Summarising a Book is now Potentially Copyright Infringing

Posted on by

A federal judge just ruled that computer-generated summaries of novels are “very likely infringing,” which would effectively outlaw many book reports. That seems like a problem.

The Authors Guild has one of the many lawsuits against OpenAI, and law professor Matthew Sag has the details on a ruling in that case that, if left in place, could mean that any attempt to merely summarize any copyright covered work is now possibly infringing. You can read the ruling itself here.

This isn’t just about AI—it’s about fundamentally redefining what copyright protects. And once again, something that should be perfectly fine is being treated as an evil that must be punished, all because some new machine did it.

But, I guess elementary school kids can rejoice that they now have an excuse not to do a book report.

[…]

Sag highlights how it could have a much more dangerous impact beyond getting kids out of their homework: making much of Wikipedia infringing.

A new ruling in Authors Guild v. OpenAI has major implications for copyright law, well beyond artificial intelligence. On October 27, 2025, Judge Sidney Stein of the Southern District of New York denied OpenAI’s motion to dismiss claims that ChatGPT outputs infringed the rights of authors such as George R.R. Martin and David Baldacci. The opinion suggests that short summaries of popular works of fiction are very likely infringing (unless fair use comes to the rescue).

This is a fundamental assault on the idea, expression, distinction as applied to works of fiction. It places thousands of Wikipedia entries in the copyright crosshairs and suggests that any kind of summary or analysis of a work of fiction is presumptively infringing.

Short summaries of copyright-covered works should not impact copyright in any way. Yes, as Sag points out, “fair use” can rescue in some cases, but the old saw remains that “fair use is just the right to hire a lawyer.” And when the process is the punishment, saying that fair use will save you in these cases is of little comfort. Getting a ruling on fair use will run you hundreds of thousands of dollars at least.

Copyright is supposed to stop the outright copying of the copyright-protected expression. A summary is not that. It should not implicate the copyright in any form, and it shouldn’t require fair use to come to the rescue.

Sag lays out the details of what happened in this case:

Judge Stein then went on to evaluate one of the more detailed chat-GPT generated summaries relating to A Game of Thrones, the 694 page novel by George R. R. Martin which eventually became the famous HBO series of the same name. Even though this was only a motion to dismiss, where the cards are stacked against the defendant, I was surprised by how easily the judge could conclude that:

“A more discerning observer could easily conclude that this detailed summary is substantially similar to Martin’s original work, including because the summary conveys the overall tone and feel of the original work by parroting the plot, characters, and themes of the original.”

The judge described the ChatGPT summaries as:

“most certainly attempts at abridgment or condensation of some of the central copyrightable elements of the original works such as setting, plot, and characters”

He saw them as:

“conceptually similar to—although admittedly less detailed than—the plot summaries in Twin Peaks and in Penguin Random House LLC v. Colting, where the district court found that works that summarized in detail the plot, characters, and themes of original works were substantially similar to the original works.” (emphasis added).

To say that the less than 580-word GPT summary of A Game of Thrones is “less detailed” than the 128-page Welcome to Twin Peaks Guide in the Twin Peaks case, or the various children’s books based on famous works of literature in the Colting case, is a bit of an understatement.

[…]

As Sag makes clear, there are few people out there who would legitimately think that the Wikipedia summary should be deemed infringing, which is why this ruling is notable. It again highlights how lots of people, including the media, lawmakers, and now (apparently) judges, get so distracted by the “but this new machine is bad!” in looking at LLM technology that they seem to completely lose the plot.

And that’s dangerous for the future of speech in general. We shouldn’t be tossing out fundamental key concepts in speech (“you can summarize a work of art without fear”) just because some new kind of summarization tool exists.

Source: Book Reports Potentially Copyright Infringing, Thanks To Court Attacks On LLMs | Techdirt

Switzerland plans surveillance worse than US

Posted on by

In Switzerland, a country known for its love for secrecy, particularly when it comes to banking, the tides have turned: An update to the VÜPF surveillance law directly targets privacy and anonymity services such as VPNs as well as encrypted chat apps and email providers. Right now the law is still under discussion in the Swiss Bundesrat.

[…]

While Swiss privacy has been overhyped, legislative rules in Switzerland are currently decent and comparable to German data protection laws. This update to the VÜPF, which could come into force by 2026, would change data protection legislation in Switzerland dramatically.

Why the update is dangerous

If the law passes in its current form,

  • Swiss email and VPN providers with just 5,000 users are forced to log IP addresses and retain the data for six months – while data retention in Germany is illegal for email providers.
  • ID or driver’s license, maybe a phone number, are required for the registration process of various services – rendering the anonymous usage impossible.
  • Data must be delivered upon request in plain text, meaning providers must be able to decrypt user data on their end (except for end-to-end encrypted messages exchanged between users).

What is more, the law is not introduced by or via the Parliament, but instead the Swiss government, the Federal Council and the Federal Department of Justice and Police (FDJP), want to massively expand internet surveillance by updating the VÜPF – without Parliament having a say. This comes as a shock in a country proud of its direct democracy with regular people’s decisions on all kinds of laws. However, in 2016 the Swiss actually voted for more surveillance, so direct democracy might not help here.

History of surveillance in Switzerland

In 2016, Swiss Parliament updated its data retention law BÜPF to enforce data retention for all communication data (post, email, phone, text messages, ip addresses). In 2018, the revision of the VÜPF translated this into administrative obligations for ISPs, email providers, and others, with exceptions in regard to the size of the provider and whether they were classified as telecommunications service providers or communications services.

This led to the fact that services such as Threema and ProtonMail were exempt from some of the obligations that providers such as Swisscom, Salt, and Sunrise had to comply with – even though the Swiss government would have liked to classify them as quasi network operators and telecommunications providers as well. The currently discussed update of the VÜPF seems to directly target smaller providers as well as providers of anonymous services and VPNs.

