercriminals adds a deeply unsettling dimension to the case, one that highlights how power dynamics can be exploited through digital tools.
Beyond hired jobs, Svara also allegedly targeted women in and around Plainfield, Illinois, as well as students at Colby College in Maine, suggesting a pattern of opportunistic and localized targeting.
Why the Snapchat Hacking Investigation Matters
This Snapchat hacking investigation features a critical cybersecurity truth: technical defenses mean little when human trust is exploited. The victims did not lose access because Snapchat’s systems failed; they were deceived into handing over the keys themselves.
It also raises serious questions about accountability on social platforms. While Snapchat provides security warnings and access codes, impersonation attacks continue to succeed at scale. The ease with which attackers can pose as platform representatives points to a larger problem of user awareness and platform-level safeguards.
The case echoes other recent investigations, including the indictment of a former University of Michigan football coach accused of hacking thousands of athlete accounts to obtain private images. Together, these cases reveal a troubling pattern—female student athletes being specifically researched, targeted, and exploited.
Legal Consequences
Svara faces charges including aggravated identity theft, wire fraud, computer fraud, conspiracy, and false statements related to child pornography. If convicted, he could face decades in prison, with a cumulative maximum sentence of 32 years. His sentencing is scheduled for May 18.
Federal authorities have urged anyone who believes they may be affected by this Snapchat hacking scheme to come forward.
More than anything, this case serves as a warning. The tools used were not sophisticated exploits or zero-day vulnerabilities—they were lies, impersonation, and manipulation. As this Snapchat hacking investigation shows, the most dangerous cyber threats today often rely on human error, not broken technology.
In 2026 stolen credentials and unmanaged machine identities drive breaches—small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth.
By 2026 humans remain cybersecurity’s weakest—and most vital—link as AI-enabled social engineering rises; prioritize behavioral design, real‑time interventions, and leadership.
There is very little functional difference between iOS and Android these days. The systems could integrate quite well if it weren't for the way companies prioritize lock-in over compatibility. At least in the realm of file sharing, Google is working to fix that. After adding basic AirDrop support to Pixel 10 devices last year, the company says we can look forward to seeing it on many more phones this year.
At present, the only Android phones that can initiate an AirDrop session with Apple devices are Google's latest Pixel 10 devices. When Google announced this upgrade, it vaguely suggested that more developments would come, and it now looks like we'll see more AirDrop support soon.
According to Android Authority, Google is planning a big AirDrop expansion in 2026. During an event at the company's Taipei office, Eric Kay, Google's VP of engineering for Android, laid out the path ahead.
The influence of Chinese money laundering networks has skyrocketed since 2020, with the operations now moving almost 20% of all illicit cryptocurrency being laundered last year, according to Chainalysis researchers. In 2025, they processed more than $16 billion, or about $44 million a day.
Several threat clusters are using vishing in extortion campaigns that include tactics that are consistent with those used by high-profile threat group ShinyHunters. They are stealing SSO and MFA credentials to access companies' environments and steal data from cloud applications, according to Mandiant researchers.
When a CEO's deepfake appears in a fraudulent investor call, when stolen credentials surface on dark web marketplaces, or when executive impersonation attempts trick employees into wire transfers, the damage isn't just technical—it's existential. Yet most organizations treat executive protection as an afterthought, if they think about it at all, instead of leveraging Executive Monitoring Platforms to detect and mitigate these threats proactively.
Here's the uncomfortable reality; your executives aren't just high-value employees. They're walking attack vectors. Their social media presence, their public speaking engagements, their digital footprints across platforms—all of it creates opportunities for threat actors. And unlike technical vulnerabilities that can be patched, executive exposure is permanent, cumulative, and growing by the day.
Executives understand visibility as a business necessity for leadership, brand building, and investor confidence. What they often lack is executive security intelligence that shows how attackers weaponize that visibility.
The question isn't whether your leadership team needs executive monitoring. It's whether you can afford not to have it.
The Executive Blind Spot Nobody Talks About
Traditional security frameworks focus on perimeter defense, endpoint protection, and network monitoring. Executive monitoring exists in a different dimension entirely—one that bridges digital risk, physical security, and reputational management in ways most security teams aren't equipped to handle.
Consider what attackers see when they target executives: comprehensive LinkedIn profiles detailing career histories and professional networks, conference schedules announcing travel plans weeks in advance, published interviews revealing decision-making processes and strategic priorities, social media posts exposing family members and personal interests, and professional email addresses easily harvested for spear-phishing campaigns. This isn't reconnaissance requiring sophisticated hacking. It's open-source intelligence gathering anyone can perform in an afternoon.
The real vulnerability is that executives themselves rarely understand their exposure. They view public visibility as part of the job—necessary for thought leadership, investor relations, and business development. They're not wrong. But they're also not thinking like attackers.
Why Executive Threats Are Business Continuity Issues
A compromised server gets fixed. A breached database gets contained. But when executives become attack targets, the damage radiates through the organization in ways that don't show up in incident reports.
Business email compromise attacks targeting executives cost organizations an average of $4.1 million per incident. That's not counting the reputational damage, the eroded stakeholder trust, or the board-level questions about why leadership wasn't better protected. Deepfake technology has matured to the point where realistic video and audio impersonations can be generated in hours, not days. When a fake CEO video circulates making false claims about company performance, markets react before PR teams can even draft responses.
Executive credential leaks create cascading risks. Unlike typical employee accounts, executive credentials often have elevated privileges, access to sensitive strategic information, and the authority to approve high-value transactions. A single compromised executive account can become the fulcrum for devastating attacks.
This is where standard security tools fall short. They protect infrastructure—but they don’t deliver real-time executive protection. They don’t monitor the dark web for leaked executive credentials, track impersonation accounts on social platforms, or identify deepfakes before they go viral.
That gap is precisely what executive monitoring solutions are designed to fill.
Interested in exploring how executive monitoring can strengthen your leadership protection and enable strategic growth? Learn more about comprehensive executive threat intelligence solutions at Cyble.com.
The Growth Multiplier Effect
Here's the business case that gets overlooked in security discussions; executive monitoring doesn't just prevent damage—it enables growth.
When leaders can engage publicly with confidence, thought leadership accelerates. When executives travel internationally backed by executive protection services, deal-making and partnerships move faster. When boards know that leadership exposure is continuously monitored, governance concerns diminish and strategic focus increases.
