TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach…

TM SGNL, a chat app by US-Israeli firm TeleMessage used by Trump officials, halts operations after a breach exposed messages and backend data.

A data breach has exposed security flaws and sensitive information in TM SGNL, a chat app developed by the Israeli-US company TeleMessage. The firm is known for providing modified versions of encrypted messaging apps such as Signal, WhatsApp, Telegram, and WeChat, to the US government.

This alleged breach, first reported by 404 Media, involved a hacker gaining access to archived messages, including direct and group chats. As a result, the company has temporarily suspended its operation.

The hack raises serious concerns about the security of communications at the highest levels of the US government, particularly as former National Security Advisor Mike Waltz was recently seen using TM SGNL during a cabinet meeting with President Trump.

This sparked immediate scrutiny since unlike Signal, TM SGNL is not available on public app stores. At the time of writing, TeleMessage’s official website remains online, but all references to the app, its services, and related activity have been removed.

Reportedly, Smarsh, TeleMessage’s corporate owner, is currently rebranding the service as Capture Mobile. However, the Wayback Machine shows the website’s archive pages and installation guide for both iOS and Android devices.

****The Hacker Remains Anonymous****

The hacker, who remains anonymous, claimed to have breached TeleMessage’s backend infrastructure in a mere “15-20 minutes,” highlighting the ease of access. The stolen data includes message contents, contact information of government officials, usernames and passwords for TeleMessage’s backend panel, and indications of client agencies and companies.

The companies include Customs and Border Protection (CBP) and cryptocurrency giant Coinbase. However, it was confirmed that the hacker did not obtain messages from Trump cabinet officials or Waltz himself.

Internal screenshot from the TeleMessage app which the hacker shared with 404 Media

****Analysis Reveals Critical Flaws in TM SGNL****

Software engineer Micah Lee, who managed to analyse the app’s source code uncovered serious vulnerabilities, including hardcoded credentials. While the nature of the hardcoded credentials was not specified, their presence indicates a serious security flaw.

Furthermore, TeleMessage modifies Signal to add message archiving capabilities, a feature likely used by government officials for record-keeping compliance. However, this modification involves storing decrypted messages on a cloud server, creating a potential security risk.

The main issue is that messages are only encrypted within the app and not end-to-end secured during archiving. They are decrypted and stored in plaintext on TeleMessage’s servers, which are vulnerable to unauthorized access.

The hacker confirmed that the breached server was the same Amazon Web Services (AWS) server used for message archiving, confirming the vulnerability.

A Signal spokesperson reiterated that the company “cannot guarantee the privacy or security properties of unofficial versions of Signal,” further emphasizing the risks associated with modified apps like TM SGNL

The incident highlights the continued use of apps like Signal and TM SGNL by government officials, despite the availability of secure communication systems, raising questions about their choice and the risky assumptions they make about smartphone app security. It also highlights the need for a thorough reassessment of government officials’ communication tools, particularly those involving sensitive information and record-keeping regulations.

Chat App Used by Trump Admin Suspends Operation Amid Hack

ESET has discovered Spellbinder, a new tool used by the China-linked cyber espionage group TheWizards to conduct AitM…

ESET has discovered Spellbinder, a new tool used by the China-linked cyber espionage group TheWizards to conduct AitM attacks and spread their WizardNet backdoor via manipulated software updates.

A sophisticated cyber espionage operation, linked to China and active since at least 2022, has been exposed by security researchers at ESET. The group dubbed TheWizards by ESET stands out for its innovative method of infiltrating computer networks. Reportedly, it employs a custom tool, named Spellbinder, to conduct adversary-in-the-middle (AitM) attacks, to deliver a sophisticated backdoor dubbed WizardNet by ESET.

ESET’s in-depth analysis, detailed in a recent blog post, reveals that Spellbinder manipulates network traffic via IPv6 SLAAC (stateless address autoconfiguration) spoofing, effectively intercepting legitimate Chinese software updates and redirecting them to attacker-controlled servers to deliver WizardNet.

Attack Method Explained (Source: ESET)

WizardNet is a sophisticated, modular backdoor capable of receiving and executing further malicious modules from a remote C2 server. This allows TheWizards to perform a wide range of malicious activities on compromised systems.

