The technology for creating nonconsensual sexual deepfakes is rapidly evolving, moving from crude images to high-quality, customizable videos. An entire economy of websites and Telegram bots is profiting from this abuse, targeting millions of women and girls with terrifying ease.
A new report from Unit 42 details how cybercriminals can use large language models to create dynamic phishing attacks. The technique generates unique JavaScript for each victim, evading signature-based security tools.
A new wave of sophisticated vishing attacks is using real-time, customizable phishing kits to trick users and bypass multi-factor authentication. Okta’s Threat Intelligence team issued the alert on January 22, detailing how attackers pose as IT support to gain full account control.
The European Union has opened a formal investigation into X over the spread of illegal AI-generated images by Grok. This comes after X claimed to have implemented “technological measures” to curb the creation of sexualized images of real people.
A new report details the alarming rise of an AI crimeware economy. Low-cost “Dark LLM” subscriptions and deepfake kits are enabling fraud at a scale and sophistication that’s overwhelming traditional defenses.
A top 1,000 Twitch streamer’s career is over after Microsoft Notepad’s “remember session” feature opened on stream, revealing illicit links. The feature, part of Notepad’s 2026 update, saved his highlighted text, contradicting his excuses. He’s now banned from major platforms and has entered a porn
Apple is running a second test of its Background Security Improvement feature in the latest iOS 26.3 and macOS Tahoe 26.3 betas. The system aims to deliver critical patches for Safari and system libraries without a full software update, replacing the older Rapid Security Response system.
Italy’s data protection watchdog has issued a stark warning about AI tools that can generate deepfakes. The regulator singled out Elon Musk’s Grok and is coordinating with Irish authorities for potential enforcement.
CrowdStrike is shelling out $740 million to buy identity security startup SGNL. The deal aims to bolster CrowdStrike’s tools against AI threats by integrating SGNL’s “continuous identity” technology.
A pro-Russian hacktivist group is coordinating sustained denial-of-service attacks using a volunteer botnet. Their tool, DDoSia, allows anyone to join in, turning geopolitical tension into disruptive cyber campaigns. It’s more about persistent harassment than outright destruction.
