fa
Feedback
International Cyber Digest

International Cyber Digest

رفتن به کانال در Telegram

Independent reporting on cybersecurity, tech, AI & digital policy. Got a tip? http://internationalcyberdigest.com/tips

نمایش بیشتر
6 270
مشترکین
+924 ساعت
+417 روز
+54330 روز

در حال بارگیری داده...

کانال‌های مشابه
هیچ داده‌ای
مشکلی وجود دارد؟ لطفاً صفحه را تازه کنید یا با مدیر پشتیبانی ما تماس بگیرید.
اشارات ورودی و خروجی
---
---
---
---
---
---
جذب مشترکین
ژوئیه '26
ژوئیه '26
+272
در 20 کانال‌ها
ژوئن '26
+957
در 14 کانال‌ها
Get PRO
مه '26
+421
در 16 کانال‌ها
Get PRO
آوریل '26
+1 525
در 16 کانال‌ها
Get PRO
مارس '26
+3 421
در 11 کانال‌ها
تاریخ
رشد مشترکین
اشارات
کانال‌ها
15 ژوئیه+2
14 ژوئیه+13
13 ژوئیه+24
12 ژوئیه+3
11 ژوئیه+2
10 ژوئیه+7
09 ژوئیه+10
08 ژوئیه+7
07 ژوئیه+13
06 ژوئیه+8
05 ژوئیه+10
04 ژوئیه+18
03 ژوئیه+27
02 ژوئیه+30
01 ژوئیه+98
پست‌های کانال
‼️ Meta is accused of using its AI to flag employees with disabilities or on medical leave for layoffs. 26 Meta workers are n
+1
‼️ Meta is accused of using its AI to flag employees with disabilities or on medical leave for layoffs. 26 Meta workers are now suing to block their own cuts. Per the complaint, Meta scored staff on productivity and AI token usage, metrics you cannot rack up while on protected leave. Filed in Oakland federal court, the suit also invokes new California and NYC laws requiring bias testing of AI employment tools. Meta denies it, telling that people, not AI, made the layoff decisions.