The Swiss surveillance state has always sought a lot of power, and had to be called back by the Federal Supreme Court in the past to put surveillance on a sound legal basis.

But now, article 50a of the VÜPF reform mandates that providers must be able to remove “the encryption provided by them or on their behalf”, basically asking for backdoor access to encryption. However, end-to-end encrypted messages exchanged between users do not fall under this decryption obligation. Yet, even Swiss email provider Proton Mail says to Der Bund that “Swiss surveillance would be much stricter than in the USA and the EU, and Switzerland would lose its competitiveness as a business location.”

Because of this upcoming legal change in Switzerland, Proton has started to move its server from Switzerland to the EU.

Source: Switzerland plans surveillance worse than US | Tuta

Free Tool Adds Eye-Tracked Foveated Rendering To Many SteamVR Games

Posted on by

A free tool for Windows PCs with modern Nvidia GPUs adds eye-tracked foveated rendering to a huge number of SteamVR games.

Called PimaxMagic4All, the tool re-implements a feature Pimax ships in its Pimax Play software used to set up and adjust its headsets. As such, if you already own a Pimax headset, you don’t need it.

PimaxMagic4All should work with any SteamVR-compatible headset that exposes a low-level public API to retrieve eye tracking data, or which has third-party software that does so

[…]

The developer, by the way, is Matthieu Bucchianeri, a name you may recognize if you’re a regular UploadVR reader.

Bucchianeri is a very experienced developer, having worked on the PS4 and original PlayStation VR at Sony, Falcon 9 and Dragon at SpaceX, and HoloLens and Windows MR at Microsoft, where he currently works on Xbox. At Microsoft he contributed to OpenXR, and in his spare time he developed OpenXR Toolkit, VDXR (Virtual Desktop’s OpenXR runtime), and most recently Oasis, the native SteamVR driver that revived Windows MR headsets.

PimaxMagic4All has a simple graphical interface with three levels of foveated rendering: Maximum, Balanced, and Minimum. You can choose between prioritizing increasing performance, achieving a result where you shouldn’t notice the difference, or a balance of the two.

The tool can inject foveated rendering into any title that uses the DirectX 11 graphics API and OpenVR, Valve’s deprecated API for SteamVR. The game also needs to not have an anti-cheat system, since those will prevent code injection. And remember, you need to have an Nvidia graphics card, specifically a GTX 16 series or RTX card.

[…]

PimaxMagic4All is available on GitHub, where you’ll find both the source for the code added around Pimax’s core as well as compiled releases.

Source: Free Tool Adds Eye-Tracked Foveated Rendering To Many SteamVR Games

Planned Obsolescence: this is something the EU should care about

Posted on by

Manufacturers are making things to deliberately break just outside of warranty and also making it hard or impossible to repair components that should be easy to repair. The video below shows this clearly with washing machines.

As an appliance expert with over 40 years in the industry, I am exposing the undeniable evidence of planned obsolescence in modern domestic appliances from major brands like Bosch, Siemens, Hotpoint, AEG, Beko, Hoover, Indesit, and Zanussi. This isn’t just speculation as I use hard numbers and component costs to prove that manufacturers are designing machines to break just outside the warranty period, making them uneconomic to repair. That’s why we are fighting against Planned Obsolescence, and the main culprit is the Sealed Washing Machine Drum. Manufacturers are welding the two halves of the drum together, making it impossible to replace simple, affordable parts like the drum bearings or the spider. This isn’t poor design; it’s a calculated strategy to force you to buy a new machine, creating mountains of e-waste and putting honest repair businesses out of work.

Google ordered to pay $665 million for anticompetitive practices in Germany

Posted on by

Google may have to fork over 572 million euros, or nearly $665 million, to two German companies for “market abuse,” according to a recent ruling from a Berlin court. First reported by Reuters, the tech giant was ordered to pay approximately 465 million euros, or approximately $540 million, to Idealo and another 107 million euros, or roughly $124 million, to Producto, both of which are price comparison platforms based in Germany. According to the ruling, Google abused its dominant market position by favoring Google Shopping in its own search results.

Idealo pursued legal action against Google, claiming that the Alphabet subsidiary was “self-preferencing” its own platforms, which led to unfair market advantages that hindered competitors. The company first demanded at least 3.3 billion euros, or more than $3.8 billion, in damages in February 2025. To counter, Google said it made changes in 2017 that allowed competing shopping platforms the same opportunity as Google Shopping to display ads through Google Search.

Idealo said in a press release that it will continue the legal pressure on Google, claiming that “the amount awarded reflects only a fraction of the actual damage.” Albrecht von Sonntag, co-founder and member of Idealo’s advisory board, added in a press release that “abuse of dominance must have consequences and must not be a profitable business model that pays off despite fines and damages.”

It’s not the first time Google has found itself in legal trouble in Europe. Beyond Google Shopping, Google was accused of favoring its own Google Flights and Google Hotels in search results, leading the European Union to threaten massive fines for violating its Digital Markets Act. A month prior, the European Commission fined Google nearly 3 billion euros, or more than $3.4 billion, for its anticompetitive practices in the advertising tech industry.

Source: Google ordered to pay $665 million for anticompetitive practices in Germany

A federal jury ruled that Apple has to pay $634 million for infringing smartwatch patents

Posted on by

In a longstanding and complicated legal battle between Apple and Masimo, a recent ruling from a California jury may be the first step towards a certain conclusion. As reported by Reuters, a federal jury sided with Masimo, a medical tech company known for its patient monitoring devices, when it said that Apple infringed on the company’s patent for technology that tracks blood-oxygen levels.

The case revolves around whether Apple violated Masimo’s patent related to blood-oxygen sensors, which the jury claimed can be seen with the Apple Watch’s Workout and Heart Rate apps. According to Reuters, Apple disagreed with the verdict, adding that “the single patent in this case expired in 2022, and is specific to historic patient monitoring technology from decades ago.” The tech giant is reportedly planning to appeal the decision.