Reportedly, after gaining initial access, attackers deploy a specific archive which, through a process called side-loading, ultimately executes Spellbinder’s malicious code. Spellbinder, evolving since its 2022 analysis, uses WinPcap to capture packets and exploits IPv6’s Network Discovery Protocol by sending crafted ICMPv6 Router Advertisement (RA) messages. T

his tricks victims into using the attacker’s machine as the gateway, enabling traffic interception. It then monitors DNS queries for targeted Chinese platforms like Tencent, Baidu, and Xiaomi, generating fake DNS responses and directing victims to attacker-controlled IPs (e.g., 43.155.1167 in 2022, 43.155.6254 in 2024) serving malicious updates.

A notable instance involved hijacking legitimate update requests for Tencent QQ software by Spellbinder in 2024, directing the software to download a malicious archive from the attacker’s server. This archive contained a harmful component that, upon execution, installed the WizardNet backdoor.

ESET’s telemetry indicates that TheWizards have been actively targeting entities in the Philippines, Cambodia, the United Arab Emirates, mainland China, and Hong Kong. The targets range from individuals to gambling companies and other currently unknown entities.

The initial discovery involved Sogou Pinyin (a widely used Chinese input method software) downloading WizardNet. This follows a pattern of abuse targeting Sogou Pinyin’s update process. In January 2024, as detailed by ESET, the hacking group Blackwood utilized this method to deploy an implant named NSPX30.

Furthermore, earlier in 2025, the Slovak cybersecurity firm revealed another threat group known as PlushDaemon that also leveraged the same technique to distribute a custom downloader called LittleDaemon.

As detailed in their report, researchers observed potential links between TheWizards and a Chinese company Sichuan Dianke Network Security Technology (UPSEC) through the analysis of the Android malware DarkNights (DarkNimbus).

Despite TheWizards primarily using WizardNet on Windows, their infrastructure served DarkNights as a malicious update for Android Tencent QQ.

Such sophisticated manipulation of trusted update mechanisms highlights the persistent and evolving threat from state-aligned cyber espionage and the ongoing need for improving security measures and caution against these threats.

Chinese Group TheWizards Exploits IPv6 to Drop WizardNet Backdoor

Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how…

Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how these flaws enable remote control (RCE) and data theft on iPhones, Macs, CarPlay, and more.

Cybersecurity firm Oligo has revealed major vulnerabilities, dubbed AirBorne, in Apple’s AirPlay, a wireless system used by iPhones, iPads, Macs, and third-party devices for audio and video streaming. These flaws in Apple’s AirPlay software tools for other companies could let hackers take control of devices on the same Wi-Fi network.

Apple has released updates for its devices and provided fixes to third-party makers, urging users to update. However, not all companies update quickly. Oligo identified 23 vulnerabilities, leading to 17 security identifiers (CVEs), that could enable various attacks, including taking complete control of a device without user interaction (Zero-Click RCE), reading any file (Local Arbitrary File Read), stealing private information, and intercepting communications. Attackers could combine these to fully control devices.

Two key vulnerabilities (CVE-2025-24252 and CVE-2025-24132) could allow wormable attacks, spreading harmful software automatically across networks. This could lead to serious issues like spying and ransomware. Millions of Apple devices and third-party AirPlay devices, including those in cars (CarPlay), are potentially affected.

Oligo demonstrated Zero-Click RCE on macOS (CVE-2025-24252) under certain network settings, potentially allowing malware to spread. They also found One-Click RCE on macOS (CVE-2025-24271) under different settings. Speakers and receivers using AirPlay SDK are vulnerable to Zero-Click RCE (CVE-2025-24132), allowing eavesdropping. CarPlay devices are also at risk of RCE, which could distract drivers or enable tracking.

Oligo’s research found that many basic AirPlay commands were accessible without strong security. The vulnerabilities often relate to how the AirPlay software handles data in a format called “plist.”

For your information, plist is AirPlay’s system that combines HTTP and RTSP protocols to communicate over port 7000. Commands, particularly those with extra information, are sent as HTTP data in plist format.

Oligo gave one example of a type of confusion vulnerability (CVE-2025-24129) that happens because the AirPlay software doesn’t properly check the type of data it receives in a plist. If it expects a list of items but gets something else, it can cause the program to crash.

Crashing a device’s AirPlay could allow attackers to intercept communications. For example, crashing the AirPlay server on a device could allow an attacker to pretend to be that device on the network and intercept communications. They gave a scenario where an attacker could crash a TV’s AirPlay, fake its identity, and then record a meeting being streamed to it, researchers noted.

