The Bold Plan to Create Cyber 311 Hotlines

UT-Austin will join a growing movement to launch cybersecurity clinics for cities and small businesses that often fall through the cracks.

Apple Expands Its On-Device Nudity Detection to Combat CSAM

Instead of scanning iCloud for illegal content, Apple’s tech will locally flag inappropriate images for kids. And adults are getting an opt-in nudes filter too.

Hacks Against Ukraine's Emergency Response Services Rise During Bombings

Data from Cloudflare's free digital defense service, Project Galileo, illuminates new links between online and offline attacks.

Inside 4chan’s Top-Secret Moderation Machine

Internal company documents reveal how the imageboard’s chaotic moderation allowed racism and violence to take over.

AI Is Being Used to ‘Turbocharge’ Scams

Plus: Amazon’s Ring was ordered to delete algorithms, North Korea’s failed spy satellite, and a rogue drone “attack” isn’t what it seems.

Kaspersky Says New Zero-Day Malware Hit iPhones—Including Its Own

On the same day, Russia’s FSB intelligence service launched wild claims of NSA and Apple hacking thousands of Russians.

Millions of Gigabyte Motherboards Were Sold With a Firmware Backdoor

Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

Netflix’s Password-Sharing Crackdown Has Hit the US

TikTok user data is exposed to Chinese ByteDance employees, a screen recording app goes rogue in Google Play, and privacy groups want Slack to expand encryption.

Chinese Labs Are Selling Fentanyl Ingredients for Millions in Crypto

And it's happening in plain sight.

There’s Finally a Way to Improve Cloud Container Registry Security

“Container registries” are ubiquitous software clearinghouses, but they’ve been exposed for years. Chainguard says it now has a solution.

A TikTok ‘Car Theft’ Challenge Is Costing Hyundai $200 Million

Plus: The FBI gets busted abusing a spy tool, an ex-Apple engineer is charged with corporate espionage, and collection of airborne DNA raises new privacy risks.

A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

Kaspersky researchers have uncovered clues that further illuminate the hackers’ activities, which appear to have begun far earlier than originally believed.

The US Post Office Is Spying on the Mail. Senators Want to Stop It

The USPS carries out warrantless surveillance on thousands of parcels every year. Lawmakers want it to end—right now.

ChatGPT Scams Are Infiltrating Apple's App Store and Google Play

An explosion of interest in OpenAI’s sophisticated chatbot means a proliferation of “fleeceware” apps that trick users with sneaky in-app subscriptions.

Toyota Leaked Vehicle Data of 2 Million Customers

The FBI disables notorious Russia-linked malware, the EU edges toward a facial recognition ban, and security firm Dragos has an intrusion of its own.

A Republican-Led Lawsuit Threatens Critical US Cyber Protections

Three states are suing to block security rules for water facilities. If they win, it may open the floodgates for challenges to other cyber rules.

A Mysterious New Hacker Group, Red Stinger, Is Lurking in Ukraine’s Cyberspace

The unidentified attackers have targeted people on both sides of Russia’s war against Ukraine, carrying out espionage operations that suggest state funding.

Russian ‘Ghost Ships’ Identified Near the Nord Stream Blasts

Plus: Apple and Google plan to stop AirTag stalking, Meta violated the FTC’s privacy order, and how to tell if your car is tracking you.

Meta Moves to Counter New Malware and Repeat Account Takeovers

The company is adding new tools as bad actors use ChatGPT-themed lures and mask their infrastructure in an attempt to trick victims and elude defenders.

Google Is Rolling Out Passkeys, the Password-Killing Tech, to All Accounts

The tech industry’s transition to passkeys gets its first massive boost with the launch of the alternative login scheme for Google’s billions of users.

American College of Pediatricians Leak Exposes 10,000 Confidential Files

A Google Drive left public on the American College of Pediatricians’ website exposed detailed financial records, sensitive member details, and more.

Cops Just Revealed a Record-Breaking Dark Web Dragnet

Operation SpecTor likely drew on leads from multiple dark web market busts, including the secret takedown of Monopoly Market in 2021.

The Tragic Fallout From a School District’s Ransomware Breach

Plus: Cyber Command’s disruption of Iranian election hacking, an exposé on child sex trafficking on Meta’s platforms, and more.

DOJ Detected SolarWinds Breach Months Before Public Disclosure

In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.

Intel Let Google Cloud Hack Its New Secure Chips and Found 10 Bugs

To protect its Confidential Computing cloud infrastructure and gain critical insights, Google leans on its relationships with chipmakers.

The War on Passwords Enters a Chaotic New Phase

The transition from traditional logins to cryptographic passkeys is getting messy. But don’t worry—there’s a plan.

Used Routers Often Come Loaded With Corporate Secrets

More than half of the enterprise routers researchers bought secondhand hadn’t been wiped, exposing sensitive info like login credentials and customer data.

Chinese Cops Ran Troll Farm and Secret NY Police Station, US Says

Three criminal cases detail China's alleged attempts to extend its security forces' influence online—and around the globe.

ICE Records Reveal How Agents Abuse Access to Secret Data

Documents obtained by WIRED detail hundreds of investigations by the US agency into alleged database misuse that includes harassment, stalking, and more.

Security Roundup: Leak of Top-Secret US Intel Risks a New Wave of Mass Surveillance

Plus: Hackers claim to have stolen 10 TB from Western Digital, a new spyware has emerged, and WhatsApp gets a fresh security feature.