While there may be some closure with this California lawsuit, Apple and Masimo are entangled in a web of related but separate lawsuits. Masimo first accused Apple of infringing on its pulse oximeter patents, leading to Apple temporarily halting sales of its Series 9 and Ultra 2 smartwatches. In August, Apple redesigned its blood-oxygen monitoring feature and rolled it out to the Series 9, Series 10 and Ultra 2. The redesign was approved by the US Customs and Border Protection, but Masimo filed a suit against the agency for overstepping its authority by allowing the sale of these updated Apple Watches without input from Masimo.

Source: A federal jury ruled that Apple has to pay $634 million for infringing smartwatch patents

Roblox begins asking tens of millions of children to send it a selfie, for “age verification”.

Posted on by

Roblox is starting to roll out the mandatory age checks that will require all of its users to submit an ID or scan their face in order to access the platform’s chat features. The updated policy, which the company announced earlier this year, will be enforced first in Australia, New Zealand and the Netherlands and will expand to all other markets by early next year.

The company also detailed a new “age-based chat” system, which will limit users’ ability to interact with people outside of their age group. After verifying or estimating a user’s age, Roblox will assign them to an age group ranging from 9 years and younger to 21 years and older (there are six total age groups). Teens and children will then be limited from connecting with people that aren’t in or close to their estimated age group in in-game chats.

Unlike most social media apps which have a minimum age of 13, Roblox permits much younger children to use its platform. Since most children and many teens don’t have IDs, the company uses “age estimation” tech provided by identity company Persona. The checks, which use video selfies, are conducted within Roblox’s app and the company says that images of users’ faces are immediately deleted after completing the process.

[…]

Source: Roblox begins asking tens of millions of children to verify their age with a selfie

Deleted by Roblox itself, but also by Persona? Pretty scary, 1. having a database of all these kiddies faces and their online persona’s, ways of talking and typing, and 2. that even if the data is deleted, it could be intercepted as it is sent to Roblox and on to the verifier.

Google is collecting troves of data from downgraded Nest thermostats

Posted on by

Google officially turned off remote control functionality for early Nest Learning Thermostats last month, but it hasn’t stopped collecting a stream of data from these downgraded devices. After digging into the backend, security researcher Cody Kociemba found that the first- and second-generation Nest Learning Thermostats are still sending Google information about manual temperature changes, whether a person is present in the room, if sunlight is hitting the device, and more.

[…]

fter cloning Google’s API to create this custom software, he started receiving a trove of logs from customer devices, which he turned off. “On these devices, while they [Google] turned off access to remotely control them, they did leave in the ability for the devices to upload logs. And the logs are pretty extensive,” Kociemba tells The Verge.

[…]

Google is still getting all the information collected by Nest Learning Thermostats, including data measured by their sensors, such as temperature, humidity, ambient light, and motion. “I was under the impression that the Google connection would be severed along with the remote functionality, however that connection is not severed, and instead is a one-way street,” Kociemba says.

[…]

Source: Google is collecting troves of data from downgraded Nest thermostats | The Verge

A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers

Posted on by

Add someone’s phone number, and WhatsApp instantly shows whether they’re on the service, and often their profile picture and name, too.

Repeat that same trick a few billion times with every possible phone number, it turns out, and the same feature can also serve as a convenient way to obtain the cell number of virtually every WhatsApp user on earth—along with, in many cases, profile photos and text that identifies each of those users.

[…]

One group of Austrian researchers have now shown that they were able to use that simple method of checking every possible number in WhatsApp’s contact discovery to extract 3.5 billion users’ phone numbers from the messaging service. For about 57 percent of those users, they also found that they could access their profile photos, and for another 29 percent, the text on their profiles. Despite a previous warning about WhatsApp’s exposure of this data from a different researcher in 2017, they say, the service’s parent company, Meta, still failed to limit the speed or number of contact discovery requests the researchers could make by interacting with WhatsApp’s browser-based app, allowing them to check roughly a hundred million numbers an hour.

The result would be “the largest data leak in history, had it not been collated as part of a responsibly conducted research study,” as the researchers describe it in a paper documenting their findings.

[…]

Source: A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers | WIRED

Cloudflare down, half the internet goes with it. Just like Azure, Epic, AWS, etc. Cloud dependency isn’t nice, is it?

Posted on by

The company acknowledged problems at 1148 UTC on November 18, stating: “Some services may be intermittently impacted.” After a long half-hour, it reckoned systems were returning to normal, but “customers may continue to observe higher-than-normal error rates” as engineers continue to investigate and fix the underlying issue.

Cloudflare provides security and infrastructure for a substantial chunk of websites. As such, X (formerly Twitter) and even El Reg were either knocked offline or malfunctioned as the outage continued. Even that stalwart of system uptime, Downdetector, reported “Please unblock challenges.cloudflare.com to proceed” at one point.

Cloudflare has yet to confirm the cause of the outage – we will issue an update when it does – but it follows hot on the heels of problems at AWS and Azure, and is a reminder for enterprises that a service is only as good as the weakest link in the chain… and that weakest link might not reveal itself until it breaks.

The problem appears to be global, and the company was forced to do the equivalent of turning off and on its WARP access in London as engineers worked to deal with the glitch. WARP is similar to a VPN, except it routes traffic through Cloudflare’s network. If the network is having a bad day, turning off WARP seems a sensible option.

[…]

Source: Cloudflare coughs, half the internet catches a cold • The Register

F-22 Pilot Controls MQ-20 Drone From The Cockpit In Mock Combat Mission

Posted on by

An MQ-20 Avenger drone flew a mock mission at the direction of a pilot in an F-22 Raptor during a demonstration earlier this year, General Atomics has disclosed. The company says this is part of a larger effort to lay the groundwork for crewed-uncrewed teaming between F-22s and Collaborative Combat Aircraft (CCA) drones. General Atomics and Anduril are currently developing CCA designs for the U.S. Air Force, and that service expects the Raptor to be the first airborne controller for whichever types it decides to buy in the future.

