Amid horrific threats from United States president Donald Trump because the US and Iran negotiated a ceasefire, the US authorities warned this week that Iran-linked hackers have been carrying out attacks in opposition to US power and water infrastructure targets. With almost one in 5 folks in Lebanon displaced by Israeli assaults, the federal government is attempting to manage the crisis with out fashionable digital infrastructure and an emergency system that’s barely hanging on. Plus, a WIRED evaluation checked out Syrian government account hijacks in March and the inadequacies they expose in Syria’s baseline cybersecurity defenses.
Amid rising fears of political violence, a WIRED investigation discovered that US political candidates are spending more on securitytogether with buying tools like residence alarms and bulletproof vests. And up to date analysis taking a look at Telegram teams discovered that males are sharing thousands of nonconsensual images of women and girlsbuying adware to make use of in opposition to their wives and pals, and fascinating in doxing and sexual abuse. In the meantime, as governments scramble to handle rising industrial scamming originating from Southeast Asia, China has emerged as the biggest enforcerbut additionally a selective one, leading to crime syndicates shifting their focus overseas to keep away from Chinese language targets.
Anthropic formally announced its new Claude Mythos Preview model this week and stated that for now it would solely make the mannequin out there to a choose group of some dozen main tech and monetary organizations, together with Apple, Microsoft, Google, and the Linux Basis. The consortium, dubbed Challenge Glasswing, will discover Mythos Preview’s superior hacking and different cybersecurity capabilities and assess the perfect methods to enhance software program and {hardware} defenses earlier than capabilities like those in Mythos Preview proliferate extra broadly throughout different fashions and inevitably find yourself within the palms of attackers. The bulletins sparked controversy about whether or not Mythos Preview and comparable capabilities will actually be as consequential for cybersecurity as Anthropic says. Specialists informed WIRED that whereas it might not be a dramatic disaster, it will be significant for defenders to return collectively and use their early entry to make adjustments in how software program is developed and the way organizations around the globe spend money on patching.
Lastly, a WIRED investigation discovered that nonprofit groups linked to Customs and Border Protection facilities have been promoting problem cash that celebrated the Trump administration’s immigration raids, together with one coin that depicted Charlotte’s Internet characters in riot gear.
And there’s extra. Every week, we spherical up the safety and privateness information we didn’t cowl in depth ourselves. Click on the headlines to learn the total tales. And keep secure on the market.
The FBI lately acquired its palms on copies of encrypted Sign messages being despatched to a defendant’s iPhone as a result of the contents of these messages have been included in push notifications, 404 Media reviews. Despite the fact that Sign had been faraway from the cellphone previous to it being seized by the FBI, the notifications nonetheless lived on within the cellphone’s inner reminiscence.
The difficulty affects all apps that ship push notifications, not simply Sign, however customers of that app can regulate their settings to not present the content material of a message or the title of the sender in push notifications. To regulate your settings for notifications going ahead, open Sign and go to Settingsthen Notificationsand alter the choice to Title Solely or No Title or Content material.
Regardless of the tenuous and contested ceasefire enacted within the US-Israel battle with Iran, tens of hundreds of thousands of bizarre Iranians are nonetheless with out common and dependable web connectivity. The regime-imposed web blackout, which began through the first hours of the battle on February 28, is now reaching the 1,000 hour level, in line with internet monitoring group NetBlocks. In current weeks, the internet shutdown has become the longest in Iranian history and one of many longest worldwide—depriving Iranians of correct information concerning the battle, stopping them contacting household and family members, and inflicting additional financial hurt to the nation. US-based Iranian digital rights mission Filter Watch has detailed how the Iranian regime, whereas being bombarded through the battle, has labeled anti-censorship instruments as “malicious” and claimed to have arrested people utilizing Starlink web connections to get across the block.
The FBI’s annual web crime report usually paints a bleak image: year-on-year, the variety of cybercrime reviews will increase and the sum of money misplaced by People shoots up. Sadly, 2025 was no completely different. Final yr, in line with the FBI’s annual reportlosses reported to the Web Crime Grievance Heart topped $20 billion—a rise of 26 % in comparison with 2024. Greater than half of those reported losses ($11.3 billion) have been linked to cryptocurrency scams, typically by means of fraudulent investment schemesin line with the FBI. Enterprise e-mail compromise, tech and buyer assist scams, private information breaches, and confidence or romance scams, make up the opposite most typical crime reviews. Crimes mentioning AI led to $893 million in losses.
Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, permitting enterprise customers to compose and skim E2EE messages natively on cell for the primary time with out separate apps or mail portals required. Encrypted emails seem as commonplace threads within the Gmail app for recipients utilizing Gmail, whereas these on different suppliers can entry them through a safe browser view. This rollout builds on the client-side encryption mannequin launched to Google Workspace net customers in April 2025, the place messages are encrypted with customer-controlled keys, stopping Google from accessing their contents. The strategy is especially interesting for organizations with strict compliance necessities, together with HIPAA, export controls, and information sovereignty rules.
Entry, nevertheless, stays restricted: The characteristic is accessible solely to Google Workspace Enterprise Plus prospects with the Assured Controls or Assured Controls Plus add-on, and isn’t supported for private Gmail accounts. Directors should additionally explicitly enable the Android and iOS purchasers within the admin interface earlier than eligible customers can entry the characteristic, which is off by default. Finish customers then toggle encryption per-message by tapping the lock icon and deciding on “Further encryption,” mirroring the net workflow. The rollout is accessible instantly to each Rapid Release and Scheduled Release domains.