Organizations with robust executive monitoring platforms demonstrate operational maturity that resonates with investors, partners, and enterprise clients. It signals that security isn't just an IT function—it's embedded in how the business operates at the highest levels. For companies pursuing M&A activity, executive protection becomes due diligence table stakes. Acquiring companies want assurance that leadership teams come without hidden security liabilities.
The velocity of business decisions improves when executives aren't second-guessing their digital exposure. Strategic communications happen more freely. Competitive intelligence can be gathered more aggressively. Innovation discussions occur with less fear of leakage.
What Effective Executive Monitoring Actually Looks Like
The difference between security theater and genuine protection is specificity. Generic threat intelligence doesn't translate to executive protection. What matters is real-time monitoring across the specific vectors where executive threats emerge.
Effective platforms monitor dark web forums and cybercrime marketplaces for executive PII leaks, tracking when credentials, personal data, or sensitive information surfaces in underground channels. They deploy AI-driven deepfake detection across social media and video platforms, identifying manipulated content before it gains distribution. Social media impersonation tracking identifies fake accounts masquerading as executives, often used for business email compromise setup. Compromised credential monitoring alerts when executive email addresses or passwords appear in breach databases, enabling immediate password resets before exploitation.
The challenge is scale and speed. Manual monitoring can't keep pace with how quickly threats emerge and spread. By the time a security analyst discovers an executive impersonation account, it may have already been used to contact employees or partners.
This is where platforms like Cyble's Executive Monitoring solution demonstrate the value of automation paired with human expertise. Cyble delivers real-time executive protection across the surface web, deep web, and dark web. The platform combines real-time alerts delivered via email, SMS, or WhatsApp with AI-powered threat detection that identifies deepfakes, impersonations, and credential leaks across surface web, deep web, and dark web sources. It provides unified dashboard visibility that consolidates executive threats into a single view rather than fragmenting them across multiple tools, and integrates physical security intelligence for executives traveling to high-risk locations with contextualized threat assessments.
What separates effective solutions from basic monitoring is context. Alerting about every potential threat creates noise. Understanding which threats pose genuine risk to specific executives based on their role, public profile, and current activities—that's intelligence.
Cyble's approach emphasizes actionable insights over data dumps. When an executive's credentials appear in a breach, the platform doesn't just alert—it provides context about the source, potential impact, and recommended response actions. When deepfakes are detected, automated takedown processes can be initiated, removing fraudulent content before it spreads widely.
Instead of flooding teams with noise, Cyble provides insight into severity, relevance, and recommended actions—turning raw data into Executive Security Intelligence.
The ROI Nobody Calculates
Traditional security investments justify themselves through prevented breaches and avoided downtime. Executive monitoring ROI is harder to quantify precisely because it's impossible to measure attacks that never happened due to deterrence and early intervention.
But consider the inverse calculation: what's the cost of not having it? A single successful executive impersonation attack costs millions. A leaked executive credential that enables a broader breach amplifies damage exponentially. A deepfake crisis that damages brand reputation takes years to repair. The question shifts from "can we justify the investment" to "can we justify the exposure."
Organizations serious about growth recognize that executive security is growth infrastructure, not a cost center. It's the same logic that drives investments in executive coaching, strategic advisors, and leadership development. You're protecting and amplifying the most valuable assets in the organization—the people making decisions.
Building Protection That Scales With Ambition
The final insight that separates mature organizations from reactive ones is that executive monitoring isn't static. As companies grow, executive profiles rise. As leadership becomes more publicly visible, attack surfaces expand. As strategic importance increases, threat actor interest intensifies. Effective senior executive threat protection must scale alongside ambition.
Scalable executive protection means platforms that grow with organizational complexity, handling increased numbers of monitored executives as leadership teams expand. They adapt to evolving threat vectors, continuously updating detection capabilities as attack techniques mature. They integrate with existing security infrastructure rather than creating isolated silos, and provide graduated protection levels matching executive risk profiles rather than one-size-fits-all approaches.
This requires platforms built on threat intelligence foundations, not bolt-on features added to existing security suites. Cyble's Executive Monitoring exists within a broader threat intelligence ecosystem that includes dark web monitoring, brand protection, and attack surface management. This integration means executive threats aren't isolated signals—they're correlated with broader organizational risk patterns.
When an executive's name appears in dark web discussions alongside mentions of your company's infrastructure, that correlation matters. When brand impersonation campaigns coincide with executive travel to specific regions, that context informs protective measures.
The Strategic Imperative
Executive monitoring represents a fundamental shift in how organizations think about security. It acknowledges that protecting infrastructure isn't enough when people are targets. It recognizes that reputational risk and operational risk intertwine at the leadership level. It accepts that digital threats demand digital surveillance, not just digital defenses.
For organizations pursuing growth, executive protection isn't optional anymore. It's foundational. The businesses that will dominate their markets in the coming decade aren't just those with the best products or strongest financials—they're the ones whose leadership can operate with confidence, visibility, and strategic aggression because their digital exposure is being actively managed.
The threat landscape has evolved. Executive protection must evolve with it. The question is whether your organization will adapt proactively or learn these lessons the expensive way.
Interested in exploring how executive monitoring can strengthen your leadership protection and enable strategic growth? Learn more about comprehensive executive threat intelligence solutions at Cyble.com.
A team hopes to place instruments in the waters beneath the colossal Thwaites Glacier, with the help of a drill that uses hot water to punch through ice.
“The Model S was a breakthrough and ushered in quite a number of technologies people hadn’t seen before,” said Sam Abuelsamid, an executive at Telemetry, a Detroit communications and research firm.
Early 2026, Moltbot a new AI personal assistant went viral. GitGuardian detected 200+ leaked secrets related to it, including from healthcare and fintech companies. Our contribution to Moltbot: a skill that turns secret scanning into a conversational prompt, letting users ask "is this safe?"
Humans can’t live without lungs. And yet for 48 hours, in a surgical suite at Northwestern University, a 33-year-old man lived with an empty cavity in his chest where his lungs used to be. He was kept alive by a custom-engineered artificial device that represented a desperate last-ditch effort by his doctors. The custom hardware solved a physiological puzzle that has made bilateral pneumonectomy, the removal of both lungs, extremely risky before now.