[…]

“The [crewed-uncrewed teaming demonstration] effort integrated L3Harris’ BANSHEE Advanced Tactical Datalinks with its Pantera software-defined radios (SDRs) via Lockheed Martin’s open radio architectures, all integrated and shared from an F-22 Raptor,” according to a General Atomics press release. “Two L3Harris Software‑Defined Radios (SDRs) supported the demonstration. The first SDR was installed into the General Atomics MQ‑20 Avenger, and the second was integrated in the Lockheed Martin F‑22 Raptor.”

A composite image highlighting the integration of the BANSHEE datalink, at far lower left, and a Pantera-series radio, onto the Avenger drone. L3Harris

“Through the Pilot Vehicle Interface (PVI) tablet and the F‑22’s GRACE module, the system provided end‑to‑end communications, enabling the F‑22 command and control of the MQ‑20 in flight,” the release adds. “The collaborative demonstration showcased non-proprietary, U.S. government-owned communications capabilities and the ability to fly, transition, and re-fly flight hardware that is core to the Open Mission Systems and skills based unmanned autonomy ecosystem.”

The explicit mention of a tablet-based in-cockpit control interface is also worth highlighting. General Atomics and Lockheed Martin have both been working for years now on control systems to allow crewed aircraft to direct drones in flight, with tablet-like devices being the typical user interface. However, both companies have themselves raised questions to varying degrees about the long-term viability of that arrangement, especially for pilots in single-seat fighters, who already have substantial workloads during real-world missions.

“We started with [the Air Force’s] Air Combat Command with tablets … There was this idea that they wanted to have this discreet control,” Michael Atwood, vice president of Advanced Programs for General Atomics, said during an appearance on The Merge podcast last year. “I got to fly in one of these jets with a tablet. And it was really hard to fly the airplane, let alone the weapon system of my primary airplane, and spatially and temporally think about this other thing.”

[…]

 

Source: F-22 Pilot Controls MQ-20 Drone From The Cockpit In Mock Combat Mission

Unremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices

Posted on by

The software in question, AppCloud, developed by the mobile analytics firm IronSource, has been embedded in devices sold primarily in the Middle East and North Africa (MENA) region.

Security researchers and privacy advocates warn that it quietly collects sensitive user data, fueling fears of surveillance in politically volatile areas.

AppCloud tracks users’ locations, app usage patterns, and device information without seeking ongoing consent after initial setup. Even more concerning, attempts to uninstall it often fail due to its deep integration into Samsung’s One UI operating system.

Reports indicate the app reactivates automatically following software updates or factory resets, making it virtually unremovable for average users. This has sparked outrage among consumers in countries such as Egypt, Saudi Arabia, and the UAE, where affordable Galaxy models are popular entry points into Android.

The issue came to light through investigations by SMEX, a Lebanon-based digital rights group focused on MENA privacy. In a recent report, SMEX highlighted how AppCloud’s persistence could enable third-party unauthorized data harvesting, posing significant risks in regions with histories of government overreach.

“This isn’t just bloatware, it’s a surveillance enabler baked into the hardware,” said a SMEX spokesperson. The group called on Samsung to issue a global patch and disclose the full scope of data shared with ironSource.

[…]

Source: Unremovable Spyware on Samsung Devices Comes Pre-installed on Galaxy Series Devices

Copy-paste now exceeds file transfer as top corporate data exfiltration vector, as well as untrustable extensions and not using SSO/MFA

Posted on by

It is now more common for data to leave companies through copying and paste than through file transfers and uploads, LayerX revealed in its Browser Security Report 2025.

This shift is largely due to generative AI (genAI), with 77% of employees pasting data into AI prompts, and 32% of all copy-pastes from corporate accounts to non-corporate accounts occurring within genAI tools.

Note: below it also highlights copy pasta into instant messaging services. What it doesn’t highlight is that everything you paste into Chrome is fair game for Google as far as it’s terms and services are concerned.

“Traditional governance built for email, file-sharing, and sanctioned SaaS didn’t anticipate that copy/paste into a browser prompt would become the dominant leak vector,” LayerX CEO Or Eshed wrote in a blog post summarizing the report.

The report highlights data loss blind spots in the browser, from shadow SaaS to browser extension supply chain risks, and provides a checklist for CISOs and other security leaders to gain more control over browser activity.

GenAI now accounts for 11% of enterprise application usage, with adoption rising faster than many data loss protection (DLP) controls can keep up. Overall, 45% of employees actively use AI tools, with 67% of these tools being accessed via personal accounts and ChatGPT making up 92% of all use.

Corporate data makes its way to genAI tools through both copying and pasting — with 82% of these copy-pastes occurring via personal accounts — and through file uploads, with 40% of files uploaded to genAI tools containing either personally identifiable information (PII) or payment card information (PCI).

With the rise of AI-driven browsers such as OpenAI’s Atlas and Perplexity’s Comet, governance of AI tools’ access to corporate data becomes even more urgent, the LayerX report notes.

Tackling the growing use of AI tools in the workplace includes establishing allow- and block lists for AI tools and extensions, monitoring for shadow AI activity and restricting the sharing of sensitive data with AI models, LayerX said.

Monitoring clipboards and AI prompts for PII, and blocking risky copy-pastes and prompting actions, can also address this growing data loss vector beyond just focusing on file uploads and traditional vectors like email.

AI tools are not the only vector through which copied-and-pasted data escapes organizations. LayerX found that copy-pastes containing PII or PCI were most likely to be pasted into chat services, i.e. instant messaging (IM) or SMS apps, where 62% of pastes contained sensitive information. Of this data 87% went to non-corporate accounts.

In addition to copy-paste and file upload risks, the report also delved into the browser extension supply chain, revealing that 53% of employees install extensions with “high” or “critical” permissions. Additionally, 26% of installed extensions are side-loaded rather than being installed through official stores.