2
‼️ BREAKING: Dutch and Belgian police have dismantled an international crypto investment fraud network run like a company: ro+2
‼️ BREAKING: Dutch and Belgian police have dismantled an international crypto investment fraud network run like a company: roughly 20 call centers, 700+ "employees" and an estimated take of more than €100 million per month. Six suspects have been arrested across Poland, Cyprus, Belgium and Greece. One of the lead suspect is named only as "Ehud T.", a 46-year-old Israeli-Polish national accused of building the network's technical backbone. The combination of first name, age and hacking history points strongly to infamous Israeli hacker Ehud Tenenbaum aka "The Analyzer" of the 1998 Solar Sunrise Pentagon intrusions. The Netherlands links about 550 complaints and nearly €25 million in losses to the network. Belgium counts 200+ victims, and police suspect tens of thousands worldwide. In 1998, at 18, Tenenbaum was arrested as the Israeli mentor behind Solar Sunrise, intrusions into unclassified Pentagon, NASA, Air Force and Navy systems that Washington briefly mistook for Iraqi information warfare. Convicted in Israel in 2001, he was arrested in Canada in 2008 over a card fraud scheme, pleaded guilty in the US in 2009, and left court in 2012 with time served and $503,000 in restitution.
728
3
🚨 Nightmare-Eclipse just dropped "LegacyHive," a new Windows privilege-escalation zero-day PoC that targets the Windows User+1
🚨 Nightmare-Eclipse just dropped "LegacyHive," a new Windows privilege-escalation zero-day PoC that targets the Windows User Profile Service, the component that loads a user's settings during sign-in. The PoC reportedly uses a carefully timed path-switching trick to make Windows mount another user's Registry file, potentially an administrator's, under a standard "helper" account. Nightmare-Eclipse claims it works across supported Windows desktop and server builds patched through July 2026. Nightmare-Eclipse says a private version could load arbitrary Registry hives, but that broader version has not been published. Interestingly, Nightmare-Eclipse previously told us that vulnerability names are inspired by random events in his life. "LegacyHive" appears to break from that convention. Deja vu: Microsoft patched this broad ProfSvc trust-boundary failure in 2015 as CVE-2015-0004, which also loaded another user's hive. LegacyHive appears to use a new path-swap to revive that bug class. As of writing: no CVE, no Microsoft advisory, no comment.
924
4
بدون متن...
1
5
‼️ BREAKING: US Treasury's OFAC sanctions a ransomware VPN… and appears to accidentally break Telegram links worldwide. Yeste+1
‼️ BREAKING: US Treasury's OFAC sanctions a ransomware VPN… and appears to accidentally break Telegram links worldwide. Yesterday, the US Treasury sanctioned ransomware VPN provider 1VPNS. Buried in the sanctions entry: t[.]me/FirstVPNService, listed as one of the service's websites. About 4 hours later, WHOIS records show the .me registry slammed Telegram's entire t[.]me domain onto serverHold, wiping every t[.]me web link from global DNS. The apps kept working, and telegram[.]me still resolves, so the hold hit the t[.]me registration specifically. A screenshot is circulating that would confirm the t[.]me takedown, saying the domain was placed on serverHold "due to OFAC-related compliance requirements."
1 107
6
The disaster recovery plan for a billion-user platform: tag the registry and pray. 🙏
The disaster recovery plan for a billion-user platform: tag the registry and pray. 🙏
1 201
7
Last month I took Nightmare-Eclipse out for dinner. He's the person behind all those Windows zero-day PoC drops. He wanted to+1
Last month I took Nightmare-Eclipse out for dinner. He's the person behind all those Windows zero-day PoC drops. He wanted to eat fish — a specific kind of fish. I'm not really fond of fish, so I had no idea where you could even get it; it's always something my brain skips over when reading a menu. I took him to a restaurant where he could have fish and I could have steak. When he took his first bite, he almost choked — he hadn't expected the bones to still be in it. I'd forgotten to warn him. After that, he started picking the fish apart with nothing but his knife. He went at it so methodically you'd think he ate fish like this for a living. He's a bright young fella, to say the least: very calm and professional. And after hearing his story, it sounds to me like Microsoft really screwed him over and sent him off the rails. I'm not allowed to say more, but this story still hasn't ended — that's for sure. Things will keep going like this for a while.
1 144
8
‼️BREAKING: Telegram's core t[.]me domain has been placed on serverHold at the .me registry, a registry-level status that dro+2
‼️BREAKING: Telegram's core t[.]me domain has been placed on serverHold at the .me registry, a registry-level status that drops it from DNS worldwide and dead-ends every t[.]me link. Domain records show the change happened today, with no public explanation yet from Telegram, the .me registry, or backend operator Identity Digital.
1 853
9
‼️ Update: Elon Musk says SpaceXAI will delete all user data uploaded to the company "before now" as a precautionary measure,
‼️ Update: Elon Musk says SpaceXAI will delete all user data uploaded to the company "before now" as a precautionary measure, one day after a researcher's wire-level analysis showed the Grok Build CLI shipping entire private repos, unredacted secrets included, to a Google Cloud bucket. The pledge came in an X post. Still no advisory, no timeline, and no way for affected developers to verify deletion. And deleted or not, any credentials that left the machine still need to be rotated.
1 064
10
‼️ BREAKING: xAI's Grok Build CLI was uploading entire Git repositories to a Google Cloud bucket, private codebases and unred+2