The artificial lung system was built by the team of Ankit Bharat, a surgeon and researcher at Northwestern. It successfully kept a critically ill patient alive long enough to enable a double lung transplant, temporarily replacing his entire pulmonary system with a synthetic surrogate. The system creates a blueprint for saving people previously considered beyond hope by transplant teams.
Melting lungs
The patient, a once-healthy 33-year-old, arrived at the hospital with Influenza B complicated by a secondary, severe infection of Pseudomonas aeruginosa, a bacterium that in this case proved resistant even to carbapenems—our antibiotics of last resort. This combination of infections triggered acute respiratory distress syndrome (ARDS), a condition where the lungs become so inflamed and fluid-filled that oxygen can no longer reach the blood.
MIND extends its data loss prevention platform to secure agentic AI, enabling organizations to discover, monitor, and govern AI agents in real time to prevent sensitive data exposure, shadow AI risks, and prompt injection attacks.
Simplifying K-12 Technology: How ManagedMethods Can Reduce Complexity To Do More With Less As K-12 districts plan for the 2026/27 school year, the pressure is mounting. Budgets are tight, staffing is stretched thin, and the number of digital tools schools rely on continues to grow. What started as efforts to solve specific problems—student safety, classroom ...
His pioneering work on the origins of cancer was later overshadowed by his contrarian views, notably his rejection of the established theory that H.I.V. causes AIDS.
Peter H. Duesberg in 1985, holding a tray of petri dishes containing cultured cancer cells. In the late 1960s, he discovered the first known cancer-causing gene, or oncogene.
Today, an estimated 2.2 billion peoplestill have either limited or no access to the internet, largely because they live in remote places. But that number could drop this year, thanks to tests of stratospheric airships, uncrewed aircraft, and other high-altitude platforms for internet delivery.
Even with nearly 10,000 active Starlink satellites in orbit and the OneWeb constellation of 650 satellites, solid internet coverage is not a given across vast swathes of the planet.
One of the most prominent efforts to plug the connectivity gap was Google X’s Loon project. Launched in 2011, it aimed to deliver access using high-altitude balloons stationed above predetermined spots on Earth. But the project faced literal headwinds—the Loons kept drifting away and new ones had to be released constantly, making the venture economically unfeasible.
Although Google shuttered the high-profile Loon in 2021, work on other kinds of high-altitude platform stations (HAPS) has continued behind the scenes. Now, several companies claim they have solved Loon’s problems with different designs—in particular, steerable airships and fixed-wing UAVs (unmanned aerial vehicles)—and are getting ready to prove the tech’s internet beaming potential starting this year, in tests above Japan and Indonesia.
Regulators, too, seem to be thinking seriously about HAPS. In mid-December, for example, the US Federal Aviation Administration released a 50-page document outlining how large numbers of HAPS could be integrated into American airspace. According to the US Census Bureau’s 2024 American Community Survey (ACS) data, some 8 million US households (4.5% of the population) still live completely offline, and HAPS proponents think the technology might get them connected more cheaply than alternatives.
Despite the optimism of the companies involved, though, some analysts remain cautious.
“The HAPS market has been really slow and challenging to develop,” says Dallas Kasaboski, a space industry analyst at the consultancy Analysis Mason. After all, Kasaboski says, the approach has struggled before: “A few companies were very interested in it, very ambitious about it, and then it just didn’t happen.”
Beaming down connections
Hovering in the thin air at altitudes above 12 miles, HAPS have a unique vantage point to beam down low-latency, high-speed connectivity directly to smartphone users in places too remote and too sparsely populated to justify the cost of laying fiber-optic cables or building ground-based cellular base stations.
“Mobile network operators have some commitment to provide coverage, but they frequently prefer to pay a fine than cover these remote areas,” says Pierre-Antoine Aubourg, chief technology officer of Aalto HAPS, a spinoff from the European aerospace manufacturer Airbus. “With HAPS, we make this remote connectivity case profitable.”
Aalto HAPS has built a solar-powered UAV with a 25-meter wingspan that has conducted many long-duration test flights in recent years. In April 2025 the craft, called Zephyr, broke a HAPS record by staying afloat for 67 consecutive days. The first months of 2026 will be busy for the company, according to Aubourg; Zephyr will do a test run over southern Japan to trial connectivity delivery to residents of some of the country’s smallest and most poorly connected inhabited islands.
AALTO
Because of its unique geography, Japan is a perfect test bed for HAPS. Many of the country’s roughly 430 inhabited islands are remote, mountainous, and sparsely populated, making them too costly to connect with terrestrial cell towers. Aalto HAPS is partnering with Japan’s largest mobile network operators, NTT DOCOMO and the telecom satellite operator Space Compass, which want to use Zephyr as part of next-generation telecommunication infrastructure.
“Non-terrestrial networks have the potential to transform Japan’s communications ecosystem, addressing access to connectivity in hard-to-reach areas while supporting our country’s response to emergencies,” Shigehiro Hori, co-CEO of Space Compass, said in a statement.
Zephyr, Aubourg explains, will function like another cell tower in the NTT DOCOMO network, only it will be located well above the planet instead of on its surface. It will beam high-speed 5G connectivity to smartphone users without the need for the specialized terminals that are usually required to receive satellite internet. “For the user on the ground, there is no difference when they switch from the terrestrial network to the HAPS network,” Aubourg says. “It’s exactly the same frequency and the same network.”
New Mexico–based Sceye, which has developed a solar-powered helium-filled airship, is also eyeing Japan for pre-commercial trials of its stratospheric connectivity service this year. The firm, which extensively tested its slick 65-meter-long vehicle in 2025, is working with the Japanese telecommunications giant SoftBank. Just like NTT DOCOMO, Softbank is betting on HAPS to take its networks to another level.
Mikkel Frandsen, Sceye’s founder and CEO, says that his firm succeeded where Loon failed by betting on the advantages offered by the more controllable airship shape, intelligent avionics, and innovative batteries that can power an electric fan to keep the aircraft in place.
“Google’s Loon was groundbreaking, but they used a balloon form factor, and despite advanced algorithms—and the ability to change altitude to find desired wind directions and wind speeds—Loon’s system relied on favorable winds to stay over a target area, resulting in unpredictable station-seeking performance,” Frandsen says. “This required a large amount of balloons in the air to have relative certainty that one would stay over the area of operation, which was financially unviable.”