Browser extensions are often difficult to vet and poorly maintained, with 54% of extension developers identified only through a free webmail account such as Gmail and 51% of extensions not receiving any updates in over a year. Yet extensions can have access to key data and resources including cookies and user account details, making it critical for organizations to audit and monitor their use.

“Permission audit alone is insufficient. Continuously score developer reputation, update cadence, sideload sources, and AI/agent capabilities. Track changes like you track third-party libraries,” Eshed wrote.

Identity security within browsers was also noted to be a major blind spot for organizations, with 68% of logins to corporate accounts completed without single sign-on (SSO), making it difficult for organizations to properly track identities across apps. Additionally, 26% of enterprise users re-used passwords across accounts and 54% of corporate account passwords were noted to be of medium strength or below.

Source: Copy-paste now exceeds file transfer as top corporate data exfiltration vector | SC Media

Fortinet finally fixes critical straight to admin bug under active exploit for a month

Posted on by

Fortinet finally published a security advisory on Friday for a critical FortiWeb path traversal vulnerability under active exploitation – but it appears digital intruders got a month’s head start.

The bug, now tracked as CVE-2025-64446, allows unauthenticated attackers to execute administrative commands on Fortinet’s web application firewall product and fully take over vulnerable devices. It’s fully patched in FortiWeb version 8.0.2, but it didn’t even have a CVE assigned to it until Friday, when the vendor admitted to having “observed this to be exploited in the wild.”

[…]

it appears a proof-of-concept (PoC) exploit has been making the rounds since early October, and third-party security sleuths have told The Register that exploitation is widespread.

“The watchTowr team is seeing active, indiscriminate in-the-wild exploitation of what appears to be a silently patched vulnerability in Fortinet’s FortiWeb product,” watchTowr CEO and founder Benjamin Harris told us prior to Fortinet’s security advisory.

“The vulnerability allows attackers to perform actions as a privileged user – with in-the-wild exploitation focusing on adding a new administrator account as a basic persistence mechanism for the attackers,” he added.

WatchTowr successfully reproduced the vulnerability and created a working PoC, along with a Detection Artefact Generator to help defenders identify vulnerable hosts in their IT environments.

Despite the fix in version 8.0.2, the attacks remain ongoing, and at least 80,000 FortiWeb web app firewalls are connected to the internet, according to Harris.

“Apply patches if you haven’t already,” he advised. “That said, given the indiscriminate exploitation observed by the watchTowr team and our Attacker Eye sensor network, appliances that remain unpatched are likely already compromised.”

The battering attempts against Fortinet’s web application firewalls date back to October 6, when cyber deception firm Defused published a PoC on social media that one of their FortiWeb Manager honeypots caught. At the time, the bug hadn’t been disclosed nor did it have a CVE.

[…]

 

Source: Fortinet finally cops to critical bug under active exploit • The Register

Russia imposes 24-hour mobile internet blackout for travelers returning home to “guard against drones”. Which don’t need SIM cards. Also just blacks out sim coverage in certain areas.

Posted on by

Russian telecom operators have begun cutting mobile internet access for 24 hours for citizens returning to the country from abroad, in what officials say is an effort to prevent Ukrainian drones from using domestic SIM cards for navigation.

“When a SIM card enters Russia from abroad, the user has to confirm that it’s being used by a person — not installed in a drone,” the Digital Development Ministry said in a statement earlier this week. Users can restore access sooner by solving a captcha or calling their operator for identification.

Authorities said the temporary blackout is meant to “ensure the safety of Russian citizens” and prevent SIM cards from being embedded in “enemy drones.”

The new rule has led to unexpected outages for residents in border regions, whose phones can automatically connect to foreign carriers. Officials advised users to switch to manual network selection to avoid being cut off.

The so-called “cooling-off period” comes a month after Moscow imposed a similar 24-hour blackout for people entering Russia with foreign SIM cards, again citing the threat of Ukrainian drone warfare.

At the same time, the Kremlin is seeking to expand the powers of its domestic intelligence service, the FSB, allowing it to order shutdowns of mobile and internet access over loosely defined “emerging threats.” The proposed legal changes would give the FSB direct authority over local telecoms.

In several regions, including the western city of Ulyanovsk, officials said mobile internet restrictions would remain in place until the end of the war in Ukraine. Access will be limited “around critical facilities of special importance, not across entire regions.”

[…]

Digital rights groups say many of the blackouts appear arbitrary and politically motivated. They noted that most drones used in the war do not rely on mobile internet connections to operate, suggesting that local officials may be imposing restrictions to signal loyalty to the Kremlin rather than address real security threats.

Source: Russia imposes 24-hour mobile internet blackout for travelers returning home | The Record from Recorded Future News

Scientists Confirmed High Density Solid Inside Our Moon

Posted on by

Well, the verdict is in. The Moon is not made of green cheese after all.

A thorough investigation published in May 2023 found that the inner core of the Moon is, in fact, a solid ball with a density similar to that of iron.

This, researchers hope, will help settle a long debate about whether the Moon’s inner heart is solid or molten, and lead to a more accurate understanding of the Moon’s history – and, by extension, that of the Solar System.

[…]

Watch the video below for a summary on what they found:

 

[…]

To figure it out once and for all, Briaud and his colleagues collected data from space missions and lunar laser-ranging experiments to compile a profile of various lunar characteristics. These include the degree of its deformation by its gravitational interaction with Earth, the variation in its distance from Earth, and its density.

Artist’s impression of different instruments measuring the properties of the Moon to reveal its core. (Géoazur/Nicolas Sarter)

Next, they conducted modeling with various core types to find which matched most closely with the observational data.

They made several interesting findings. Firstly, the models that most closely resembled what we know about the Moon describe active overturn deep inside the lunar mantle.

This means that denser material inside the Moon falls towards the center, and less dense material rises upwards. This activity has long been proposed as a way of explaining the presence of certain elements in volcanic regions of the Moon.

