US Border Patrol Is Spying on Millions of American Drivers

Eight years after a researcher warned WhatsApp that it was imaginable to extract idiosyncratic telephone numbers en masse from the Meta-owned app, different squad of researchers recovered that they could inactive bash precisely that utilizing a akin technique. The contented stems from WhatsApp’s find feature, which allows idiosyncratic to participate a person’s telephone fig to spot if they’re connected the app. By doing this billions of times—which WhatsApp did not prevent—researchers from the University of Vienna uncovered what they’re calling “the astir extended vulnerability of telephone numbers” ever.

Vaping is simply a large occupation successful US precocious schools. But is the solution to spy connected students successful the bathroom? An probe by The 74, copublished with WIRED, recovered that schools astir the state are turning to vape detectors successful an effort to ace down connected nicotine and cannabis depletion connected schoolhouse grounds. Some of the vape detectors spell acold beyond detecting vapor by including microphones that are amazingly close and revealing. While fewer support addiction and cause use, adjacent non-vapers accidental the added surveillance and the punishments that effect spell excessively far.

Don’t look now, but that aged networking instrumentality your institution hasn’t thought astir successful years whitethorn leap retired and wound you. Tech elephantine Cisco this week launched a caller initiative, informing companies that AI tools are making it progressively elemental for attackers to find vulnerabilities successful outdated and unpatched networking infrastructure. The message: Upgrade oregon else.

If you’ve ever attended a conference, you astir apt disquieted astir getting sick successful the cesspools that are a league center. But 1 hacker league successful New Zealand, Kawaiicon, invented a caller mode to support attendees a small spot safer. By tracking the CO₂ levels successful each league room, Kawaiicon’s organizers were capable to make a real-time air-quality monitoring system, which would archer radical which rooms were harmless and which seemed … gross. The task brings caller meaning to antivirus monitoring.

And that’s not all. Each week, we circular up the information and privateness quality we didn’t screen successful extent ourselves. Click the headlines to work the afloat stories. And enactment harmless retired there.

US Border Patrol Is Spying connected Millions of American Drivers

The US Border Patrol is operating a predictive-intelligence programme that monitors millions of American drivers acold beyond the border, according to a elaborate probe by the Associated Press. A web of covert license-plate readers—often hidden wrong postulation cones, barrels, and roadside equipment—feeds information into an algorithm that flags “suspicious” routes, speedy turnarounds, and question to and from borderline regions. Local constabulary are past alerted, resulting successful postulation stops for insignificant infractions similar window-tint violations, aerial fresheners, oregon marginal speeding. AP reviewed constabulary records showing that drivers were questioned, searched, and sometimes arrested contempt nary contraband being found.

Internal radical chats obtained done public-records requests amusement Border Patrol agents and Texas deputies sharing edifice records, rental car status, location addresses, and societal media details of US citizens successful existent clip portion coordinating what officers telephone “whisper stops” to obscure national involvement. The AP identified plate-reader sites much than 120 miles from the Mexican borderline successful the Phoenix area, arsenic good arsenic locations successful metropolitan Detroit and adjacent the Michigan-Indiana enactment that seizure postulation headed toward Chicago and Gary. Border Patrol besides taps DEA plate-reader networks and has, astatine assorted times, accessed systems tally by Rekor, Vigilant Solutions, and Flock Safety.

CBP says the programme is governed by “stringent” policies and law safeguards, but ineligible experts told AP that its standard raises caller Fourth Amendment concerns. A UC Law San Francisco authoritative said the strategy amounts to a “dragnet” tracking Americans’ movements, associations, and regular routines.

Microsoft Thwarts Record-Breaking Cloud DDoS Attack

Microsoft claims to person mitigated the largest distributed denial-of-service (DDoS) onslaught ever recorded successful a unreality environment—a 15.72 Tbps, 3.64-billion-pps barrage launched connected October 24 against a azygous Azure endpoint successful Australia. Microsoft says The onslaught “originated from the Aisuru botnet,” a Turbo-Mirai–class IoT web of compromised location routers, cameras, and different user devices. More than 500,000 IP addresses are said to person participated, generating a monolithic DDoS onslaught with small spoofing. Microsoft says its planetary Azure DDoS Protection web absorbed the postulation without work disruption. Microsoft described the onslaught arsenic the “the largest DDoS ever observed successful the cloud,” emphasizing the azygous endpoint; however, Cloudflare besides precocious reported a 22.2 Tbps flood, naming it the largest DDoS onslaught ever seen.

Researchers enactment that Aisuru has precocious launched aggregate attacks exceeding 20 Tbps and is expanding its capabilities to see credential stuffing, AI-driven scraping, and HTTPS floods via residential proxies.

SEC Drops Claims Against SolarWinds Over Historic 2020 Hack

The US Securities and Exchange Commission has dropped its remaining claims against SolarWinds and its CISO, Tim Brown, ending a long-running lawsuit implicit the company’s 2020 supply-chain hack, successful which Russian SVR operatives allegedly compromised SolarWinds’ Orion bundle and triggered wide breaches crossed authorities and industry. The agency’s lawsuit—filed successful 2023 and centered connected alleged fraud and internal-control failures—had already been mostly dismantled by a national justice successful 2024. SolarWinds called the afloat dismissal a vindication of its statement that its disclosures and behaviour were due and said it hopes the result eases concerns among CISOs astir the case’s imaginable chilling effect.

FBI Spied connected Immigration Activist Signal Group

Law enforcement records amusement that the FBI accessed messages from a backstage Signal radical utilized by New York migration court-watch activists—a web that coordinates volunteers monitoring nationalist hearings astatine 3 national migration courts. According to a two-page FBI/NYPD “joint situational accusation report” dated August 28, 2025, agents quoted chat messages, labeled the nonviolent tribunal watchers arsenic “anarchist convulsive extremist actors,” and circulated the appraisal nationwide. The study did not explicate however the FBI penetrated an encrypted Signal group, but it claimed the accusation came from a “sensitive root with fantabulous access.”

The documents, archetypal reported by the Guardian, were archetypal obtained by the government-transparency radical Property of the People. They picture activists discussing however to participate courtrooms, movie officers, and stitchery identifying details of national personnel, but supply nary grounds to enactment the FBI’s allegation that a subordinate antecedently advocated violence. A abstracted acceptable of records—also obtained by the group—shows the bureau framed mean reflection of nationalist migration hearings arsenic a imaginable threat, adjacent arsenic Immigration and Customs Enforcement has escalated courthouse arrests and acceptable what advocates telephone “deportation traps.” Civil liberties experts told the insubstantial that the surveillance mirrors earlier FBI campaigns targeting lawful dissent and risks chilling protected governmental activity.