He adds that Sceye’s airship can “point into the wind” and more effectively maintain its position.
“We have significant surface area, providing enough physical space to lift 250-plus kilograms and host solar panels and batteries,” he says, “allowing Sceye to maintain power through day-night cycles, and therefore staying over an area of operation while maintaining altitude.”
The persistent digital divide
Satellite internet currently comes at a price tag that can be too high for people in developing countries, says Kasaboski. For example, Starlink subscriptions start at $10 per month in Africa, but millions of people in these regions are surviving on a mere $2 a day.
Frandsen and Aubourg both claim that HAPS can connect the world’s unconnected more cheaply. Because satellites in low Earth orbit circle the planet at very high speeds, they quickly disappear from a ground terminal’s view, meaning large quantities of those satellites are needed to provide continuous coverage. HAPS can hover, affording a constant view of a region, and more HAPS can be launched to meet higher demand.
“If you want to deliver connectivity with a low-Earth-orbit constellation into one place, you still need a complete constellation,” says Aubourg. “We can deliver connectivity with one aircraft to one location. And then we can tailor much more the size of the fleet according to the market coverage that we need.”
Starlink gets a lot of attention, but satellite internet has some major drawbacks, says Frandsen. A big one is that its bandwidth gets diluted once the number of users in an area grows.
In a recent interview, Starlink cofounder Elon Musk compared the Starlink beams to a flashlight. Given the distance at which those satellites orbit the planet, the cone is wide, covering a large area. That’s okay when users are few and far between, but it can become a problem with higher densities of users.
For example, Ukrainian defense technologists have said that Starlink bandwidth can drop on the front line to a mere 10 megabits per second, compared with the peak offering of 220 Mbps when drones and ground robots are in heavy use. Users in Indonesia, which like Japan is an island nation, also began reporting problems with Starlink shortly after the service was introduced in the country in 2024. Again, bandwidth declined as the number of subscribers grew.
In fact, Frandsen says, Starlink’s performance is less than optimal once the number of users exceeds one person per square kilometer. And that can happen almost anywhere—even relatively isolated island communities can have hundreds or thousands of residents in a small area. “There is a relationship between the altitude and the population you can serve,” Frandsen says. “You can’t bring space closer to the surface of the planet. So the telco companies want to use the stratosphere so that they can get out to more rural populations than they could otherwise serve.” Starlink did not respond to our queries about these challenges.
Cheaper and faster
Sceye and Aalto HAPS see their stratospheric vehicles as part of integrated telecom networks that include both terrestrial cell towers and satellites. But they’re far from the only game in town.
World Mobile, a telecommunications company headquartered in London, thinks its hydrogen-powered high-altitude UAV can compete directly with satellite mega-constellations. The company acquired the HAPS developer Stratospheric Platforms last year. This year, it plans to flight-test an innovative phased array antenna, which it claims will be able to deliver bandwidth of 200 megabits per second (enough to enable ultra-HD video streaming to 500,000 users at the same time over an area of 15,000 square kilometers—equivalent to the coverage of more than 500 terrestrial cell towers, the company says).
Last year, World Mobile also signed a partnership with the Indonesian telecom operator Protelindo to build a prototype Stratomast aircraft, with tests scheduled to begin in late 2027.
Richard Deakin, CEO of World Mobile’s HAPS division World Mobile Stratospheric, says that just nine Stratomasts could supply Scotland’s 5.5 million residents with high-speed internet connectivity at a cost of £40 million ($54 million) per year. That’s equivalent to about 60 pence (80 cents) per person per month, he says. Starlink subscriptions in the UK, of which Scotland is a part, come at £75 ($100) per month.
A troubled past
Companies working on HAPS also extol the convenience of prompt deployments in areas struck by war or natural disasters like Hurricane Maria in Puerto Rico, after which Loon played an important role. And they say that HAPS could make it possible for smaller nations to obtain complete control over their celestial internet-beaming infrastructure rather than relying on mega-constellations controlled by larger nations, a major boon at a time of rising geopolitical tensions and crumbling political alliances.
Analysts, however, remain cautious, projecting a HAPS market totaling a modest $1.9 billion by 2033. The satellite internet industry, on the other hand, is expected to be worth $33.44 billion by 2030, according to some estimates.
The use of HAPS for internet delivery to remote locations has been explored since the 1990s, about as long as the concept of low-Earth-orbit mega-constellations. The seemingly more cost-effective stratospheric technology, however, lost to the space fleets thanks to the falling cost of space launches and ambitious investment by Musk’s SpaceX.
Google wasn’t the only tech giant to explore the HAPS idea. Facebook also had a project, called Aquila, that was discontinued after it too faced technical difficulties. Although the current cohort of HAPS makers claim they have solved the challenges that killed their predecessors, Kasaboski warns that they’re playing a different game: catching up with now-established internet-beaming mega constellations. By the end of this year, it’ll be much clearer whether they stand a good chance of doing so.
Teleport unveils an agentic identity framework that secures AI agents without passwords, replacing static credentials with cryptographic, zero-trust identities to reduce breach risk.
In this episode, we explore the latest changes to AirDrop in iOS 26.2 and how they enhance privacy and security. Learn about the new 10-minute limitation on the ‘Everyone’ setting and the introduction of AirDrop codes for safer file sharing with non-contacts. We also discuss best practices for configuring your AirDrop settings to safeguard your […]
U.S. trade policy has devastated the Canadian auto industry and pushed the country to reach an agreement that will make it easier for Chinese companies to sell cars there.
The tariffs will allow President Trump to take a cut of Nvidia’s chip sales to China while putting off a decision about imposing higher taxes on the chip industry.
He Jiankui spent three years in prison after creating gene-edited babies. Now back at work, he sees a greater opening for researchers who push boundaries.
He Jiankui, a researcher in gene editing, at his home in Beijing. He argues that his only crime was being ahead of his time in a world not yet ready for his vision.
The deal would cut tariffs and include a commitment from Taiwanese Semiconductor Manufacturing Corporation, the island’s chip giant, to build more manufacturing plants in the United States.
A Taiwan Semiconductor Manufacturing Corporation facility under construction in Phoenix. As part of the trade deal, the company would commit to building more semiconductor facilities in Arizona.