Oligo’s in-depth technical report published on April 29, 2025, urges users and organizations to immediately update all Apple and third-party AirPlay devices to the latest software. They also suggest disabling AirPlay when not in use and limiting AirPlay access on networks.

In a comment to Hackread.com, cybersecurity expert and Head of Business Product at NordPass, Karolis Arbaciauskas stated that “Many third-party AirPlay devices don’t get timely updates like Apple’s, so vulnerabilities may remain. To exploit them, an attacker needs access to your Wi-Fi, so secure your router with updates and a strong password.”

“Factory-set passwords are often weak, so always change them. Use at least eight random characters with numbers and symbols, and consider a password manager to make this easier,” Karolis advised. “Avoid using AirPlay on public Wi-Fi, which is often insecure. If possible, use your phone’s hotspot instead, or at least avoid open networks and use a VPN.”

Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities

Plus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.

Researchers unveiled a cluster of vulnerabilities in Apple’s wireless media streaming platform AirPlay this week that leave millions of third-party devices like speakers and TVs vulnerable to takeover if an attacker is on the same Wi-Fi network as the victim gadget. These “AirBorne” vulnerabilities have all been patched—including some that potentially impacted Apple’s Mac computers—but, in practice, third-party devices may not all get fixes, and even if they do, patch adoption could be low.

Records reviewed by WIRED show that utilizing car subscription features can substantially raise your risk of being subjected to government surveillance, because such services generate troves of data that are valuable to law enforcement. WIRED also did a deep dive on North Korea’s yearslong campaign to place IT workers inside companies in North American, the United Kingdom, and Europe. The schemes are more effective than ever as scammers incorporate AI into their workflows.

WhatsApp designed a special cloud processing platform called Private Processing to allow new AI tools to work in the secure messenger without compromising its end-to-end encryption. Experts warn, though, that it could create enticing targets for hackers. And we have a guide for navigating the privacy risks of using ChatGPT’s new image generator to do seemingly fun and innocuous projects like making an action figure version of yourself.

But wait, there's more! Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

**Three British Retailers Hacked in Spate of Cyberattacks**

Three separate retailers in the UK—including the supermarket Co-op and thedepartment stores Marks & Spencer and Harrods—have all revealed they have recently been subject to cyberattacks, with the intrusions and widespread impact seemingly ongoing. Toward the end of April, Marks & Spencer revealed it had been the victim of a “cyber incident.” Over the following two weeks, it has been forced to pause online orders within its apps, some food has been missing from its shelves, and it has paused recruitment and other “normal processes.” Staff at Co-op have been told to keep webcams turned on during remote meetings and check who is attending calls, after shutting down parts of its IT systems in response to its own hack. Harrods, meanwhile, told customers to “not do anything differently at this point.”

At the time of writing, none of the retailers have detailed the specific nature of the cyberattacks or the full scale of the impacts. It is also unclear if the attacks are linked. Bloomberg has reported a ransomware cartel dubbed DragonForce has claimed it and its partners were behind the attacks. The so-called cartel provides “infrastructure and tools” to hackers but “doesn't require affiliates to deploy its ransomware,” according to research from security firm Secureworks. The hacked companies did not respond to Bloomberg about the claims.

Bleeping Computer originally reported that the threat actors known as Scattered Spider were allegedly behind the attack on Marks & Spencer. The publication reported that the company’s servers were encrypted by ransomware, with the intrusion beginning as early as February. The attribution to Scattered Spider has not been confirmed by Marks & Spencer.

Over the past two years, Scattered Spider has emerged as one of the most prolific and dangerous sets of hackers currently operating. The threat actors are not a well-defined group of hackers. Instead, they’re more a loose collective that uses social engineering—such as phishing and voice calls—to gain initial access into company networks. Scattered Spider members are often English-speaking, teenaged, and can be members of the heinous criminal group the Com. The hackers have been active since June 2022 and have targeted more than 100 companies—including the high-profile hacks on Caesar's Entertainment and MGM Resorts in 2023.

**France (Finally) Names Russian Hackers for the First Time**

French authorities have condemned Russia’s military intelligence agency, accusing it of orchestrating a series of high-profile cyberattacks—including the hacking of Emmanuel Macron’s 2017 presidential campaign, a brazen 2015 assault on the TV channel TV5 Monde, and recent intrusion attempts targeting organizations involved in preparing the 2024 Paris Olympic Games.