‼️ BREAKING: xAI's Grok Build CLI was uploading entire Git repositories to a Google Cloud bucket, private codebases and unredacted secrets included. The uploads quietly stopped via a hidden server-side flag, and xAI still has not said a word about scope, retention, or deletion. The scale is staggering. On a 12 GB test repo, 5.1 GB flew out the door to xAI's grok-code-session-traces bucket while the actual coding task needed just 192 KB. The tool grabbed whatever repository it ran in, not the files it needed. The fix arrived as a hidden flag, disable_codebase_upload: true, a day after a researcher's wire-level analysis. The "Improve the model" opt-out never stopped the uploads. Still no advisory, no scope, no word on whether already-uploaded code gets deleted. For anyone pointing AI coding agents at proprietary code, what crosses the wire matters more than what the settings page says. https://www.internationalcyberdigest.com/xais-grok-build-cli-uploads-entire-git-repositories-to-a-google-cloud-bucket/
1 250
11
‼️ BREAKING: The official SpaceX and Starlink accounts on X appear to have been compromised. According to multiple reports on+1
‼️ BREAKING: The official SpaceX and Starlink accounts on X appear to have been compromised. According to multiple reports online, an account named "Sam Catman," carrying an official SpaceXAI-affiliated badge, posted a scam coin. The official SpaceX and Starlink accounts then reposted Sam Catman's posts. Needless to say, anyone who bought in was rug-pulled.
2 747
12
‼️ Samsung is forcing users to hand over their data for AI training by breaking core functionality of its Health app. A new c+1
‼️ Samsung is forcing users to hand over their data for AI training by breaking core functionality of its Health app. A new consent notice covers activity, health records, medication, and menstrual cycle data. Opt out and the app warns it will stop syncing to your Samsung account and delete the data already stored there.
5 418
13
THIS is the race to superintelligence and Sam spelled “sellling” with three L’s.
THIS is the race to superintelligence and Sam spelled “sellling” with three L’s.
1 310
14
‼️ The Chinese and Russians want to use malware to paralyze the Starlink satellite network, according to secret documents obt+2
‼️ The Chinese and Russians want to use malware to paralyze the Starlink satellite network, according to secret documents obtained from clandestine military forums. And if malware doesn't work, they plan to just shoot the satellites down. Chinese state aerospace researchers are pitching a three-stage plan to defeat Starlink. It escalates from regulatory pressure to coordinated jamming to physically destroying satellites in orbit. The same cache includes a protocol signed in Moscow in June 2023 to jointly build an air- and missile-defense system against US hypersonic weapons, a class of technology Moscow historically refused to share with anyone. Beijing still calls itself neutral on Ukraine. These documents make that position very hard to sustain. Note: the slides have been translated from Russian and Chinese into English.
1 232
15
‼️ A 16-year-old Linux KVM vulnerability called Januscape (CVE-2026-53359) lets a root user inside a guest VM escape to the h+1
‼️ A 16-year-old Linux KVM vulnerability called Januscape (CVE-2026-53359) lets a root user inside a guest VM escape to the host on Intel and AMD x86 systems, and a proof of concept that crashes hosts is already public. Canonical says patched Ubuntu kernels are still pending for all releases and recommends disabling nested virtualization in the meantime.
1 123
16
❗️ Apple is suing OpenAI, accusing it of a months-long scheme to steal trade secrets for its AI hardware device. The complain+1
❗️ Apple is suing OpenAI, accusing it of a months-long scheme to steal trade secrets for its AI hardware device. The complaint names OpenAI hardware lead Tang Tan and engineer Chang Liu, both ex-Apple. It alleges recruits were told to bring unreleased parts to job interviews, that Tan circulated Apple's internal exit-security playbook to new hires, and that Liu kept an Apple laptop and exploited a vulnerability to pull dozens of confidential documents while already working at OpenAI. OpenAI's reply, via a spokesperson: "We have no interest in other companies' trade secrets." Apple wants an injunction plus damages set at trial.
1 232
17
OpenAI's newest model just hit the DeepSWE benchmark, and gpt-5.6-sol, now beats every other model (even Fable 5) at a fracti
OpenAI's newest model just hit the DeepSWE benchmark, and gpt-5.6-sol, now beats every other model (even Fable 5) at a fraction of the cost. gpt-5.6-sol: - 3x cheaper than Claude Fable 5 - 5–7x cheaper than Claude Opus 4.8 - 10x cheaper than Claude Sonnet 5
1 218
18
❗️ Anthropic tried to charge a Korean user who was on the free plan with zero API usage $16.6 million. A day earlier, the sam+1
❗️ Anthropic tried to charge a Korean user who was on the free plan with zero API usage $16.6 million. A day earlier, the same invoice was $1.67 million, so it grew roughly 10x overnight. The user says he suspected phishing at first, then found the sender and payment link were Anthropic's official domain. His bank declined the charge attempts for exceeding the card's per-transaction limit... Last month auditing startup Vaudit told it found about $1.7 million in overcharges across $34 million in AI invoices, mostly tied to Claude Code, and after months of GitHub reports about contradictory Anthropic billing emails.
1 442
19
❗️ More than half of Grok's traffic now comes from adult content, including porn image and video generation and sexual role-p+1
❗️ More than half of Grok's traffic now comes from adult content, including porn image and video generation and sexual role-play, according to a report of The Information. xAI is reportedly leaning into it, not away from it. It also lands amid lawsuits and probes in the US, EU, India and Brazil over sexualized deepfakes, including alleged images of minors. Musk has denied awareness of any underage sexual images generated by Grok. Source: https://www.internationalcyberdigest.com/adult-content-now-drives-most-of-groks-traffic/
1 293
20
Huawei’s telephoto camera turned a twin-engine jet into a bird.
Huawei’s telephoto camera turned a twin-engine jet into a bird.
1 269