Electric vehicles at a Volkswagen plant in Dresden, Germany. The company is an extreme example of how difficult it has been for foreign automakers to cope in the U.S. car market.
Battery assembly at a General Motors facility in Spring Hill, Tenn. Electric cars have become more difficult to sell since the elimination of federal tax credits last year.
This blog is part of a series where we highlight new or fast-evolving threats in consumer security. This one focuses on how AI is being used to design more realistic campaigns, accelerate social engineering, and how AI agents can be used to target individuals.
Most cybercriminals stick with what works. But once a new method proves effective, it spreads quickly—and new trends and types of campaigns follow.
In 2025, the rapid development of Artificial Intelligence (AI) and its use in cybercrime went hand in hand. In general, AI allows criminals to improve the scale, speed, and personalization of social engineering through realistic text, voice, and video. Victims face not only financial loss, but erosion of trust in digital communication and institutions.
Social engineering
Voice cloning
One of the main areas where AI improved was in the area of voice-cloning, which was immediately picked up by scammers. In the past, they would mostly stick to impersonating friends and relatives. In 2025, they went as far as impersonating senior US officials. The targets were predominantly current or former US federal or state government officials and their contacts.
In the course of these campaigns, cybercriminals used test messages as well as AI-generated voice messages. At the same time, they did not abandon the distressed-family angle. A woman in Florida was tricked into handing over thousands of dollars to a scammer after her daughter’s voice was AI-cloned and used in a scam.
AI agents
Agentic AI is the term used for individualized AI agents designed to carry out tasks autonomously. One such task could be to search for publicly available or stolen information about an individual and use that information to compose a very convincing phishing lure.
These agents could also be used to extort victims by matching stolen data with publicly known email addresses or social media accounts, composing messages and sustaining conversations with people who believe a human attacker has direct access to their Social Security number, physical address, credit card details, and more.
Another use we see frequently is AI-assisted vulnerability discovery. These tools are in use by both attackers and defenders. For example, Google uses a project called Big Sleep, which has found several vulnerabilities in the Chrome browser.
Social media
As mentioned in the section on AI agents, combining data posted on social media with data stolen during breaches is a common tactic. Such freely provided data is also a rich harvesting ground for romance scams, sextortion, and holiday scams.
And then there are the vulnerabilities in public AI platforms such as ChatGPT, Perplexity, Claude, and many others. Researchers and criminals alike are still exploring ways to bypass the safeguards intended to limit misuse.
Prompt injection is the general term for when someone inserts carefully crafted input, in the form of an ordinary conversation or data, to nudge or force an AI into doing something it wasn’t meant to do.
Malware campaigns
In some cases, attackers have used AI platforms to write and spread malware. Researchers have documented campaign where attackers leveraged Claude AI to automate the entire attack lifecycle, from initial system compromise through to ransom note generation, targeting sectors such as government, healthcare, and emergency services.
AI is amplifying the capabilities of both defenders and attackers. Security teams can use it to automate detection, spot patterns faster, and scale protection. Cybercriminals, meanwhile, are using it to sharpen social engineering, discover vulnerabilities more quickly, and build end-to-end campaigns with minimal effort.
Looking toward 2026, the biggest shift may not be technical but psychological. As AI-generated content becomes harder to distinguish from the real thing, verifying voices, messages, and identities will matter more than ever.
We don’t just report on threats—we remove them
Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.
You might not know it, given the many headlines focused on new questions about copyright and Generative AI, but the year’s biggest copyright case concerned an old-for-the-internet question: do ISPs have to be copyright cops? After years of litigation, that question is now squarely before the Supreme Court. And if the Supreme Court doesn’t reverse a lower court’s ruling, ISPs could be forced to terminate people’s internet access based on nothing more than mere accusations of copyright infringement. This would threaten innocent users who rely on broadband for essential aspects of daily life.
The Stakes: Turning ISPs into Copyright Police
This issue turns on what courts call “secondary liability,” which is the legal idea that someone can be held responsible not for what they did directly, but for what someone else did using their product or service. The case began when music companies sued Cox Communications, arguing that the ISP should be held liable for copyright infringement committed by some of its subscribers. The Court of Appeals for the Fourth Circuit agreed, adopting a “material contribution” standard for contributory copyright liability (a rule for when service providers can be held liable for the actions of users). Under that standard, providing a service that could be used for infringement is enough to create liability when a customer infringes.
The Fourth Circuit’s rule would have devastating consequences for the public. Given copyright law’s draconian penalties, ISP would be under enormous pressure to terminate accounts whenever they get an infringement notice, whether or not the actual accountholder has infringed anything: entire households, schools, libraries, or businesses that share an internet connection. These would include:
Public libraries, which provide internet access to millions of Americans who lack it at home, could lose essential service.
Universities, hospitals, and local governments could see internet access for whole communities disrupted.
Households—especially in low-income and communities of color, which disproportionately share broadband connections with other people—would face collective punishment for the alleged actions of a single user.
And with more than a third of Americans having only one or no broadband provider, many users would have no way to reconnect.
EFF—along with the American Library Association, the Association of Research Libraries, and Re:Create—filed an amicus brief urging the Court to reverse the Fourth Circuit’s decision, taking guidance from patent law. In the Patent Act, where Congress has explicitly defined secondary liability, there’s a different test: contributory infringement exists only where a product is incapable of substantial non-infringing use. Internet access, of course, is overwhelmingly used for lawful purposes, making it the very definition of a “staple article of commerce” that can’t be liable under the patent framework.
The Supreme Court held a hearing in the case on December 1, and a majority of the justices seemed troubled by the implications of the Fourth Circuit’s ruling. One exchange was particularly telling: asked what should happen when the notices of infringement target a university account upon which thousands of people rely, Sony’s counsel suggested the university could resolve the issue by essentially slowing internet speeds so infringement might be less appealing. It’s hard to imagine the university community would agree that research, teaching, artmaking, library services, and the myriad other activities that rely on internet access should be throttled because of the actions of a few students. Hopefully the Supreme Court won’t either.
We expect a ruling in the case in the next few months. Fingers crossed that the Court rejects the Fourth Circuit’s draconian rule.
This article is part of our Year in Review series. Read other articles about the fight for digital rights in 2025.
By Gauravdeep Singh, Head – State e-Mission Team (SeMT), Ministry of Electronics and Information Technology
The Digital Personal Data Protection (DPDP) Act has fundamentally altered the risk landscape for Indian organisations.
