International Cyber Digest
6.28K subscribers
933 photos
52 videos
2 files
168 links
Independent reporting on cybersecurity, tech, AI & digital policy. Got a tip? http://internationalcyberdigest.com/tips
Download Telegram
The UK wants to put goal-oriented autonomous AI at the core of national cyber defence to protect critical infrastructure. That includes automated scanning of critical UK IP ranges and automated blocking of malicious domains.

Cyber Shield, a blueprint from the National Cyber Security Centre and the UK's science and tech department, envisions federated "red" and "blue" AI agents hunting vulnerabilities, containing intrusions, and sharing insight across government and critical infrastructure at machine speed.

NCSC says AI is already compressing attack steps that took weeks into minutes, and expects frontier models to become capable of automating the full intrusion lifecycle.

Article: https://www.internationalcyberdigest.com/uk-wants-to-use-autonomous-ai-to-protect-critical-infra/
😭12🤔21🤣1🤪1
Proton is now publicly calling Windows spyware over the Global Device ID that Microsoft uses for every Windows installation. They say users never consent to the GDID, can't remove it, and that reinstalling Windows only partially helps since Microsoft keeps the old records.

The company found exactly one mention of the identifier in all of Microsoft's public documentation.

Every Windows installation carries a Global Device ID that Microsoft can hand to law enforcement, and a federal complaint against an alleged Scattered Spider hacker just showed it defeating a VPN.

Per the FBI affidavit, Microsoft records tied one GDID to the creation of an ngrok account used in a May 2025 jewelry retailer breach, then gave investigators the device's full IP history. Cross-referenced against the suspect's Apple, Snapchat, and Facebook logins, the VPN didn't matter.

Read:
https://www.internationalcyberdigest.com/proton-calls-windows-gdid-spyware/
😱8🔥3😁2🤔2🥴1
Two AI labs are shipping flagship models today: xAI's Grok 4.5 and OpenAI's GPT-5.6 both go public today.

Grok 4.5 is the coding play. It runs on V9, xAI's new 1.5 trillion parameter foundation, about three times the size of the model behind Grok 4.3, and it was trained on real developer data from Cursor. Musk is calling it "Opus-class," meaning he says it matches Anthropic's Claude Opus 4.8 while running faster and cheaper. It's live now in Grok Build and inside Cursor, but not yet in the EU.

GPT-5.6 isn't one model but three: Sol, the flagship for hard reasoning and coding; Terra, a balanced tier at about half the cost of GPT-5.5; and Luna, the fast cheap one. It's the more loaded launch, held to roughly 20 partners for a month at the U.S. government's request over its cyber capability, and only cleared by the Commerce Department for a broad release this week.

The common thread is cost. Both labs are selling price and token efficiency over raw scores, betting cost per solved task wins developers faster than a leaderboard spot.

Benchmarks:
- http://openai.com/index/previewing-gpt-5-6-sol
- http://x.ai/news/grok-4-5

Read the article: https://www.internationalcyberdigest.com/two-frontier-ai-models-ship-on-the-same-day-grok-4-5-and-gpt-5-6/
💩8👍5🤪41
‼️🇪🇺 A black day for freedom and civil rights in Europe.

The European Parliament has voted in favour of "chat control." The lapsed derogation that lets platforms scan private messages for child sexual abuse material (CSAM) is back into force until 2028.

Parliament killed this same text 311 to 228 in March. Today it passed.

How it passed also matters, it was a democracy undermining move from The European People's Party (EPP), the largest group in Parliament, who revived the Council's text as a second-reading position, meaning it stood unless an absolute majority of all MEPs, at least 361, voted to reject or amend it.
🤬24💩101😢1😨1🤪1
DuckDuckGo's browser now blocks most YouTube video ads, including pre-roll and mid-roll, using community uBlock Origin filter lists plus its own compatibility rules.

It's on by default on iOS, Mac, and Windows (manual on Android), putting it alongside Brave and Opera in the browser-vs-Google fight over YouTube's ad model.

DuckDuckGo's cautions the feature is new and may break temporarily whenever YouTube changes how it serves ads.
32👏12👍2
❗️ Meta just silently opted in every adult Instagram user for their new Muse AI Image generator, which lets anyone create AI images of your likeness by tagging your public handle in a prompt, no notification when your photos are used, and no removal of images generated before you opt out.

To opt out on Instagram: Profile > Menu > Sharing and reuse, then switch off the reuse toggles under "Allow people to reuse your content on Instagram and with AI features at Meta."
🤬214🥰2🙏2🔥1😁1
❗️ An Israeli startup founder secretly uploaded a cluster of malicious typosquatted npm packages that impersonate Anthropic, Vercel, LangChain, Ollama, OpenAI and Aspect Security and profile developer machines on install.

The packages skip passwords and tokens by design. Instead, the install script harvests identity: hostname, every git and SSH email on the box, teammate emails from the git reflog, AWS/GCP profile and account details, and the corporate DNS domain, all shipped to a Google Cloud Run endpoint.

There were about 20k downloads before takedown.

Article: https://www.internationalcyberdigest.com/npm-infostealer-campaign-traced-to-israeli-cybersecurity-startup/
💩16🤬5😁2😱2🤣2🤪21😭1
‼️ Dutch police have just released a statement claiming the Odido hack was carried out by Dutch criminals. The breach happened because an Odido employee, after being misled, authorized a malicious Salesforce connected app. Police plan to release the voice recording of the actor who called Odido and impersonated IT support.

The hack, which is attributed to ShinyHunters, led to the leak of sensitive information belonging to over 6 million people. After Odido refused to pay, the data was leaked to the public. Criminals are now using the Odido dataset for phishing and identity theft.

Article: https://www.internationalcyberdigest.com/dutch-police-point-to-suspects-in-odido-hack-and-may-release-callers-voice/
🥰4🤣21💩1
Huawei’s telephoto camera turned a twin-engine jet into a bird.
🤣474😭4👍2😁1
❗️ More than half of Grok's traffic now comes from adult content, including porn image and video generation and sexual role-play, according to a report of The Information. xAI is reportedly leaning into it, not away from it.

It also lands amid lawsuits and probes in the US, EU, India and Brazil over sexualized deepfakes, including alleged images of minors. Musk has denied awareness of any underage sexual images generated by Grok.

Article: https://www.internationalcyberdigest.com/adult-content-now-drives-most-of-groks-traffic/
😁8🥰3💩2🤣2
❗️ Anthropic tried to charge a Korean user who was on the free plan with zero API usage $16.6 million. A day earlier, the same invoice was $1.67 million, so it grew roughly 10x overnight.

The user says he suspected phishing at first, then found the sender and payment link were Anthropic's official domain. His bank declined the charge attempts for exceeding the card's per-transaction limit...

Last month auditing startup Vaudit told it found about $1.7 million in overcharges across $34 million in AI invoices, mostly tied to Claude Code, and after months of GitHub reports about contradictory Anthropic billing emails.

Read:
https://www.internationalcyberdigest.com/anthropic-tried-to-phantom-charge-16-6m/
🤣36🥰31🤬1