An anonymous reader quotes a report from Cyber Press: A newly uncovered Chinese threat group, DarkSpectre, has been linked to one of the most widespread browser-extension malware operations to date, compromising more than 8.8 million users of Chrome, Edge, Firefox, and Opera over the past seven years. According to research by Koi.ai, the group operates three interconnected campaigns: ShadyPanda, GhostPoster, and a newly identified one named The Zoom Stealer, forming a single, strategically organized operation.

DarkSpectre's structure differs from that of ordinary cybercrime operations. The group runs separate but interconnected malware clusters, each with distinct goals. The ShadyPanda campaign, responsible for 5.6 million infections, focuses on long-term user surveillance and e-commerce affiliate fraud. Its extensions have appeared legitimate for years, offering new tab pages and translation utilities, before secretly downloading malicious configurations from command-and-control servers such as jt2x.com and infinitynewtab.com. Once activated, they inject remote scripts, hijack search results, and track browsing activity.

The second campaign, GhostPoster, spreads via Firefox and Opera extensions that conceal malicious payloads in PNG images via steganography. After lying dormant for several days, the extensions extract and execute JavaScript hidden within images, enabling stealthy remote code execution. This campaign has affected over one million users and relies on domains like gmzdaily.com and mitarchive.info for payload delivery.

The most recent discovery, The Zoom Stealer, exposes around 2.2 million users to corporate espionage. These extensions masquerade as productivity tools or video downloaders while secretly harvesting corporate meeting links, credentials, and speaker profiles from more than 28 video conferencing platforms, including Zoom, Microsoft Teams, and Google Meet. The extensions use real-time WebSocket connections to exfiltrate data to Firebase databases, such as zoocorder.firebaseio.com, and to Google Cloud functions, such as webinarstvus.cloudfunctions.net.

Reuters reports that the United States Department of the Treasury under the Donald Trump administration has lifted sanctions on three executives linked to the spyware firm Intellexa. Reuters reports: The move partially reverses the imposition of sanctions last year by then-President Joe Biden's administration on seven people tied to Intellexa. The Treasury Department at the time described the consortium, opens new tab, launched by former Israeli intelligence official Tal Dilian, as "a complex international web of decentralized companies that built and commercialized a comprehensive suite of highly invasive spyware products."

Treasury said in an email that the removal "was done as part of the normal administrative process in response to a petition request for reconsideration." It added that each of the individuals had "demonstrated measures to separate themselves from the Intellexa Consortium."

The notice said sanctions were lifted on Sara Hamou, whom the U.S. government accused of providing managerial services to Intellexa, Andrea Gambazzi, whose company was alleged by the U.S. government to have held the distribution rights to the Predator spyware, and Merom Harpaz, described by U.S. officials as a top executive in the consortium.

Longtime Slashdot reader ptorrone writes: The January 1, 2026, NYC mayoral inauguration prohibits attendees from bringing specific brand-name devices, explicitly banning Raspberry Pi single-board computers and the Flipper Zero, listed alongside weapons, explosives, and drones. Rather than restricting behaviors or capabilities like signal interference or unauthorized transmitters, the policy names two widely used educational and testing tools while allowing smartphones and laptops that are far more capable. Critics argue this device-specific ban creates confusion, encourages selective enforcement, and reflects security theater rather than a clear, capability-based public safety framework. New York has handled large-scale events more pragmatically before.

PostNord is ending letter delivery in Denmark after a 90%+ collapse in mail volume. It marks the first known case of a national postal carrier abandoning letters entirely -- a symbolic milestone of a fully digitized society that's sparking nostalgia even among people who stopped sending mail years ago. The New York Times reports: Denmark has had a postal service for more than 400 years. But a steep decline in its use has led the Nordic country's longtime postal carrier to stop letter deliveries entirely, a change taking effect on Tuesday.

Danes have seen it coming for months: The carrier, PostNord, has been removing its red mailboxes, once a ubiquitous public fixture. The disappearance of the mailboxes is "what actually made people emotional," said Julia Lahme, a trend researcher and the director of Lahme, a Danish communications agency, "even though most of them hadn't sent a letter in 18 months."

Letter writing in the country has declined by more than 90 percent since 2000, according to PostNord, which is owned jointly by the Danish and Swedish governments. Next year, in Denmark, it will only deliver packages, although in Sweden it will continue to deliver letters.

The change comes partly as a result of a drop-off in government mail. Denmark is one of the world's most digitized countries. Only 250,000 people, or less than 5 percent of the population, still receive their official communications in the mail. "People simply do not rely on physical letters the way they used to," Andreas Brethvad, the communications director of PostNord Denmark, said in an emailed statement. He said that because nine in 10 Danes shop online each month, the change "is about keeping up with times to meet the demands of society. It's a natural evolution." The report notes that snail mail lovers will still be able to send and receive letters through Dao, a private company. "While some Danes are quietly mourning a service that, for the most part, they had largely stopped using, the transition feels like a sign of the times," reports the Times.