Data breaches now trigger mandatory compliance obligations regardless of their origin, transforming incidents that were once purely operational concerns into regulatory events with significant financial and legal implications.
Case Study 1: Cloud Misconfiguration in a Consumer Platform
A prominent consumer-facing platform experienced a data exposure incident when a misconfigured storage bucket on its public cloud infrastructure inadvertently made customer data publicly accessible. While no malicious actor was involved, the incident still constituted a reportable data breach under the DPDP Act framework.
The organisation faced several immediate obligations:
Notification to affected individuals within prescribed timelines
Formal reporting to the Data Protection Board
Comprehensive internal investigation and remediation measures
Potential penalties for failure to implement reasonable security safeguards as mandated under the Act
Such incidents highlight a critical gap in traditional risk management approaches. The financial exposure—encompassing regulatory penalties, legal costs, remediation expenses, and reputational damage—frequently exceeds conventional cyber insurance coverage limits, particularly when compliance failures are implicated.
Case Study 2: Ransomware Attack on Healthcare and EdTech Infrastructure
A mid-sized healthcare and education technology provider fell victim to a ransomware attack that encrypted sensitive personal records. Despite successful restoration from backup systems, the organisation confronted extensive regulatory and operational obligations:
Forensic assessment to determine whether data confidentiality was compromised
Mandatory notification to regulatory authorities and affected data principals
Ongoing legal and compliance proceedings
The total cost extended far beyond any ransom demand. Forensic investigations, legal advisory services, public communications, regulatory compliance activities, and operational disruption collectively created substantial financial strain, costs that would have been mitigated with appropriate insurance coverage.
Case Study 3: AI-Enabled Fraud and Social Engineering
The emergence of AI-driven attack vectors has introduced new dimensions of cyber risk. Deepfake technology and sophisticated phishing campaigns now enable threat actors to impersonate senior leadership with unprecedented authenticity, compelling finance teams to authorise fraudulent fund transfers or inappropriate data disclosures.
These attacks often circumvent traditional technical security controls because they exploit human trust rather than system vulnerabilities. As a result, organisations are increasingly seeking insurance coverage for social engineering and cyber fraud events, particularly those involving personal data or financial information, that fall outside conventional cybersecurity threat models.
The Evolution of Cyber Insurance in India
The Indian cyber insurance market is undergoing significant transformation in response to the DPDP Act and evolving threat landscape. Modern policies now extend beyond traditional hacking incidents to address:
Data breaches resulting from human error or operational failures
Third-party vendor and SaaS provider security failures
Cloud service disruptions and availability incidents
Regulatory investigation costs and legal defense expenses
Organisations are reassessing their coverage adequacy as they recognise that historical policy limits of Rs. 10–20 crore may prove insufficient when regulatory penalties, legal costs, business interruption losses, and remediation expenses are aggregated under the DPDP compliance framework.
The SME and MSME Vulnerability
Small and medium enterprises represent the most vulnerable segment of the market. While many SMEs and MSMEs regularly process personal data, they frequently lack:
Mature information security controls and governance frameworks
Dedicated compliance and data protection teams
Financial reserves to absorb penalties, legal costs, or operational disruption
For organisations in this segment, even a relatively minor cyber incident can trigger prolonged operational shutdowns or, in severe cases, permanent closure.
Despite this heightened vulnerability, cyber insurance adoption among SMEs remains disproportionately low, driven primarily by awareness gaps and perceived cost barriers.
Implications for the Cyber Insurance Ecosystem
The Indian cyber insurance market is entering a period of accelerated growth and structural evolution. Several key trends are emerging:
Higher policy limits becoming standard practice across industries
Enhanced underwriting processes emphasising compliance readiness and data governance maturity
Comprehensive coverage integrating legal advisory, forensic investigation, and regulatory support
Risk-based pricing models that reward robust data protection practices
Looking ahead, cyber insurance will increasingly be evaluated not merely as a risk-transfer mechanism, but as an indicator of an organisation's overall data protection posture and regulatory preparedness.
DPDP Act and the End of Optional Cyber Insurance
The DPDP Act has fundamentally redefined cyber risk in the Indian context. Data breaches are no longer isolated IT failures; they are regulatory events carrying substantial financial, legal, and reputational consequences. In this environment, cyber insurance is transitioning from a discretionary safeguard to a strategic imperative.
Organisations that integrate cyber insurance into a comprehensive data governance and enterprise risk management strategy will be better positioned to navigate the evolving regulatory landscape.
Conversely, those that remain uninsured or underinsured may discover that the cost of inadequate preparation far exceeds the investment required for robust protection.
(This article reflects the author’s analysis and personal viewpoints and is intended for informational purposes only. It should not be construed as legal or regulatory advice.)
Researchers have found an active campaign aimed at taking over WhatsApp accounts. They’ve called this attack GhostPairing because it tricks the victim into completing WhatsApp’s own device-pairing flow, silently adding the attacker’s browser as an invisible linked device on the account.
Ghost of WhatsApp Past: When it was just you
Device pairing lets WhatsApp users add additional devices to their account so they can read and reply to messages from a laptop or through WhatsApp Web.
Compared to similar platforms, WhatsApp’s main strengths are its strong end-to-end encryption and seamless cross-platform use. But cybercriminals have found a way to abuse that cross-platform use to bypass the encryption.
In the Ghost of WhatsApp Past, everything looks normal. It’s just you and the devices you meant to connect. The same mechanism that makes life easier later gets abused to let in an uninvited guest. And that renders the end-to-end encryption useless when the attacker gains direct access to the account.
Ghost of WhatsApp Present: The “I found your photo” moment
So, all is well. Until the target receives a message along the lines of “Hey, check this, I found your photo!” accompanied by a link.
The link, and the website it leads to, are designed to look like they belong to Facebook (which, like WhatsApp, is owned by Meta).
Image courtesy of Gen Digital
This fake login page provides instructions to log in with their phone number to continue or to verify before viewing the photo. The scammers then use the provided phone number to submit a WhatsApp “device pairing” request for it.
The researchers observed two variants of the attack. One that provides a QR code to scan with WhatsApp on your phone. The other sends a numeric code and tells the user to enter it into WhatsApp to confirm a login.