Leaked Pentagon Documents May Herald a New Era of Revelations

The bizarre release of sensitive US government materials soon after their creation signals a potential shift to near-real-time unauthorized disclosures.

LinkedIn Verification Now Lets You Verify Your Job and Account

To beat back fake accounts, the professional social network is rolling out new tools to prove you work where you say you do and are who you say you are.

Pinduoduo, a Top Chinese Shopping App, Is Laced With Malware

Plus: 119 arrested during a sting on the Genesis dark-web market, the IRS aims to buy an online mass surveillance tool, and more.

Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms

North Korean hackers appear to have used the corrupted VoIP software to go after just a handful of crypto firms with “surgical precision.”

ICE Is Grabbing Data From Schools and Abortion Clinics

An agency database WIRED obtained reveals widespread use of so-called 1509 summonses that experts say raises the specter of potential abuse.

Mullvad VPN and Tor Project Create New Privacy-Focused Mullvad Browser

Mullvad Browser, a collaboration between the nonprofit and Mullvad VPN, offers an anti-tracking browser designed to be used with a VPN.

‘Vulkan’ Leak Offers a Peek at Russia’s Cyberwar Playbook

Plus: A major new supply chain attack, Biden’s spyware executive order, and a hacking campaign against Exxon’s critics.

North Korea Is Now Mining Crypto to Launder Its Stolen Loot

A spy group working for the Kim regime has been feeding stolen coins into crypto mining services in an effort to throw tracers off their trail.

Crypto Was Afraid to Show Its Face at SXSW 2023

Any mention of crypto was deliberately veiled at this year’s festival. And that strategy might catch on.

India Shut Down Mobile Internet in Punjab Amid Manhunt for Amritpal Singh

Plus: The “Clop” gang's ransomware spree, the DC Health Link breach comes into focus, and more.

Bug in Google Markup, Windows Photo-Cropping Tools Exposes Removed Image Data

Image-editing tools from Google and Microsoft contain the “aCropalypse” bug, which can reveal information users intentionally removed.

Security News This Week: Ring Is in a Standoff With Hackers

Plus: A SpaceX supplier ransom, critical vulnerabilities in dozens of Android phones, and more.

AI-Generated Voice Deepfakes Aren’t Scary Good—Yet

The threat of scammers using voice deepfakes in their cons is real, but researchers say old-school voice-impersonation attacks are still the more pressing concern.

The World’s Real ‘Cybercrime’ Problem

From US state laws to the international stage, definitions of “cybercrime” remain vague, broad, and increasingly entrenched in our legal systems.

How a Catholic Group Doxed Gay Priests

Plus: A data breach exposes Washington, Ring camera footage has a new problem, and the George Santos scandal slips into the world of cybercrime.

‘Pig Butchering’ Scams Are Now a $3 Billion Threat

The FBI’s latest Internet Crime Report highlights the stunning rise of investment-themed crimes over the past 18 months.

The FBI Just Admitted It Bought US Location Data

Rather than obtaining a warrant, the bureau purchased sensitive data—a controversial practice that privacy advocates say is deeply problematic.

A Privacy Hero's Final Wish: An Institute to Redirect AI's Future

Peter Eckersley did groundbreaking work to encrypt the web. After his sudden death, a new organization he founded is carrying out his vision to steer artificial intelligence toward “human flourishing.”

The LastPass Hack Somehow Gets Worse

Plus: The US Marshals disclose a “major” cybersecurity incident, T-Mobile has gotten pwned so much, and more.

Security News This Week: Sensitive US Military Emails Exposed

Plus: Iran’s secret torture black sites, hacking a bank account with AI-generated voice, and Lance Bass’ unhinged encounter in Russia.

Ukraine Suffered More Wiper Malware in 2022 Than Anywhere, Ever

As Russia has accelerated its cyberattacks on its neighbor, it's barraged the country with an unprecedented volume of different data-destroying programs.

How to Protect Yourself From Twitter’s 2FA Crackdown

Twitter is disabling SMS-based two-factor authentication. Switch to these alternatives to keep your account safe.

Twitter’s Two-Factor Authentication Change ‘Doesn't Make Sense’

The company will soon require users to pay for a Twitter Blue subscription to get sign-in codes via SMS. Security experts are baffled.

Hackers Ran Amok Inside GoDaddy for Nearly 3 Years

Plus: The FBI got (at least a little bit) hacked, an election-disruption firm gets exposed, Russia mulls allowing “patriotic hacking,” and more.

Crypto Buyers Beware: 1 in 4 New Tokens of Any Value Is a Scam

And according to tracing firm Chainalysis, one very prolific scammer ran at least 264 of those scams in 2022 alone.

The East Palestine, Ohio Train Derailment Created a Perfect TikTok Storm

The social media platform helped push the story into the mainstream while also fueling misinformation and conspiracy theories.

US Border Protection Is Finally Able to Check E-Passport Data

After 16 years, the agency has implemented the software to cryptographically verify digital passport data—and it’s already caught a dozen alleged fraudsters.

The More You Look for Spy Balloons, the More UFOs You’ll Find

No, there’s not a sudden influx of unidentified objects in the skies above the US—but the government is paying closer attention.

Russia’s Ransomware Gangs Are Being Named and Shamed

Members of the Trickbot and Conti cybercrime gangs have been sanctioned in an unprecedented wave of action against the country’s hackers.

Googling for Software Downloads Is Extra Risky Right Now

Plus: The FTC cracks down on GoodRx, Microsoft boots “verified” phishing scammers, researchers disclose EV charger vulnerabilities, and more.