[…]

they found that the lunar core is very similar to that of Earth – with an outer fluid layer and a solid inner core. According to their modeling, the outer core has a radius of about 362 kilometers (225 miles), and the inner core has a radius of about 258 kilometers (160 miles). That’s about 15 percent of the entire radius of the Moon.

The inner core, the team found, also has a density of about 7,822 kilograms per cubic meter. That’s very close to the density of iron.

[…]

in 2011 a team led by NASA Marshall planetary scientist Renee Weber found a similar result using what were then state-of-the-art seismological techniques on Apollo data to study the lunar core. They found evidence of a solid inner core with a radius of about 240 kilometers, and a density of about 8,000 kilograms per cubic meter.

Their results, Briaud and his team say, are confirmation of those earlier findings, and constitute a pretty strong case for an Earth-like lunar core. And this has some interesting implications for the Moon’s evolution.

We know that not long after it formed, the Moon had a powerful magnetic field, which started to decline about 3.2 billion years ago. Such a magnetic field is generated by motion and convection in the core, so what the lunar core is made of is deeply relevant to how and why the magnetic field disappeared.

[…]

The research has been published in Nature.

 

Source: It’s Official: Scientists Confirmed What Is Inside Our Moon : ScienceAlert

Chinese spies used Claude to break into some critical orgs

Posted on by

Chinese cyber spies used Anthropic’s Claude Code AI tool to attempt digital break-ins at about 30 high-profile companies and government organizations – and the government-backed snoops “succeeded in a small number of cases,” according to a Thursday report from the AI company.

The mid-September operation targeted large tech companies, financial institutions, chemical manufacturers, and government agencies.

The threat actor was able to induce Claude to execute individual components of attack chains

While a human selected the targets, “this marks the first documented case of agentic AI successfully obtaining access to confirmed high-value targets for intelligence collection, including major technology corporations and government agencies,” Anthropic’s threat hunters wrote in a 13-page document [PDF].

It’s also further proof that attackers continue experimenting with AI to run their offensive operations. The incident also suggests heavily funded state-sponsored groups are getting better at autonomizing attacks.

The AI vendor tracks the Chinese state-sponsored group behind the espionage campaign as GTG-1002, and says its operatives used Claude Code and Model Context Protocol (MCP) to run the attacks without a human in the tactical execution loop.

A human-developed framework used Claude to orchestrate multi-stage attacks, which were then carried out by several Claude sub-agents all performing specific tasks. Those chores included mapping attack surfaces, scanning organizations’ infrastructure, finding vulnerabilities, and researching exploitation techniques.

Once the sub-agents developed exploit chains and custom payloads, a human operator spent between two and 10 minutes reviewing the results of the AI’s actions and signing off on the subsequent exploitations.

The sub-agents then got to work finding and validating credentials, escalating privileges, moving laterally across the network, and accessing and then stealing sensitive data. Post-exploitation, the human operator only had to again review the AI’s work before approving the final data exfiltration.

“By presenting these tasks to Claude as routine technical requests through carefully crafted prompts and established personas, the threat actor was able to induce Claude to execute individual components of attack chains without access to the broader malicious context,” according to the report.

Upon discovering the attacks, Anthropic says it launched an investigation that led it to ban associated accounts, mapped the full extent of the operation, notified affected entities, and coordinated with law enforcement.

These attacks represent a “significant escalation” from the firm’s August report that documented how criminals used Claude in a data extortion operation that hit 17 organizations and saw attackers demand ransoms ranging from $75,000 to $500,000 for stolen data. However, “humans remained very much in the loop directing operations,” in that attack, we’re told.

“While we predicted these capabilities would continue to evolve, what has stood out to us is how quickly they have done so at scale,” states Anthropic’s new analysis.

There is a slight silver lining, however, in that Claude did hallucinate during the attacks and claimed better results than the evidence showed.

The AI “frequently overstated findings and occasionally fabricated data during autonomous operations,” requiring the human operator to validate all findings. These hallucinations included Claude claiming it had obtained credentials (which didn’t work) or identifying critical discoveries that turned out to be publicly available information.

Anthropic asserts such errors represent “an obstacle to fully autonomous cyberattacks” – at least for now

Source: Chinese spies used Claude to break into critical orgs • The Register

World still on track for catastrophic 2.6C temperature rise, report finds. Greed more important than actually having a planet to live on.

Posted on by

Fossil fuel emissions have hit a record high while many nations have done too little to avert deadly global heating

The world is still on track for a catastrophic 2.6C increase in temperature as countries have not made sufficiently strong climate pledges, while emissions from fossil fuels have hit a record high, two major reports have found.

Despite their promises, governments’ new emission-cutting plans submitted for the Cop30 climate talks taking place in Brazil have done little to avert dangerous global heating for the fourth consecutive year, according to the Climate Action Tracker update.

The world is now anticipated to heat up by 2.6C above preindustrial times by the end of the century – the same temperature rise forecast last year.

This level of heating easily breaches the thresholds set out in the Paris climate pact, which every country agreed to, and would set the world spiralling into a catastrophic new era of extreme weather and severe hardships.

A separate report found the fossil fuel emissions driving the climate crisis will rise by about 1% this year to hit a record high, but that the rate of rise has more than halved in recent years.

The past decade has seen emissions from coal, oil and gas rise by 0.8% a year compared with 2.0% a year during the decade before. The accelerating rollout of renewable energy is now close to supplying the annual rise in the world’s demand for energy, but has yet to surpass it.

[…]

Source: World still on track for catastrophic 2.6C temperature rise, report finds | Environment | The Guardian

End of the game for cybercrime infrastructure: 1025 servers taken down – Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium

Posted on by

Between 10 and 13 November 2025, the latest phase of Operation Endgame was coordinated from Europol’s headquarters in The Hague. The actions targeted one of the biggest infostealers Rhadamanthys, the Remote Access Trojan VenomRAT, and the botnet Elysium, all of which played a key role in international cybercrime. Authorities took down these three large cybercrime enablers. The main suspect for VenomRAT was also arrested in Greece on 3 November 2025.

