惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

博客园_首页
The GitHub Blog
The GitHub Blog
美团技术团队
Know Your Adversary
Know Your Adversary
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The Register - Security
The Register - Security
Stack Overflow Blog
Stack Overflow Blog
Attack and Defense Labs
Attack and Defense Labs
G
Google Developers Blog
I
InfoQ
博客园 - 司徒正美
T
Troy Hunt's Blog
Google DeepMind News
Google DeepMind News
J
Java Code Geeks
MongoDB | Blog
MongoDB | Blog
博客园 - 聂微东
A
About on SuperTechFans
云风的 BLOG
云风的 BLOG
S
Security Affairs
M
MIT News - Artificial intelligence
Simon Willison's Weblog
Simon Willison's Weblog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
T
Tailwind CSS Blog
量子位
Vercel News
Vercel News
月光博客
月光博客
V
Vulnerabilities – Threatpost
N
News and Events Feed by Topic
Hugging Face - Blog
Hugging Face - Blog
酷 壳 – CoolShell
酷 壳 – CoolShell
L
LangChain Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
L
LINUX DO - 最新话题
F
Full Disclosure
The Hacker News
The Hacker News
Hacker News: Ask HN
Hacker News: Ask HN
T
Tor Project blog
A
Arctic Wolf
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Forbes - Security
Forbes - Security
IT之家
IT之家
Apple Machine Learning Research
Apple Machine Learning Research
B
Blog
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Y
Y Combinator Blog
GbyAI
GbyAI
B
Blog RSS Feed
V
Visual Studio Blog
T
The Blog of Author Tim Ferriss
F
Fortinet All Blogs

