Data Breach Roundup (Jan 23 – Jan 29, 2026)
This week saw a massive leak from a likely infostealer database, two AI products, an app to help users quit porn, and updates to Soundcloud and the French unemployment agency.
Privacy & Security News
RSS Feed • Follow @PrivacyNews@mstdn.plus on Mastodon • Find more news on the forum
WhatsApp Implements Optional "Strict Account Settings" Mode for Increased Security
WhatsApp has announced a new setting called Strict Account Settings that increases security against sophisticated threats, similar to Apple's Lockdown Mode or Android's Advanced Protection mode.
Video Rental Privacy Laws May Soon Apply to Streaming
We used to have privacy laws, but many of them haven't kept up with the times.
Google Accidentally Leaks Upcoming AluminiumOS Desktop Interface
According to 9to5Google, a bug report (currently inaccessible) about Chrome Incognito tabs leaked the desktop interface for the upcoming AluminiumOS, Google’s merging of ChromeOS and Android.
PornHub Withdraws From UK Over Online Safety Act
PornHub's parent company accuses the law of being ineffective and unenforced.
The NexPhone: A $549 Android, Linux, and Windows Device
An interesting concept, but how is the execution?
Windows Update Stops Machines from Booting
The disastrous KB5074109 Windows update has reportedly caused some people's computers to fail to boot, among the myriad other issues.
UK Considers Australia-Style Social Media Ban
Politicians continue to try to tackle complex issues with oversimplified solutions
European X/Twitter Alternative W Announced at Davos
People will do literally anything to avoid using Mastodon
Data Breach Roundup (Jan 16 – Jan 22, 2026)
You have to admire the audacity of someone who posts on Instagram as "ihackthegovernment"
Pwn2Own Automotive Shows How Insecure Our Vehicles Are
The first day of the Pwn2Own Automotive hacking competition has kicked off in Tokyo, Japan, with “a record 73 entries” showing that our vehicles are juicier targets than ever.
Mandiant Releases Rainbow Tables for Outdated Windows NTLMv1
Mandiant, a cybersecurity firm and subsidiary of Google, has released a rainbow table for the outdated Windows NTLMv1 authentication protocol, allowing attackers to crack administrator passwords in under 12 hours using consumer hardware that costs less than $600.
ChatGPT Announces Ads Coming for Free and Go Users
OpenAI has announced it’ll be incorporating ads into ChatGPT for Free and Go users.
Data Breach Roundup (Jan 9 – Jan 15, 2026)
A data breach forum having a breach, an investment platform sweeping theirs under the rug, major shipping company ignoring disclosures, and more.
Bluetooth Exploit Leaves Hundreds of Millions of Accessories Vulnerable to Full Takeover
Researchers have discovered a vulnerability in Google Fast Pair, dubbed WhisperPair, that leaves affected accessories open to being fully controlled by an attacker.
Windscribe launches privacy alliance with Addy.io, Notesnook, Kagi, and Ente
By offering discounts to current users, Windscribe wants you to invest your money into specialists, not bundled ecosystems.
Trail of Bits Exposes Vulnerabilities in Agentic Browsers, Compares to Cross-Site Scripting
Security research and consulting firm Trail of Bits analyzed agentic AI in browsers and found vulnerabilites that resemble cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.