French authorities have also disclosed the name and location of a GRU unit tied to the notorious hacking group APT28—information that had never before been officially released. Unit 20728 is based in the southern Russian city of Rostov-on-Don and operates out of the "166th Information Research Center."

This marks the first time French officials have publicly assigned blame to a foreign intelligence service following an internal attribution process. The timing is significant, coming as Paris positions itself at the forefront of Europe’s support for Ukraine.

**US Moves to Crack Down on ‘Largest Illicit Marketplace’**

The Trump administration has taken the first step toward blacklisting a Cambodian financial conglomerate at the center of a global money laundering network. On Thursday, the Treasury Department designated Huione Group as a money-laundering operation, alleging that the company and its affiliates have laundered more than $4 billion for criminals, including North Korean hackers and online scammers.

These scammers—who defraud victims through bogus investments and other schemes—rely on Huione and its affiliates to move funds abroad to evade both law enforcement and anti-money-laundering systems. The proposed action represents the most significant effort yet to crack down on Huione, which is tied to what experts believe to be the “largest illicit marketplace”: Huione Guarantee. According to WIRED’s January report, the marketplace has likely facilitated over $24 billion in gray-market transactions. Experts believe the platform operates as a one-stop shop for scammers, offering everything from victim contact lists and deepfake tools to fake investment websites and other illicit services.

**New Microsoft Accounts Won’t Need Passwords Anymore**

Slowly but surely, the password is dying. Over the past two years, passkeys—a stronger method of authentication that doesn’t require you to remember or use a password—have become more common. The rollout of the technology has been piecemeal, but big tech companies have worked for years to create the alternative, which is more secure than passwords. This week, Microsoft announced that people setting up new accounts with the company won’t have to create passwords at all. “New Microsoft accounts will now be ‘passwordless by default,’” the company wrote in a blog post. Microsoft is also pushing people further away from passwords and will “detect” the best way for people to lo in to their accounts if they have set up alternatives to passwords.

Hacking Spree Hits UK Retail Giants

Passwords are becoming things of the past. Passkeys are more secure, easier to manage, and speed up the log in process

And we agree. If there is a cybersecurity themed day that we would like to get rid as soon as possible it’s world password day. Sorry, old friend, but you’re outdated, and it looks like your days are numbered. Let’s switch to passkeys.

To quote Microsoft:

> “As the world shifts from passwords to passkeys, we’re excited to join the FIDO Alliance in leaving World Password Day behind to celebrate the very first World Passkey Day.”

In 2013, Intel introduced World Password Day to remind people of the importance of strong passwords. But over time, the number of passwords we use, and the necessary strengths have grown so much that the system has become practically unusable without a password manager. So, only a few years later, Microsoft introduced Windows Hello, a new way for users to securely sign in to their accounts with their face, fingerprint, or PIN.

For several good reasons we want to say goodbye to passwords, especially for the important sites and services. Passwords are:

*   Hard to create
*   Easy to forget
*   Often reused across sites
*   Vulnerable to hacking techniques like brute-force attacks and phishing.

**The alternative: passkeys**

Passkeys are an alternative, more modern authentication method designed to replace passwords with a safer, simpler alternative. Despite their clear advantages, many people hesitate to switch to passkeys due to unfamiliarity and misconceptions. This blog post will try to explain what passkeys are, how to use them, and why they are better than passwords, helping you embrace this next step in online security.

A passkey is a digital credential that replaces traditional passwords by using cryptographic keys stored locally, and securely, on your device, such as your phone or computer.

At your demand, a program on your device will create a passkey automatically when you set up an account or enable a passkey login. Basically, it’s a unique key that identifies you without ever leaving your device.

When you log in with a passkey, your device proves you are the legitimate user by using the passkey to solve a challenge without actually providing the passkey itself. As with passwords, it’s a way to prove you know the answer and with that who you are. But the difference is that, unlike passwords, passkeys can’t be stolen by fake or malicious websites.

OK. I heard some sighs in the back from the I-know-this-already crowd. There are plenty of technical explanations to be found. Feel free to try explaining cryptographic public and private keys to the people you do tech support for.

Because passkeys are tied to your device and cannot be shared or stolen like passwords, they offer a safer login experience.