Two cybersecurity professionals who spent their careers defending organizations against ransomware attacks have pleaded guilty in a Florida federal court to using ALPHV/BlackCat ransomware to extort American businesses throughout 2023.

Ryan Goldberg, a 40-year-old incident response manager from Georgia, and Kevin Martin, a 36-year-old ransomware negotiator from Texas, admitted to conspiring to obstruct commerce through extortion. Between April and December 2023, Goldberg, Martin, and a third unnamed co-conspirator deployed the ransomware against multiple U.S. victims and agreed to pay ALPHV BlackCat's operators a 20% cut of any ransoms received. They successfully extracted approximately $1.2 million in Bitcoin from one victim, splitting their 80% share three ways before laundering the proceeds. Both men face up to 20 years in prison and are scheduled for sentencing on March 12, 2026.

The Justice Department noted that all three conspirators possessed specialized skills in securing computer systems against the very attacks they carried out. ALPHV BlackCat has targeted more than 1,000 victims globally and was the subject of an FBI disruption operation in December 2023 that saved victims an estimated $99 million through a custom decryption tool.

The Register reports on challenges facing Europe's pursuit of "digital sovereignty": The US CLOUD Act of 2018 allows American authorities to compel US-based technology companies to provide requested data, regardless of where that data is stored globally. This places European organizations in a precarious position, as it directly clashes with Europe's own stringent privacy regulation, the General Data Protection Regulation (GDPR)... Furthermore, these warrants often come with a gag order, legally prohibiting the provider from informing their customer that their data has been accessed. This renders any contractual clauses requiring transparency or notification effectively meaningless. While technical measures like encryption are often proposed as a solution, their effectiveness depends entirely on who controls the encryption keys. If the US provider manages the keys, as is common in many standard cloud services, they can be forced to decrypt the data for authorities, making such safeguards moot....

American hyperscalers have recognized the market demand for sovereignty and now aggressively market 'sovereign cloud' solutions, typically by placing datacenters on European soil or partnering with local operators. Critics call this 'sovereignty washing'... [Cristina Caffarra, a competition economistand driving force behind the Eurostack initiative] warns that this does not resolve the fundamental problem. "A company subject to the extraterritorial laws of the United States cannot be considered sovereign for Europe," she says. "That simply doesn't work." Because, as long as the parent company is American, it remains subject to the CLOUD Act...

Even when organizations make deliberate choices in favour of European providers, those decisions can be undone by market forces. A recent acquisition in the Netherlands illustrates this risk. In November 2025, the American IT services giant Kyndryl announced its intention to acquire Solvinity, a Dutch managed cloud provider. This came as an "unpleasant surprise" to several of its government clients, including the municipality of Amsterdam and the Dutch Ministry of Justice and Security. These bodies had specifically chosen Solvinity to reduce their dependence on American firms and mitigate CLOUD Act risks.
Still, The Register provides several examples of government systems that are "taking concrete steps to regain control over their IT."

• Austria's Federal Ministry for Economy, Energy and Tourism now has 1,200 employees on the European open-source collaboration platform Nextcloud, leading several other Austrian ministries to also implement Nextcloud. (The Ministry's CISO tells the Register "We can see our input in Nextcloud releases. That is a feeling we never had with Microsoft.")

• France's Ministry of Economics and Finance recently completed NUBO (which the Register describes as "an OpenStack-based private cloud initiative designed to handle sensitive data and services.")

• In November the International Criminal Court in The Hague announced it was replacing its Microsoft office software with a European alternative.

• The German state of Schleswig-Holstein is replacing Microsoft products with open-source alternatives for 30,000 civil servants

Thanks to long-time Slashdot reader mspohr for sharing the article.

Apple will allow alternative iOS app stores and external payment systems in Brazil after settling an antitrust case with the country's competition authority, following a lawsuit brought by MercadoLibre back in 2022. Thurrott reports: Yesterday, Brazil's Conselho Administrativo de Defesa Economica (CADE) explained in its press release that it has approved a Term of Commitment to Cease (TCC) submitted by Apple. To settle the lawsuit, the iPhone maker has agreed to allow third-party iOS app stores in Brazil and to let developers use external payment systems. The company will also use neutral wording in the warning messages about third-party app stores and external payment systems that iOS users in Brazil will see.

As part of the settlement, Apple has 105 days to implement these changes to avoid a fine of up to $27.1 million. A separate report from Brazilian blog Tecnoblog revealed that Apple will still take a 5% "Core Technology Commission" fee on transactions going through alternative app stores. Additionally, the company will take a 15% cut on in-app purchases for App Store apps when developers redirect users to their own payment systems.