The infrastructure dismantled during the action days was responsible for infecting hundreds of thousands of victims worldwide with malware. Operation Endgame, coordinated by Europol and Eurojust, is a joint effort between law enforcement and judicial authorities of Australia, Belgium, Canada, Denmark, France, Germany, Greece, Lithuania, the Netherlands, the United Kingdom and the United States to tackle ransomware enablers. More than 30 national and international public and private parties are supporting the actions. Important contributions were made by the following private partners: Cryptolaemus, Shadowserver and RoLR, Spycloud, Cymru, Proofpoint, Crowdstrike, Lumen, Abuse.ch, HaveIBeenPwned, Spamhaus, DIVD, Trellix and Bitdefender.

The coordinated actions led to:

  • 1 arrest in Greece
  • 11 locations searched (1 in Germany, 1 in Greece, and 9 in the Netherlands)
  • Over 1 025 servers taken down or disrupted worldwide
  • 20 domains seized

Endgame doesn’t end here – think about (y)our next move

The dismantled malware infrastructure consisted of hundreds of thousands of infected computers containing several million stolen credentials. Many of the victims were not aware of the infection of their systems. The main suspect behind the infostealer had access to over 100 000 crypto wallets belonging to these victims, potentially worth millions of euros. Check if your computer has been infected and what to do if so at politie.nl/checkyourhack and haveibeenpwned.com

There were actions aimed at criminal services and their criminal users. These users were directly contacted by the police and asked to share relevant information regarding infostealers via the Operation Endgame Telegram channel. In addition, the failing criminal services are exposed via the Operation Endgame website.

[…]

Source: End of the game for cybercrime infrastructure: 1025 servers taken down – Operation Endgame’s latest phase targeted the infostealer Rhadamanthys, Remote Access Trojan VenomRAT, and the botnet Elysium | Europol

Charted: The Relationship Between Democracy and Corruption

Posted on by
Scatter plot showing the relationship between electoral democracy and political corruption in countries using 2024 data from V-Dem

Charting the Relationship Between Democracy and Corruption

[…]

  • Highly democratic countries consistently report lower levels of political corruption, especially in Europe.
  • No countries in the dataset are rated as both highly democratic and highly corrupt.
  • Authoritarian regimes show a wide range of corruption levels, but none approach the values achieved by democracies.

How does the level of democracy in a country influence corruption?

According to new data from the Varieties of Democracy (V-Dem) project and a visualization by Our World in Data, the correlation is clear: democratic societies tend to be less corrupt.

The chart maps countries across two indices: Electoral Democracy (measuring free, fair, and meaningful elections) and the Political Corruption Index (focused on bribery and public theft), both scaled from 0 to 1.

[…]

At a glance, Denmark stands out as the best performer, with near-perfect scores for democracy and minimal corruption.

Conversely, authoritarian regimes like Myanmar, Russia, and China have low democracy scores and relatively high corruption, though corruption levels vary even among less democratic states. Interestingly, no country appears in the upper-right quadrant, combining high democracy with high corruption, emphasizing the strong inverse relationship.

Why Democracies Tend to Be Cleaner

As outlined in V-Dem’s policy brief, democracies inherently support anti-corruption mechanisms. These include:

  • Independent courts and investigative bodies
  • Active civil societies and free media
  • Checks and balances that discourage misuse of public office

These structures make it harder for corrupt activities to go unnoticed or unpunished. In contrast, authoritarian systems often lack such safeguards, allowing corruption to flourish unchecked.

Comparing with Perceptions of Corruption

While this dataset relies on expert-based assessments, public perception also plays a role in understanding corruption. For more context, see our previous post on which countries are perceived as the most corrupt globally.

[…]

Source: Charted: The Relationship Between Democracy and Corruption

Railgun Damage To Japanese Target Ship Seen For The First Time

Posted on by
Japan’s Acquisition Technology & Logistics Agency (ATLA) has offered the first look at damage to a target ship after it was hit by projectiles fired from a prototype electromagnetic railgun in testing earlier this year.

Japan’s Acquisition Technology & Logistics Agency (ATLA) has offered the first look at damage to a target ship after it was hit by projectiles fired from a prototype electromagnetic railgun in testing earlier this year. Japanese authorities say valuable data and experience were gleaned from the demonstration, which will feed into its continued push toward an operational railgun capability. This is an area of development where the U.S. Navy notably halted work in the early 2020s, despite having seen promising progress, due to significant technological impediments.

[…]

Railguns, in general, use electromagnets instead of chemical propellants to fire projectiles at very high velocities. Dart-shaped projectiles, each with four fins at the rear and no warhead, were fired during the at-sea tests earlier this year. The projectiles were initially held inside a sabot that broke apart after leaving the muzzle. There was also a metal armature at the rear that served to push the projectile in the sabot down the barrel, which fell away after firing.

A slide from the ATLA presentation this week highlighting the evolution from earlier prototype railguns tested at facilities on land to the one mounted on the JS Asuka for the at-sea tests. ATLA
Another slide from the presentation discussing the design of the projectiles fired during the at-sea testing. ATLA
[…]

The wear on barrels from the sustained firing of projectiles at very high speeds is one of a number of long-standing challenges for railguns, in general. A worn-out barrel can lead to the loss of range and accuracy, as well as increase the risk of a catastrophic failure.

Railguns also have significant power generation and cooling requirements, which have, in turn, historically made them very physically bulky. The installation on JS Asuka included four shipping containers full of additional systems and equipment to help meet those needs.

Kazumi Ito, principal director of the equipment policy division at ATLA, said his country’s railgun efforts were “progressing,” but acknowledged “various challenges,” while speaking through an interpreter at a panel discussion at the DSEI Japan 2025 exposition earlier this year, according to National Defense Magazine.