**It’s not hard to use passkeys. Really!**

Using passkeys is straightforward and really not that hard:

*   **Create a passkey:** When you sign up or log into a website or app that supports passkeys, the system prompts you to create one. Your device automatically generates the cryptographic keys. This means there is truly no need to struggle with inventing a complicated 12-character password that meets confusing requirements for a site you might never use again. Your device does _all the work_.
*   **Log in:** Instead of typing a password, unlock your device using biometrics or a PIN. Your device then securely verifies your identity and tells the site or service it can trust you, without ever sending sensitive secrets over the internet.
*   **Sync across devices:** You can securely sync passkeys across your devices using encrypted cloud services or password managers. This lets you log in effortlessly from multiple devices and prevents the hassle of losing access if your device goes missing.

Having to create and memorize hundreds of complex, unique passwords is difficult and stressful. Passkeys remove this burden entirely. You don’t need to create anything or remember a lot. The authentication process is as simple as unlocking your device.

And it’s faster. Microsoft has seen that on average passkey sign-ins to their services take only 8 seconds, compared with 69 seconds to sign in using a traditional password and second factor. 

**Common misconceptions**

Many people shy away from using passkeys for the wrong reasons.

*   Your biometrics, like fingerprints or facial scans are not stored externally, the site you’re visiting never gets to see them. They are just meant for your device to verify it’s really you.
*   Using passkeys is not complicated as we explained above. Sure, the theory behind it is, but the user-experience may actually be simpler than password creation and management.
*   You are not losing the extra layer of 2FA security you set up for important sites and services. Passkeys inherently support two-factor authentication (2FA) without extra steps, since possession of your device plus biometric or PIN verification is required.

**There are downsides**

I have to be honest here. Some things are not ideal yet. But as we move forward and more people start using passkeys, these will improve soon enough.

As I hinted earlier, losing your device can pose a problem, since your key got lost along with it, unless you synchronize it. This is a problem that’s actively being worked on.

Many websites and services also don’t support passkeys yet. Developers and service providers are actively working to make passkey adoption smoother and more widespread, so you will see more websites and apps supporting passkeys soon.

Not every passkey system is equal. Due to the history of their development which is still ongoing, there are currently multiple flavors of passkey. These range from device-bound and physical token passkeys (that never leave the device) to synchronized passkeys that offer the option to use a device’s Credential Manager to back up and synchronize passkeys across the user’s other devices. This can confuse or frustrate users who just want the authentication to work, without having to worry about the nuances of the underlying technology. Industry groups (including the FIDO Alliance and W3C) are working on standards, guides, and tools to improve this situation for developers and users.

**Give it a try**

It doesn’t take a lot of effort to convince yourself of the benefits of passkeys.

Passkeys are created on, saved to, and synchronized across devices through a password manager. For example, passkeys created on a website on Chrome on Android are stored to the Google Password Manager by default, and then synchronized to different environments where Google Password Manager is available, such as Chrome on macOS, Windows, Linux, and ChromeOS. It’s up to the user which password manager to store a passkey to or to authenticate a passkey from depending on the environment.

To save a passkey to Google Password Manager, ensure you’re signed into your Google Account on an eligible device (Android, Chrome, or other supported platforms). When prompted by a website supporting passkeys, agree to create a passkey and follow the on-screen instructions.

MacOS allows you to save passkeys either in Google Password Manager or iCloud Keychain if you’re using macOS 13.5 or higher.

*   **Try passkeys today:** Look for websites and apps that offer passkey login options and give them a try. You’ll likely find the experience faster and easier than passwords.
*   **Educate yourself and others:** Share what you learn about passkeys with friends and family, especially those who find passwords confusing or frustrating.
*   **Advocate for passkey support:** Encourage your favorite sites and services to support passkeys to help make the internet safer for everyone.
*   **Use secure device authentication:** Enable biometrics or PINs on your devices to fully benefit from passkey security.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 On world password day, Microsoft says fewer passwords, more passkeys 

The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver.
"MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future's Insikt Group said in a report shared with The Hacker News.
"The malware employs sandbox and virtual machine evasion techniques, a domain

MintsLoader Drops GhostWeaver via Phishing, ClickFix — Uses DGA, TLS for Stealth Attacks

People are using ChatGPT’s new image generator to take part in viral social media trends. But using it also puts your privacy at risk—unless you take a few simple steps to protect yourself.

