International Cyber Digest
6.28K subscribers
933 photos
52 videos
2 files
168 links
Independent reporting on cybersecurity, tech, AI & digital policy. Got a tip? http://internationalcyberdigest.com/tips
Download Telegram
❗️ Alibaba bans employees from using Anthropic's Claude Code in workplace environments from July 10, citing alleged embedded "backdoor" risks raised after recent binary reverse-engineering.

The reported ban lands weeks after Anthropic told US lawmakers that Alibaba-linked operators used roughly 25,000 fraudulent accounts to distill Claude, turning a model-abuse dispute into an open corporate standoff.
12🤣7🥰3👍2
Media is too big
VIEW IN TELEGRAM
‼️ Sony already started converting its last disc factory before this week's announcement of going digital-only in January 2028. The Sony DADC plant in Thalgau, Austria presses 600,000 discs a day, half of them PlayStation titles.

Sony pressed its own game discs for four decades, and once Thalgau converts, physical PlayStation media has no in-house home left.

The site is pivoting to optical microlenses for cars and AR headsets. Sony has put in €30 million and says all 300 workers will be retrained. Mass microlens production is slated to start in 2027.

Article: https://www.internationalcyberdigest.com/goodbye-sony-is-already-converting-its-last-disc-factory/
😭9👍6💩52
MacBook users have been taking metal files to the sharp front edge below the trackpad, where the palm rests, rounding it off by hand.

Some users say the edge has never bothered them. Others describe wrist pain after hours of trackpad use.
🤣16🙏41💩1
‼️ Very concerning: the UK government wants a legal route to manipulate your social media timeline, by only boosting mainstream media outlets.

It is consulting on laws that would force platforms like YouTube, Meta and TikTok to push news from the BBC, ITV and other, in their words, "trustworthy" providers to the top of British feeds.

Independent creators fear the obvious: feed slots are finite, so every mandated boost pushes someone else down. YouTube is publicly fighting the plan, warning it means special treatment for outlets picked by government.

Article: https://www.internationalcyberdigest.com/uk-goverment-wants-to-manipulate-your-social-media-timeline/
💩20🤣41🤪1
‼️ Pliny, an AI jailbreak researcher, has released a multi-agent offensive-security framework that turns a Claude Code or OpenAI Codex subscription into what he calls real bug-hunting, pitched at people who never got the invite.

It's called T3MP3ST, and it sells an AI "swarm" that runs the full hacking kill chain (recon, exploit, report) and claims to "turn anyone into a zero-day hunter."

On XBOW's own set of 104 practice hacking challenges, T3MP3ST claims it solved 90.1% on the first try, beating the 85% XBOW reports for its own tool.

https://github.com/elder-plinius/T3MP3ST
13🔥3🥰1
This is absurdly clever: there is a way you can cut Fable 5 costs by up to ~70%. Just turn Claude Code context into an image and make Fable OCR them. 😂

https://github.com/teamchong/pxpipe
🤣11😁6🔥32
❗️ The world's biggest anime piracy site HiAnime's suspected operators have been arrested in Vietnam.

Vietnamese police say the group ran 100+ piracy sites since 2020, uploaded 26,000+ films, and pulled in roughly $12.85 million in ad revenue. Four suspects are in custody; three are under travel restrictions.

The arrests follow a multi-year investigation supported by US Homeland Security Investigations, the DOJ, and anti-piracy coalition ACE.

Read: https://www.internationalcyberdigest.com/operators-of-worlds-biggest-anime-piracy-site-arrested/
😢28😭11🤣71😨1
‼️ Discord users report a ban wave after being falsely flagged for posting child abuse material, when in fact they're posting ordinary images with grid patterns. Minecraft inventories, spreadsheets, chessboards, game textures.

The problem may reach beyond Discord. An itch[.]io developer says the site received automated child abuse reports on plain gray grid images after moving its image hosting to Cloudflare. Most platforms scan uploads against the same shared databases of digital fingerprints of known abuse material, and simple repetitive images like grids can produce fingerprints that wrongly match entries in those lists. If the fault sits in that shared system rather than in one company's AI, every platform using it could misfire on grids at the same time. Unconfirmed for now, but it would explain why two unrelated services tripped on the same pattern in the same week.