Security Latest

Dialog Claims It Was Hacked. A Misconfigured Website Left Its Members Exposed OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos World Cup Scams Are Getting Harder to Spot A Critical Deadline Is Approaching for Windows and Linux Security Hackers Claim to Leak Stolen Madison Square Garden Data How the Peter Thiel-Linked Dialog Club Secretly Ranks Its Members How to Watch the Knicks Parade on NYC Traffic Surveillance Cameras The UK Will Scan Asylum-Seekers’ Faces for Age Checks—Despite Knowing the Tech Is Flawed Leak Exposes Members of Peter Thiel’s Secretive ‘Dialog’ Society ‘Dangerous’ AI Models Are Coming No Matter What Meta Tapped a Pentagon Supplier to Prototype Face Recognition for Its Glasses The FCC Wants to Kill Burner Phones Grok Is Still Hosting Sexualized Deepfakes of Famous Women Drug Sites Hijacked Spotify’s Search Ranking Through Fake Podcasts Signal Alums Reveal ‘Encrypted Spaces,’ a System for Making Private Collaboration Apps CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats Trump Risks Key Surveillance Authority Over ‘Unqualified’ Spy-Chief Pick Wrongful Arrest Exposes Failures in One of the Oldest Police Face-Recognition Tools in the US Soccer Fans, You’re Being Watched Mapping Every Flock License Plate Reader Near US World Cup Stadiums Amnesty International Warns That World Cup Fans Face Potential Human Rights Violations Anthropic Offers Mythos Upgrade for Cyber Partners and a ‘Safe’ Version for the Rest of You Meta Deletes Face-Recognition System From Its Smart Glasses App After WIRED Report All the Ways Europe Is Ditching American Technology Crypto-Funded Chinese Peptide Labs Are Booming Meta Silently Added Face-Recognition Code for Its Smart Glasses to Millions of Phones xAI Asks Court to Strip Alleged Grok Deepfake Nudes Victims of Anonymity Android Is Fighting Phone Scams With a New Feature to Prove Who’s Calling The Manhattan Institute Helped Kill DEI. Now It’s Coming for Protests The Romance Scammer Who Made a Small Fortune Posing as a WWE Superstar Websites Can Now Spy on You Through Your Hard Drive Cybercrime Crew Claims It Hacked Mike Lindell’s MyPillow The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens The Pentagon Knew Enemies Could Track Troops’ Phones for Years. Now They Are Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks Internet Starts to Return in Iran After 3-Month Blackout US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows The AI Era Is Creating a Bug-Hunting Arms Race The FBI Wants ‘Near Real-Time’ Access to US License Plate Readers ‘Creepy’ Listening Tool for Targeted Ads Didn’t Actually Work, FTC Says A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale The EU Is Going Through a Trump-Fueled Breakup With Big Tech A Bipartisan Amendment Would End Police License Plate Tracking Nationwide Madison Square Garden Bans Lawyer Representing New York Cop Injured at a Boxing Match Data Brokers’ and AI Firms’ Opt-Out Forms Are Built to Fail, Report Finds You Can Get Some of Your Nudes Removed From the Internet Under a New Law An ICE Firearms Trainer Was Involved in At Least 4 Deadly Shootings Cybercriminal Twins Caught After They Forgot to Turn Off Microsoft Teams Recording Your iPhone Gets Stolen. Then the Hacking Begins DHS Plans Experiment Running ‘Reconnaissance’ Drones Along the US-Canada Border WhatsApp Adds Meta AI Chats That Are Built to Be Fully Private Foxconn Ransomware Attack Shows Nothing Is Safe Forever Iran Is Using Tiny ‘Mosquito’ Boats to Shut Down the Strait of Hormuz Hackable Robot Lawn Mower Unlocks a New Nightmare You Can Disable Gemini in Chrome if It’s Freaking You Out Cybercriminals Are Complaining About AI Slop Flooding Their Forums DHS Demanded Google Surrender Data on Canadian’s Activity, Location Over Anti-ICE Posts Disneyland Now Uses Face Recognition on Visitors OpenAI Rolls Out ‘Advanced’ Security Mode for At-Risk Accounts Exposed Data Illustrates the Nightmare Scenario for a Stalkerware Victim The Race Is on to Keep AI Agents From Running Wild With Your Credit Cards California Engineer Identified in Suspected Shooting at White House Correspondents Dinner Discord Sleuths Gained Unauthorized Access to Anthropic’s Mythos Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet AI Tools Are Helping Mediocre North Korean Hackers Steal Millions Mozilla Used Anthropic’s Mythos to Find and Fix 271 Bugs in Firefox Meta Is Sued Over Scam Ads on Facebook and Instagram They Built a Legendary Privacy Tool. Now They’re Sworn Enemies The Weird, Twisting Tale of How China Spied on Alysa Liu and Her Dad It Takes 2 Minutes to Hack the EU’s New Age-Verification App Republican Mutiny Sinks Trump's Push to Extend Warrantless Surveillance The Shocking Secrets of Madison Square Garden’s Surveillance Machine Europe’s Online Age Verification App Is Here The Deepfake Nudes Crisis in Schools Is Much Worse Than You Thought In the Wake of Anthropic’s Mythos, OpenAI Has a New Cybersecurity Model—and Strategy Telegram Is Still Hosting a Sanctioned $21 Billion Crypto Scammer Black Market The FCC Has a Fast Lane for Complaints About Trump’s Media Critics Meta Is Warned That Facial Recognition Glasses Will Arm Sexual Predators The Dumbest Hack of the Year Exposed a Very Real Problem Your Push Notifications Aren’t Safe From the FBI How the Internet Broke Everyone’s Bullshit Detectors Anthropic’s Mythos Will Force a Cybersecurity Reckoning—Just Not the One You Think Politicians Are Spending More Money on Security as They Increasingly Become Targets ‘We Were Not Ready for This’: Lebanon's Emergency System Is Hanging by a Thread Men Are Buying Hacking Tools to Use Against Their Wives and Friends Iran-Linked Hackers Are Sabotaging US Energy and Water Infrastructure Anthropic Teams Up With Its Rivals to Keep AI From Hacking Everything Border Patrol Agents Sold Challenge Coins With ‘Charlotte’s Web’ Characters in Riot Gear Hackers Are Posting the Claude Code Leak With Bonus Malware Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards ‘Uncanny Valley’: Iran’s Threats on US Tech, Trump’s Plans for Midterms, and Polymarket’s Pop-up Flop What Happens When a Nuclear Site Is Hit? Unmasking the Paramilitary Agents Behind Trump’s Violent Immigration Crackdown Apple Will Push Out Rare ‘Backported’ Patches to Protect iOS 18 Users From DarkSword Hacking Tool Iran Threatens to Start Attacking Major US Tech Firms on April 1 The US Military’s GPS Software Is an $8 Billion Mess The Broken System That Keeps Shipping Crews Stranded in the Strait of Hormuz Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s How Trump’s Plot to Grab Iran's Nuclear Fuel Would Actually Work
LastPass Users Had Their Data Stolen—Again
Lily Hay Newman · 2026-06-27 · via Security Latest

A WIRED investigation this week offers insight into a predictive policing program in Bristol, England that has involved 23 separate models over more than a decade, intended to score the likelihood of specific individuals will perpetrate or be victims of different crimes. The investigation draws on data from public records requests and other reporting to reveal a messy law enforcement apparatus that has real implications for the community—but that most people in the area know nothing about.