At the start of April, an influx of action figures started appearing on social media sites including LinkedIn and X. Each figure depicted the person who had created it with uncanny accuracy, complete with personalized accessories such as reusable coffee cups, yoga mats, and headphones.

All this is possible because of OpenAI’s new GPT-4o-powered image generator, which supercharges ChatGPT’s ability to edit pictures, render text, and more. OpenAI’s ChatGPT image generator can also create pictures in the style of Japanese animated film company Studio Ghibli—a trend that quickly went viral, too.

The images are fun and easy to make—all you need is a free ChatGPT account and a photo. Yet to create an action figure or Studio Ghibli-style image, you also need to hand over a lot of data to OpenAI, which could be used to train its models.

**Hidden Data**

The data you are giving away when you use an AI image editor is often hidden. Every time you upload an image to ChatGPT, you’re potentially handing over “an entire bundle of metadata,” says Tom Vazdar, area chair for cybersecurity at Open Institute of Technology. “That includes the EXIF data attached to the image file, such as the time the photo was taken and the GPS coordinates of where it was shot.”

OpenAI also collects data about the device you’re using to access the platform. That means your device type, operating system, browser version, and unique identifiers, says Vazdar. “And because platforms like ChatGPT operate conversationally, there’s also behavioral data, such as what you typed, what kind of images you asked for, how you interacted with the interface and the frequency of those actions.”

It's not just your face. If you upload a high-resolution photo, you're giving OpenAI whatever else is in the image, too—the background, other people, things in your room and anything readable such as documents or badges, says Camden Woollven, group head of AI product marketing at risk management firm GRC International Group.

This type of voluntarily provided, consent-backed data is “a gold mine for training generative models,” especially multimodal ones that rely on visual inputs, says Vazdar.

OpenAI denies it is orchestrating viral photo trends as a ploy to collect user data, yet the firm certainly gains an advantage from it. OpenAI doesn’t need to scrape the web for your face if you’re happily uploading it yourself, Vazdar points out. “This trend, whether by design or a convenient opportunity, is providing the company with massive volumes of fresh, high-quality facial data from diverse age groups, ethnicities, and geographies.”

OpenAI says it does not actively seek out personal information to train models—and it doesn’t use public data on the internet to build profiles about people to advertise to them or sell their data, an OpenAI spokesperson tells WIRED. However, under OpenAI’s current privacy policy, images submitted through ChatGPT can be retained and used to improve its models.

Any data, prompts, or requests you share helps teach the algorithm—and personalized information helps fine tune it further, says Jake Moore, global cybersecurity adviser at security outfit ESET, who created his own action figure to demonstrate the privacy risks of the trend on LinkedIn.

**Uncanny Likeness**

In some markets, your photos are protected by regulation. In the UK and EU, data-protection regulation including the GDPR offer strong protections, including the right to access or delete your data. At the same time, use of biometric data requires explicit consent.

However, photographs become biometric data only when processed through a specific technical means allowing the unique identification of a specific individual, says Melissa Hall, senior associate at law firm MFMac. Processing an image to create a cartoon version of the subject in the original photograph is “unlikely to meet this definition,” she says.

Meanwhile, in the US, privacy protections vary. “California and Illinois are leading with stronger data protection laws, but there is no standard position across all US states,” says Annalisa Checchi, a partner at IP law firm Ionic Legal. And OpenAI’s privacy policy doesn’t contain an explicit carve-out for likeness or biometric data, which “creates a grey area for stylized facial uploads,” Checchi says.

The risks include your image or likeness being retained, potentially used to train future models, or combined with other data for profiling, says Checchi. “While these platforms often prioritize safety, the long-term use of your likeness is still poorly understood—and hard to retract once uploaded.”

OpenAI says its users’ privacy and security is a top priority. The firm wants its AI models to learn about the world, not private individuals, and it actively minimizes the collection of personal information, an OpenAI spokesperson tells WIRED.

Meanwhile, users have control over how their data is used, with self-service tools to access, export, or delete personal information. You can also opt out of having content used to improve models, according to OpenAI.

ChatGPT Free, Plus, and Pro users can control whether they contribute to future model improvements in their data controls settings. OpenAI does not train on ChatGPT Team, Enterprise, and Edu customer data⁠ by default, according to the company.