[…]
“When it comes to warships, in particular, where physical space is at a premium and where options for reloading missiles at sea can be at best extremely limited, having a weapon system firing lower-cost munitions from a large magazine and that can engage a broad swath of target sets would be a clear boon.”
[…]

Source: Railgun Damage To Japanese Target Ship Seen For The First Time

Denmark rises again, finds another way to try to introduce 100% surveillance state in EU after public backlash stopped the last attempt at chat control. Send emails to your MEPs easily!

Posted on by

Thanks to public pressure, the Danish Presidency has been forced to revise its text, explicitly stating that any detection obligations are voluntary. While much better, the text continues to both (a) effectively outlaw anonymous communication through mandatory age verification; and (b) include planned voluntary mass scannings. The Council is expected to formally adopt its position on Chat Control the 18th or 19th of November. Trilogue with the European Parliament will commence soon after.

The EU (still) wants to scan
your private messages and photos

The “Chat Control” proposal would mandate scanning of all private digital communications, including encrypted messages and photos. This threatens fundamental privacy rights and digital security for all EU citizens.

You Will Be Impacted

Every photo, every message, every file you send will be automatically scanned—without your consent or suspicion. This is not about catching criminals. It is mass surveillance imposed on all 450 million citizens of the European Union.

Source: Fight Chat Control – Protect Digital Privacy in the EU

The site linked will allow you to very easily send an email to your representatives by clicking a few times. Take the time to ensure they understand that people have a voice!

Amazon latest company to lock up their hardware: will stop you installing stuff on Fire TV Sticks (in the name of combating streaming) and force you to use their own app store

Posted on by

Amazon is rolling out a tougher approach to combat illegal streaming, with the United States-based tech company aiming to block apps loaded onto all its Fire TV Stick devices that are identified as providing pirated content.

[…]

Amazon launched a new Fire TV Stick last month — the 4K Select, which is plugged into a TV to facilitate streaming via the internet — that it insists will be less of a breeding ground for piracy. It comprises enhanced security measures — via a new Vega operating system — and only apps available in Amazon’s app store will be available for customers to download.

[…]

Amazon insists the clampdown will apply to the new and old devices, but registered developers will still be able to use Fire Sticks for legitimate purposes.

[…]

The roll-out has started in Germany and France and will be expanded globally in the coming weeks and months.
Over the summer, The Athletic learned that Amazon had sporadically started blocking apps suspected of being linked to illegal sports streaming.
[…]
Gareth Sutcliffe is a leading tech researcher from Enders Analysis, who speaks on a range of topics in the episode, including the role of the Fire TV Stick device. He says that the previous — and still widely used — device made by Amazon “enables piracy” and that it’s “a broadly risky device for consumer safety”.
Sutcliffe says it “provides a very easy path for malware to enter into a home-computing environment”, there were “policies around developing apps for that device that Amazon took a certain position on and broadly got wrong” as they had made “an open computing device” that was a playground for “a whole world of nefarious actors”.
[…]

Source: Amazon steps up attempts to block illegal sports streaming via Fire TV Sticks – The Athletic

So yes, some apps are illegal, but plenty are legal. And they won’t work either. The “security” angle is just like Google’s move to stop people from installing (sideloading) software on Android. PCs allow you to do this and this generally goes right. It is about control, knowing what apps people install and above all: revenue. Mr Sutcliffe is firmly in the pay of these people and by saying that making an open computing device is wrong, he clearly shows this.

“This is a political deception” − Denmark gives New Chat Control another shot. Mass surveillance for all from behind closed doors.

Posted on by

It’s official, a revised version of the CSAM scanning proposal is back on the EU lawmakers’ table − and is keeping privacy experts worried.

The Law Enforcement Working Party met again this morning (November 12) in the EU Council to discuss what’s been deemed by critics the Chat Control bill.

This follows a meeting the group held on November 5, and comes as the Denmark Presidency put forward a new compromise after withdrawing mandatory chat scanning.

As reported by Netzpolitik, the latest Child Sexual Abuse Regulation (CSAR) proposal was received with broad support during the November 5 meeting, “without any dissenting votes” nor further changes needed.

The new text, which removes all provisions on detection obligations included in the bill and makes CSAM scanning voluntary, seems to be the winning path to finally find an agreement after over three years of trying.

Privacy experts and technologists aren’t quite on board, though, with long-standing Chat Control critic and digital rights jurist, Patrick Breyer, deeming the proposal “a political deception of the highest order.”

Chat Control − what’s changing and what are the risk

As per the latest version of the text, messaging service providers won’t be forced to scan all URLs, pictures, and videos shared by users, but rather choose to perform voluntary CSAM scanning.

There’s a catch, though. Article 4 will include a possible “mitigation measure” that could be applied to high-risk services to require them to take “all appropriate risk mitigation measures.”

According to Breyer, such a loophole could make the removal of detection obligations “worthless” by negating their voluntary nature. He said: “Even client-side scanning (CSS) on our smartphones could soon become mandatory – the end of secure encryption.”

Breaking encryption, the tech that security software like the best VPNs, Signal, and WhatsApp use to secure our private communications, has been the strongest argument against the proposal so far.

Breyer also warns that the new compromise goes further than the discarded proposal, passing from AI-powered monitoring targeting shared multimedia to the scanning of private chat texts and metadata, too.

“The public is being played for fools,” warns Breyer. “Following loud public protests, several member states, including Germany, the Netherlands, Poland, and Austria, said ‘No’ to indiscriminate Chat Control. Now it’s coming back through the back door.”

Breyer is far from being the only one expressing concerns. German-based encrypted email provider, Tuta, is also raising the alarm.

“Hummelgaard doesn’t understand that no means no,” the provider writes on X.

To understand the next steps, we now need to wait and see what the outcomes from today’s meeting look like.

Source: “This is a political deception” − New Chat Control convinces lawmakers, but not privacy experts yet | TechRadar