After the identities of members of Peter Thiel’s private “Dialog” group were exposed last week, the organization claimed that a “criminal” hacker was behind the breach. But evidence shows that members’ personal information—including that of a White House intelligence official and an active-duty special operations officer—was publicly accessible and likely exposed as the result of a Dialog website misconfiguration.

As Anthropic and the White House continued to negotiate a path for its latest Claude Mythos 5 and Fable 5 models, the company’s critics pointed out that Anthropic seems to be rapidly accumulating power—a strategy that the company says is necessary for AI safety and responsible development. On Friday evening, the White House gave Anthropic permission to make Mythos 5 available again to a select group of US companies and government agencies.

Amid the turmoil, OpenAI this week launched an improved version of its limited-release GPT-5.5-Cyber model as well as a full-scale effort—“Patch the Planet”—to support open source projects on vulnerability patching and other security issues as AI accelerates bug discovery as well as exploit development. And as the AI arms race between China and the US escalates, WIRED met with a slew of China’s top AI experts and found that both sides are worried about the threat of a “Chernobyl moment.”

Meanwhile, as the World Cup knockout stage approaches, scams related to the massive soccer tournament are getting harder to spot.

And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there

LastPass Suffers Yet Another Compromise Resulting From a Partner Breach

The password manager LastPass has had a string of significant data breaches over the years, and now there’s one more to add to the list. This week, the company informed customers of a breach that included names, phone numbers, email addresses, physical addresses, support case data, and sales-related data. The attack was the result of a breach at the AI business intelligence firm Klue. Attackers compromised access tokens for Klue customers, including LastPass, and then used them to grab data from Salesforce and other integrated platforms. LastPass emphasized that the situation was not a breach of its own infrastructure and did not affect password vaults.

“We recommend that customers remain vigilant of potential phishing attacks or social engineering attempts, which could leverage exposed contact details,” LastPass wrote in its customer notification. “Always exercise caution regarding unsolicited communications, including emails, phone calls, or requests for sensitive information.”

Former Trump Adviser John Bolton Pleads Guilty in Case Over Retaining Classified Data

John Bolton, a former national security adviser, pleaded guilty on Friday to a single count concerning mishandling and illegal retention of classified defense information. Bolton, 77, struck a plea deal that could allow him to avoid prison time, though the agreement recommends a prison sentence of no more than five years. US District Judge Theodore Chuang in Maryland will make the determination about sentencing at a hearing scheduled for October 28. Bolton served in the first Trump administration but subsequently became a prominent critic of President Donald Trump. As part of the deal, Bolton also agreed to pay a fine of $2.25 million, but he can withdraw his guilty plea if Chuang decides on a bigger fine or longer prison sentence than what the deal recommends.

Europol, Microsoft, and Others Disrupt Widely Used Infostealers Facilitating Cybercrime

Microsoft, Europol, and other partners announced on Wednesday that they disrupted infrastructure of the Amadey and StealC infostealers, malware that is central to the cybercriminal ecosystem. The work was part of Operation Endgame, which targets platforms and tools facilitating ransomware and other cybercrime. The action involved identifying, mapping, and then seizing and taking down malware infrastructure, including actions against 326 servers and 142 domains. The operation flagged about $47 million worth of stolen cryptocurrency and recovered up to 27 million stolen access credentials. Microsoft emphasized that the action was enabled by innovative techniques including AI-assisted analysis that showed Amadey and StealC were relying on the same backend infrastructure and could be targeted together.

Australia Found Nation-State Hackers Inside Critical Infrastructure, Ready to Sabotage

Australia’s Security and Intelligence Organisation (ASIO) said this week that it is establishing teams focused on countering nation-state cyberattacks on critical infrastructure after finding actors inside the country’s systems. “We discovered nation-state hackers had compromised the network of an Australian critical infrastructure provider,” ASIO’s director general, Mike Burgess, said in remarks on Wednesday. “ASIO assessed the hackers were preparing for sabotage. … They were mapping out the network and maintaining access so they could cripple it at a time of their choosing.”

Burgess spoke alongside the release of ASIO’s annual threat assessment. “In this case, a state-sponsored group didn’t just achieve access to the Australian critical infrastructure provider, it successfully acquired credentials—login details and passwords—for active users of the networks, including the IT professionals guarding it,” he added.