**Trending Topics**

The next time you are tempted to jump on a ChatGPT-led trend such as the action figure or Studio Ghibli–style images, it’s wise to consider the privacy trade-off. The risks apply to ChatGPT as well as many other AI image editing or generation tools, so it’s important to read the privacy policy before uploading your photos.

There are also steps you can take to protect your data. In ChatGPT, the most effective is to turn off chat history, which helps ensure your data is not used for training, says Vazdar. You can also upload anonymized or modified images, for example, using a filter or generating a digital avatar rather than an actual photo, he says.

It’s worth stripping out metadata from image files before uploading, which is possible using photo editing tools. “Users should avoid prompts that include sensitive personal information and refrain from uploading group photos or anything with identifiable background features,” says Vazdar.

Double-check your OpenAI account settings, especially those related to data use for training, Hall adds. “Be mindful of whether any third-party tools are involved, and never upload someone else’s photo without their consent. OpenAI’s terms make it clear that you’re responsible for what you upload, so awareness is key.”

Checchi recommends disabling model training in OpenAI’s settings, avoiding location-tagged prompts, and steering clear of linking content to social profiles. “Privacy and creativity aren’t mutually exclusive—you just need to be a bit more intentional.”

Think Twice Before Creating That ChatGPT Action Figure

Researchers found a set of vulnerabilities that puts all devices leveraging Apple's AirPlay at risk.

Researchers found a set of vulnerabilities in Apple’s AirPlay SDK that put billions of users at risk of their devices being taking over.

AirPlay is Apple’s proprietary wireless technology that allows you to stream audio, video, photos, and even mirror your device’s screen from an iPhone, iPad, or Mac to other compatible devices like Apple TV, HomePod, smart TVs, or speakers. It works over Wi-Fi, so you don’t need cables.

Apple added the necessary updates on April 28 to the March 31 update. The update—iOS 18.4 and iPadOS 18.4—was initially issued on March 31, but the additional security fixes were delivered through Rapid Security Responses, or minor patches that Apple incorporated after the initial release. Rapid Security Response (RSR) is a type of software patch delivering security fixes between Apple’s regular, scheduled software updates.

The good news is if you installed the March 31 update, you should be fine. Otherwise, check manually if any updates are available.

To check if you’re using the latest software version, go to **Settings > General > Software Update**. You want to be on iOS 18.4.1 or iPadOS 18.4.1, so update now if you’re not. It’s also worth turning on Automatic Updates if you haven’t already. You can do that on the same screen.

*   The latest version of macOS is 15.4.1. Learn how to update the software on your Mac and how to allow important background updates.
*   The latest version of tvOS is 18.4.1. Learn how to update the software on your Apple TV.
*   The latest version of watchOS is 11.4. Learn how to update the software on your Apple Watch.
*   The latest version of visionOS is 2.4.1. Learn how to update the software on your Apple Vision Pro.

The AirPlay SDK (Software Development Kit) is a set of programming tools Apple provides to app developers to integrate AirPlay functionality into their apps. Using the AirPlay SDK, developers can add features that allow their apps to stream audio or video content wirelessly to AirPlay-compatible devices. This makes apps “AirPlay-ready” by handling the streaming and control behind the scenes.

Combining vulnerabilities allows an attacker on the local network to potentially take control of devices that support AirPlay—both Apple devices and third-party devices that leverage the AirPlay SDK.

Apple released updates to fix the vulnerabilities on April 29 for members of the Apple MFi Program, who are developers of Apple-compatible accessories or software.

The researchers who found and reported these flaws warn they can be exploited without any user interaction—or with just a single click—to execute remote code. Attackers could also use them for man-in-the-middle interceptions, denial-of-service disruptions, and to bypass access controls and user prompts. On top of that, these vulnerabilities may allow unauthorized access to sensitive data and local files, making them a serious risk that demands immediate attention.

**Technical details**

In total, the researchers responsibly disclosed 23 vulnerabilities to Apple, leading to 17 CVEs being issued. A complete list and description of these CVEs, as well as specific attack scenarios they enable, can be found on their blog.

The most important vulnerabilities are:

CVE-2025-24252: Successful exploitation of the use-after-free vulnerability could allow a remote attacker to execute arbitrary code. When exploited together with CVE-2025-24206, the attacker is able to perform zero-click remote code execution on other vulnerable AirPlay-enabled devices in the same network, without any user interaction. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

CVE-2025-24206: Successful exploitation of the vulnerability could allow an attacker to bypass authentication and conduct malicious activities without user interaction when exploited with other vulnerabilities.