Discord has not publicly acknowledged the issue. Affected users say appeals are coming back automated.

Read the article: https://www.internationalcyberdigest.com/discords-falsely-flagging-and-banning-users-for-csam/
🤣13🤬32
‼️ Dutch intelligence services are being accused of training their own AI on bulk datasets holding millions of citizens' records including sets they bought from breach leaks, according to digital rights group Bits of Freedom.

The Dutch intelligence oversight body says the intelligence services broke the law handling these bulk datasets. Too many staff had unlawful access, data was kept past legal limits, and the services used datasets leaked by hackers.

The Dutch intelligence law is up for revision this year, with public consultation expected in August. Bits of Freedom says the services want oversight weakened.

Read the articel: https://www.internationalcyberdigest.com/dutch-spy-agencies-accused-of-training-ai-on-bulk-data-from-millions-of-citizens/
💩7🤬42
‼️ Discord is testing Incode as a age verification vendor, but Incode's biometric policy allows model training on biometric data, its privacy policy permits retention for up to three years, and the Electronic Frontier Foundation has already faulted its TikTok setup for not auto-deleting user data.

Discord says the selfie check runs on-device and that IDs sent to Incode are deleted once your age is confirmed. But Incode's own policy allows for longer retention if consented by the individual.

After roughly 70,000 Discord users had government ID photos exposed through a breached third-party support firm last October (see the heavily redacted photo we posted back then), users should be sceptical about Discord's choice.

Read the article: https://www.internationalcyberdigest.com/discord-tests-incode-for-age-checks-and-users-are-reading-the-fine-print/
💩13🤬3
‼️ A 15-year-old in Japan used ChatGPT to write a program that mass-unsubscribed 46,812 Bandai Anime streaming users, Tokyo police say. He has now been arrested.

The November attack forced Bandai Namco Filmworks to take the anime streaming service offline for six weeks, with data on up to 1.366 million members potentially exposed.

Police say the self-taught teen found the server flaw by studying network traffic, then let ChatGPT automate the rest. He told investigators he had no grudge against the company.

Read the article:
https://www.internationalcyberdigest.com/japanese-police-arrest-15yo-over-chatgpt-assisted-cyberattack-against-bandai-channel/
🤣26👏114😁1
‼️ BREAKING: New research shows you can copy any signed GitHub commit into a second one that looks identical, without the author's secret key, creating a distinct commit with an identical tree, identical metadata, a valid signature, and a "Verified" badge from GitHub.

On GitHub, a green "Verified" badge is supposed to mean two things: a trusted author signed it, and its ID is a one-of-a-kind fingerprint for that exact code. A new Carnegie Mellon preprint from Jacob Ginesin says the second promise, the unique fingerprint, does not hold.

Why it matters: security teams and package systems (behind tools like Go, Nix, and GitHub Actions) trust that ID as a unique handle for code. Block or pin the "bad" version, and an attacker can re-issue the same signed code under a fresh, still-verified ID that slips past. The author says Git and GitHub have not fixed it.

PoC: https://github.com/JakeGinesin/git-chain-malleator

Article: https://www.internationalcyberdigest.com/new-research-a-verified-github-commit-is-not-unique/
🤯8🔥6🤬31😁1
‼️ TikTok's official verified Discord server has been breached by crypto scammers. They have been pinging everyone for over two weeks now with a fake MrBeast crypto casino scam featuring a $2,500 bonus lure and fabricated withdrawal screenshots.
🤣29😁42
From today, every new car, van, truck and bus registered in the European Union must carry a camera-based Advanced Driver Distraction Warning system under the General Safety Regulation, with gaze tracking that alerts inattentive drivers and rules that ban facial recognition and keep the data inside the vehicle.

https://www.internationalcyberdigest.com/driver-monitoring-is-now-mandatory-in-every-new-vehicle-registered-in-the-eu/
🤣13😱51