In the second scenario, the victim opens WhatsApp, sees the pairing prompt, types the code, and believes they are completing a routine verification step, when in fact they have just linked the attacker’s browser as a new device.
This is the attacker’s preferred approach. In the first, the browser-based QR-code occurs on the same device as the WhatsApp QR-code scan—QR codes normally expect a second device—and might give people the chance to think about what’s really going on.
Ghost of WhatsApp Future: When the ghost settles in
With the new access to your WhatsApp account, the criminals can:
Read all your new and synced messages.
Download photos, videos, and voice notes.
Send the same “photo” lure to your contacts and spread the scam.
Impersonate you in direct and group chats.
Harvest messages, images, and other information to use in future scams, social engineering, and extortion.
And they can do much of this before the real account owner notices that something is wrong.
What Scrooge can learn from all this
It’s not the first time scammers have used tricks like these to take over accounts. Facebook has seen many waves of similar scams.
There are a few basic measures you can take to avoid falling for lures like these.
Don’t follow unsolicited links sent to you, even if they’re from an account you trust. Verify with the sender that it’s safe. In some cases, you’ll be helpfully warning them their account is compromised.
Read prompts and notifications. Many of us have trained ourselves to click all the right buttons to get through the flow as quickly as possible without reading what they’re actually doing, but it’s a dangerous habit.
If you have fallen victim to this, here’s what to do.
Tell your WhatsApp contacts that your account may have been abused and not to click any “photo” links or verification requests that might have come from you.
Immediately revoke access: go to Settings → Linked Devices and log out of all browsers and desktops you do not explicitly use. When in doubt, remove everything and re‑link only the devices you own.
We don’t just report on threats – we help protect your social media
In late September, a Spanish military plane carrying the country’s defense minister to a base in Lithuania was reportedly the subject of a kind of attack—not by a rocket or anti-aircraft rounds, but by radio transmissions that jammed its GPS system.
The flight landed safely, but it was one of thousands that have been affected by a far-reaching Russian campaign of GPS interference since the 2022 invasion of Ukraine. The growing inconvenience to air traffic and risk of a real disaster have highlighted the vulnerability of GPS and focused attention on more secure ways for planes to navigate the gauntlet of jamming and spoofing, the term for tricking a GPS receiver into thinking it’s somewhere else.
US military contractors are rolling out new GPS satellites that use stronger, cleverer signals, and engineers are working on providing better navigation information based on other sources, like cellular transmissions and visual data.
But another approach that’s emerging from labs is quantum navigation: exploiting the quantum nature of light and atoms to build ultra-sensitive sensors that can allow vehicles to navigate independently, without depending on satellites. As GPS interference becomes more of a problem, research on quantum navigation is leaping ahead, with many researchers and companies now rushing to test new devices and techniques. In recent months, the US’s Defense Advanced Research Projects Agency (DARPA) and its Defense Innovation Unit have announced new grants to test the technology on military vehicles and prepare for operational deployment.
Tracking changes
Perhaps the most obvious way to navigate is to know where you started and then track where you go by recording the speed, direction, and duration of travel. But while this approach, known in the field as inertial navigation, is conceptually simple, it’s difficult to do well; tiny uncertainties in any of those measurements compound over time and lead to big errors later on. Douglas Paul, the principal investigator of the UK’s Hub for Quantum Enabled Precision, Navigation & Timing (QEPNT), says that existing specialized inertial-navigation devices might be off by 20 kilometers after 100 hours of travel. Meanwhile, the cheap sensors commonly used in smartphones produce more than twice that level of uncertainty after just one hour.
“If you’re guiding a missile that flies for one minute, that might be good enough,” he says. “If you’re in an airliner, that’s definitely not good enough.”
A more accurate version of inertial navigation instead uses sensors that rely on the quantum behavior of subatomic particles to more accurately measure acceleration, direction, and time.
Several companies, like the US-based Infleqtion, are developing quantum gyroscopes, which track a vehicle’s bearing, and quantum accelerometers, which can reveal how far it’s traveled. Infleqtion’s sensors are based on a technique called atom interferometry: A beam of rubidium atoms is zapped with precise laser pulses, which split the atoms into two separate paths. Later, other laser pulses recombine the atoms, and they’re measured with a detector. If the vehicle has turned or accelerated while the atoms are in motion, the two paths will be slightly out of phase in a way the detector can interpret.
Last year the company trialed these inertial sensors on a customized plane flying at a British military testing site. In October of this year, Infleqtion ran its first real-world test of a new generation of inertial sensors that use a steady stream of atoms instead of pulses, allowing for continuous navigation and avoiding long dead times.
A view of Infleqtion’s atomic clock Tiqker.
COURTESY INFLEQTION
Infleqtion also has an atomic clock, called Tiqker, that can help determine how far a vehicle has traveled. It is a kind of optical clock that uses infrared lasers tuned to a specific frequency to excite electrons in rubidium, which then release photons at a consistent, known rate. The device “will lose one second every 2 million years or so,” says Max Perez, who oversees the project, and it fits in a standard electronics equipment rack. It has passed tests on flights in the UK, on US Army ground vehicles in New Mexico, and, in late October, on a drone submarine.
“Tiqker operated happily through these conditions, which is unheard-of for previous generations of optical clocks,” says Perez. Eventually the company hopes to make the unit smaller and more rugged by switching to lasers generated by microchips.
Magnetic fields
Vehicles deprived of satellite-based navigation are not entirely on their own; they can get useful clues from magnetic and gravitational fields that surround the planet. These fields vary slightly depending on the location, and the variations, or anomalies, are recorded in various maps. By precisely measuring the local magnetic or gravitational field and comparing those values with anomaly maps, quantum navigation systems can track the location of a vehicle.
Allison Kealy, a navigation researcher at Swinburne University in Australia, is working on the hardware needed for this approach. Her team uses a material called nitrogen-vacancy diamond. In NV diamonds, one carbon atom in the lattice is replaced with a nitrogen atom, and one neighboring carbon atom is removed entirely. The quantum state of the electrons at the NV defect is very sensitive to magnetic fields. Carefully stimulating the electrons and watching the light they emit offers a way to precisely measure the strength of the field at the diamond’s location, making it possible to infer where it’s situated on the globe.
Kealy says these quantum magnetometers have a few big advantages over traditional ones, including the fact that they measure the direction of the Earth’s magnetic field in addition to its strength. That additional information could make it easier to determine location.