CVE-2025-24132: Successful exploitation of the stack-based buffer overflow vulnerability could allow an attacker to perform zero-click remote code execution on vulnerable AirPlay SDK devices and potentially leak sensitive information by eavesdropping.

That the attacker does need to be on the same network, but exploitation require minimal to no interaction of the target.

**Possible protective actions**

These depend very much on the types of devices you are using, so I will try to give some general guidance and the reasons behind them.

*   As we said above, make sure your devices are fully updated
*   Use up-to-date and active malware protection
*   Disable AirPlay if you’re not using it, or set it to **Ask** as a minimum

*   Disable AirPlay Receiver if it is not in use.
*   Be extra careful on public networks. This vulnerability could theoretically spread in airports, offices, hotels, or conferences where many Apple devices are in close proximity. In such cases, avoid using unsecured Wi-Fi.
*   Restrict AirPlay settings: Change the **Allow AirPlay for** to **Current User**. While this does not prevent all of the issues, it does reduce the protocol’s attack surface.

**We don’t just report on phone security—we provide it**

Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.

 Apple AirPlay SDK devices at risk of takeover—make sure you update 

For years, North Korea has been secretly placing young IT workers inside Western companies. With AI, their schemes are now more devious—and effective—than ever.

North Korea Stole Your Job

China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.…

China-linked hackers targeted Uyghur activists using a Trojanized UyghurEditPP app in a spear-phishing campaign, Citizen Lab researchers reveal.

Citizen Lab reveals a targeted spear phishing campaign aimed at Uyghur activists, deploying surveillance malware disguised as a legitimate Uyghur language tool. Learn about the attack methods and suspected Chinese government involvement.

In March 2025, several leading figures within the World Uyghur Congress (WUC), an international organization based in Munich that advocates for the rights of the Uyghur people, became the targets of a carefully orchestrated cyber espionage attempt.

Researchers at the University of Toronto’s Citizen Lab report that these individuals received warnings from Google, indicating that their online accounts were under attack, allegedly, by state-sponsored actors. 

Google Alerts Sent to WUC (Source: The Citizen Lab)

The method used in this campaign was spear phishing, which is a targeted form of attack where emails are crafted to appear legitimate and trustworthy to specific individuals. In this case, the malicious emails impersonated a known contact from a partner organization of the WUC.

Phishing Email (Source: The Citizen Lab)

These emails contained links to Google Drive, which, if clicked, would lead to the download of a password-protected archive file. This archive held a compromised version of UyghurEditPP, a genuine open-source word processing and spell-check tool specifically designed for the Uyghur language.

The recipients had no idea that this seemingly harmless application was Trojanized, meaning it contained a hidden backdoor. Once the infected UyghurEditPP was executed on a victim’s computer, this backdoor would silently gather system information, including the machine name, username, IP address, operating system version, and a unique hash derived from the hardware. This data was then transmitted to a remote command-and-control (C2) server.

The server’s operators could then send instructions back to the infected device, enabling them to perform various malicious actions such as downloading files from the target, uploading additional malicious files (including further malware), and executing commands through uploaded plugins. 

The Citizen Lab’s analysis of the campaign’s infrastructure reveals two distinct command-and-control clusters. The first, likely active between June 2024 and February 2025, used domain names mimicking the UyghurEditPP tool’s developer (gheyretcom, gheyretnet, and uheyretcom).

The second, targeting the WUC between December 2024 and March 2025, used subdomains registered through Dynu Services, incorporating Uyghur words but not directly referencing the tool or its developer.

Both clusters shared the same Microsoft certificate and used IP addresses belonging to Choopa LLC, a hosting provider used by various cyber threat actors. This dual infrastructure either indicates attackers’ shifting tactics or targeting of different segments within the Uyghur community.

Furthermore, researchers highlighted the high level of social engineering in the delivery method of the surveillance malware, which itself was not as technologically advanced. The attackers demonstrated a deep understanding of the Uyghur community, leveraging the trust of the original developer of UyghurEditPP, known to members of the WUC.

This suggests a highly customized and targeted operation, possibly beginning in May 2024. The campaign likely involved (PDF) ties to the Chinese government, aligning with their known efforts to conduct transnational repression against the Uyghur community.

Tag

#mac