KadNap Botnet Hijacks Asus Routers
The Black Lotus Team at Lumen has discovered a new malware strain called KadNap that has been creating a botnet of Asus routers since at least August 2025.
Fria Reyes
Fria is a privacy advocate and synthwave enthusiast who has been volunteering with Privacy Guides since 2023. They are an unapologetic tech optimist, and believes with the right technology we can solve any problem.
Pokémon Go Players’ Data Used to Train “Visual Positioning” AI
Niantic spinoff, Niantic Spatial, used over 30 billion images taken by users of Pokemon Go to train its “visual positioning” system to help robots navigate the world.
Intel’s Fully Homomorphic Encryption Chip Could Revolutionize Privacy
Intel’s hardware-accelerated Fully-Homomorphic Encryption chip, Heracles, could bring fully E2EE server-side processing into viability.
UK Corporate Registry Exposes Personal Information of Employees
The UK’s Companies House alerted the public of a security issue that allowed other users to access “dates of birth, residential addresses and company email addresses.”
Instagram Ending E2EE Support
Instagram has notified its users that it will no longer support E2EE after May 8, 2026, according to the support page for the feature.
AI Agents Beginning to Help Attackers Accelerate Stealing Your Data
While generation of malicious code, media, and phishing material are already making heavy use of AI, threat actors are “experimenting” with AI agents to automate decision making.
Coruna Malware Targeting iOS Spotted by Google Threat Intelligence
Google Threat Intelligence Group has identified a “powerful exploit kit” targeting iPhones running iOS 13.0 to 17.2.1 used by a surveillance company and crypto-stealing sites.
New JVG Quantum Decryption Algorithm Could Pose Risk to Classical Encryption
A new quantum decryption algorithm called JVG could significantly reduce the amount of resources needed to decrypt classical RSA encryption that we’ve been relying on for decades.
TikTok Won’t Add E2EE for User Safety
TikTok told the BBC that it will not be rolling out end-to-end encrypted DMs, citing user safety as a concern.
How to Game Privately
Video games are an incredibly popular hobby, but they can be a privacy nightmare. How can we protect our privacy while gaming?
Meta Smart Glasses Sending Sensitive Recordings to Workers to Annotate
According to a report by SVD, Meta’s Ray-Ban AI Smart Glasses have been sending sensitive recordings of people, including “bank details, sex and naked people,” to outsourced companies to review and annotate.
“ClawJacked” Vulnerability Allows Malicious Websites to Take Control of OpenClaw
Oasis Security discovered a vulnerability in the popular OpenClaw agentic AI software that allows websites to silently bruteforce access to a locally running instance and take it over.
Spyware Maker Sentenced to Prison
The founder, Tal Dilian, and three other executives of Intellexa, a collective of spyware makers responsible for what was dubbed “Greek Watergate” have been sentenced to eight years in prison.
Samsung Forced to Halt Data Collection in TVs in Texas Without “Express Consent”
Attorney General of Texas Ken Paxton secured an agreement with Samsung that “will ensure Samsung no longer collects Automated Content Recognition (“ACR”) data without consumers being fully informed and consenting prior to any information being collected.”
Threat Intelligence “Provenance” Could be the Solution to a Fractured Global Cybersecurity Landscape
Geopolitical tensions threaten cybersecurity research and sharing between countries, but research from Georgia Tech demonstrates a possible system of auditable provenance data to validate how threat intelligence was produced instead of trusting who produced it.
Android 17 Beta Introduces the Contact Picker and the Local Network Permission
Android 17 Beta 2 released, bringing with it the rumored Contacts Picker for selecting individual contacts and the Local Network Access permission for preventing apps from seeing other devices on your local network.
Burger King is Rolling Out AI in Employees’ Headsets to Track Their Friendliness
Burger King is testing out a new AI called Patty in 500 restaurants that will listen for keywords like “welcome,” “please” and “thank you” and in employees’ headsets and report to managers.
Samsung Launches New “Privacy Display” to Protect Your Screen
Samsung recently made the new Galaxy S26 Ultra available for pre-order, which features a huge privacy improvement never seen before on a phone: a builtin, toggleable privacy screen that functions on a per-pixel level.
Notepad++’s New Update System is “Robust and Effectively Unexploitable”
Notepad++ has released a blog post describing the security enhancements they’ve made since the state-sponsored hack earlier this month, highlighting their new “double lock” update mechanism.
Firefox 148 Releases with Promised AI Killswitch Feature
Firefox version 148 has released, bringing with it the AI killswitch feature that was promised, allowing users to disable all AI features from a single switch.
Google Expands Quick Share’s AirDrop Support to Pixel 9 Series
Google is expanding support for Quick Share and AirDrop compatibility between Pixel 10 phones and iPhones to include Pixel 9 phones as well.