The technology is far from commercial deployment, but Kealy and several colleagues successfully tested their magnetometer in a set of flights in Australia late last year, and they plan to run more trials this year and next. “This is where it gets exciting, as we transition from theoretical models and controlled experiments to on-the-ground, operational systems,” she says. “This is a major step forward.”
Delicate systems
Other teams, like Q-CTRL, an Australian quantum technology company, are focusing on using software to build robust systems from noisy quantum sensors. Quantum navigation involves taking those delicate sensors, honed in the placid conditions of a laboratory, and putting them in vehicles that make sharp turns, bounce with turbulence, and bob with waves, all of which interferes with the sensors’ functioning. Even the vehicles themselves present problems for magnetometers, especially “the fact that the airplane is made of metal, with all this wiring,” says Michael Biercuk, the CEO of Q-CTRL. “Usually there’s 100 to 1,000 times more noise than signal.”
After Q-CTRL engineers ran trials of their magnetic navigation system in a specially outfitted Cessna last year, they used machine learning to go through the data and try to sift out the signal from all the noise. Eventually they found they could track the plane’s location up to 94 times as accurately as a strategic-grade conventional inertial navigation system could, according to Biercuk. They announced their findings in a non-peer-reviewed paper last spring.
In August Q-CTRL received two contracts from DARPA to develop its “software-ruggedized” mag-nav product, named Ironstone Opal, for defense applications. The company is also testing the technology with commercial partners, including the defense contractors Northrop Grumman and Lockheed Martin and Airbus, an aerospace manufacturer.
An illustration showing the placement of Q-CTRL’s Ironstone Opal in a drone.
COURTESY Q-CTRL
“Northrop Grumman is working with Q-CTRL to develop a magnetic navigation system that can withstand the physical demands of the real world,” says Michael S. Larsen, a quantum systems architect at the company. “Technology like magnetic navigation and other quantum sensors will unlock capabilities to provide guidance even in GPS-denied or -degraded environments.”
Now Q-CTRL is working on putting Ironstone Opal into a smaller, more rugged container appropriate for deployment; “Ironstone Opal’s first deployment was, and looked like, a science experiment,” says Biercuk. He anticipates delivering the first commercial units next year.
Sensor fusion
Even as quantum navigation emerges as a legitimate alternative to satellite-based navigation, the satellites themselves are improving. Modern GPS III satellites include new civilian signals called L1C and L5, which should be more accurate and harder to jam and spoof than current signals. Both are scheduled to be fully operational later this decade.
US and allied military users are intended to have access to far hardier GPS tools, including M-code, a new form of GPS signal that is rolling out now, and Regional Military Protection, a focused GPS beam that will be restricted to small geographic areas. The latter will start to become available when the GPS IIIF generation of satellites is in orbit, with the first scheduled to go up in 2027. A Lockheed Martin spokesperson says new GPS satellites with M-code are eight times as powerful as previous ones, while the GPS IIIF model will be 60 times as strong.
Other plans involve using navigation satellites in low Earth orbit—the zone inhabited by SpaceX’s internet-providing Starlink constellation—rather than the medium Earth orbit used by GPS. Since objects in LEO are closer to Earth, their signals are stronger, which makes them harder to jam and spoof. LEO satellites also transit the sky more quickly, which makes them harder still to spoof and helps GPS receivers get a lock on their position faster. “This really helps for signal convergence,” says Lotfi Massarweh, a satellite navigation researcher at Delft University of Technology, in the Netherlands. “They can get a good position in just a few minutes. So that is a huge leap.”
Ultimately, says Massarweh, navigation will depend not only on satellites, quantum sensors, or any other single technology, but on the combination of all of them. “You need to think always in terms of sensor fusion,” he says.
The navigation resources that a vehicle draws on will change according to its environment—whether it’s an airliner, a submarine, or an autonomous car in an urban canyon. But quantum navigation will be one important resource. He says, “If quantum technology really delivers what we see in the literature—if it’s stable over one week rather than tens of minutes—at that point it is a complete game changer.”
This story was updated to better reflect the current status of Ironstone Opal.
Ford Motor said the costs came from its decision to make fewer electric vehicles than it had planned and more hybrids that use both gasoline engines and batteries.
This is the story of the world’s worst scam and how it is being used to fuel entire underground economies that have the power to rival nation-states across the globe. This is the story of “pig butchering.”
“Pig butchering” is a violent term that is used to describe a growing type of online investment scam that has ruined the lives of countless victims all across the world. No age group is spared, nearly no country is untouched, and, if the numbers are true, with more than $6.5 billion stolen in 2024 alone, no scam might be more serious today, than this.
Despite this severity, like many types of online fraud today, most pig-butchering scams start with a simple “hello.”
Sent through text or as a direct message on social media platforms like X, Facebook, Instagram, or elsewhere, these initial communications are often framed as simple mistakes—a kind stranger was given your number by accident, and if you reply, you’re given a kind apology and a simple lure: “You seem like such a kind person… where are you from?”
Here, the scam has already begun. Pig butchers, like romance scammers, build emotional connections with their victims. For months, their messages focus on everyday life, from family to children to marriage to work.
But, with time, once the scammer believes they’ve gained the trust of their victim, they launch their attack: An investment “opportunity.”
Pig butchers tell their victims that they’ve personally struck it rich by investing in cryptocurrency, and they want to share the wealth. Here, the scammers will lead their victims through opening an entirely bogus investment account, which is made to look real through sham websites that are littered with convincing tickers, snazzy analytics, and eye-popping financial returns.
When the victims “invest” in these accounts, they’re actually giving money directly to their scammers. But when the victims log into their online “accounts,” they see their money growing and growing, which convinces many of them to invest even more, perhaps even until their life savings are drained.
This charade goes on as long as possible until the victims learn the truth and the scammers disappear. The continued theft from these victims is where “pig-butchering” gets its name—with scammers fattening up their victims before slaughter.
Today, on the Lock and Code podcast with host David Ruiz, we speak with Erin West, founder of Operation Shamrock and former Deputy District Attorney of Santa Clara County, about pig butchering scams, the failures of major platforms like Meta to stop them, and why this global crisis represents far more than just a few lost dollars.
“It’s really the most compelling, horrific, humanitarian global crisis that is happening in the world today.”
Login