Italy's antitrust regulator Italian Competition Authority ordered Meta to suspend a policy that blocks rival AI chatbots from using WhatsApp's business APIs, citing potential abuse of market dominance. "Meta's conduct appears to constitute an abuse, since it may limit production, market access, or technical developments in the AI Chatbot services market, to the detriment of consumers," the Authority wrote. "Moreover, while the investigation is ongoing, Meta's conduct may cause serious and irreparable harm to competition in the affected market, undermining contestability." TechCrunch reports: The AGCM in November had broadened the scope of an existing investigation into Meta, after the company changed its business API policy in October to ban general-purpose chatbots from being offered on the chat app via the API. Meta has argued that its API isn't designed to be a platform for the distribution of chatbots and that people have more avenues beyond WhatsApp to use AI bots from other companies. The policy change, which goes into effect in January, would affect the availability of AI chatbots from the likes of OpenAI, Perplexity, and Poke on the app.

An anonymous reader quotes a report from the Wall Street Journal: Concerned that artificial intelligence could threaten Communist Party rule, Beijing is taking extraordinary steps to keep it under control. Although China's government sees AI as crucial to the country's economic and military future, regulations and recent purges of online content show it also fears AI could destabilize society. Chatbots pose a particular problem: Their ability to think for themselves could generate responses that spur people to question party rule.

In November, Beijing formalized rules it has been working on with AI companies to ensure their chatbots are trained on data filtered for politically sensitive content, and that they can pass an ideological test before going public. All AI-generated texts, videos and images must be explicitly labeled and traceable, making it easier to track and punish anyone spreading undesirable content. Authorities recently said they removed 960,000 pieces of what they regarded as illegal or harmful AI-generated content during three months of an enforcement campaign. Authorities have officially classified AI as a major potential threat, adding it alongside earthquakes and epidemics to its National Emergency Response Plan.

Chinese authorities don't want to regulate too much, people familiar with the government's thinking said. Doing so could extinguish innovation and condemn China to second-tier status in the global AI race behind the U.S., which is taking a more hands-off approach toward policing AI. But Beijing also can't afford to let AI run amok. Chinese leader Xi Jinping said earlier this year that AI brought "unprecedented risks," according to state media. A lieutenant called AI without safety like driving on a highway without brakes. There are signs that China is, for now, finding a way to thread the needle.

Chinese models are scoring well in international rankings, both overall and in specific areas such as computer coding, even as they censor responses about the Tiananmen Square massacre, human-rights concerns and other sensitive topics. Major American AI models are for the most part unavailable in China. It could become harder for DeepSeek and other Chinese models to keep up with U.S. models as AI systems become more sophisticated. Researchers outside of China who have reviewed both Chinese and American models also say that China's regulatory approach has some benefits: Its chatbots are often safer by some metrics, with less violence and pornography, and are less likely to steer people toward self-harm. "The Communist Party's top priority has always been regulating political content, but there are people in the system who deeply care about the other social impacts of AI, especially on children," said Matt Sheehan, who studies Chinese AI at the Carnegie Endowment for International Peace, a think tank. "That may lead models to produce less dangerous content on certain dimensions."

An anonymous reader quotes a report from the Associated Press: The State Department announced Tuesday it was barring five Europeans it accused of leading efforts to pressure U.S. tech firms to censor or suppress American viewpoints. The Europeans, characterized by Secretary of State Marco Rubio as "radical" activists and "weaponized" nongovernmental organizations, fell afoul of a new visa policy announced in May to restrict the entry of foreigners deemed responsible for censorship of protected speech in the United States. "For far too long, ideologues in Europe have led organized efforts to coerce American platforms to punish American viewpoints they oppose," Rubio posted on X. "The Trump Administration will no longer tolerate these egregious acts of extraterritorial censorship."

The five Europeans were identified by Sarah Rogers, the under secretary of state for public diplomacy, in a series of posts on social media. [...] The five Europeans named by Rogers are: Imran Ahmed, chief executive of the Centre for Countering Digital Hate; Josephine Ballon and Anna-Lena von Hodenberg, leaders of HateAid, a German organization; Clare Melford, who runs the Global Disinformation Index; and former EU Commissioner Thierry Breton, who was responsible for digital affairs. Rogers in her post on X called Breton, a French business executive and former finance minister, the "mastermind" behind the EU's Digital Services Act, which imposes a set of strict requirements designed to keep internet users safe online. This includes flagging harmful or illegal content like hate speech. She referred to Breton warning Musk of a possible "amplification of harmful content" by broadcasting his livestream interview with Trump in August 2024 when he was running for president.

An anonymous reader quotes a report from TechCrunch: Across Uzbekistan, a network of about a hundred banks of high-resolution roadside cameras continuously scan vehicles' license plates and their occupants, sometimes thousands a day, looking for potential traffic violations. Cars running red lights, drivers not wearing their seatbelts, and unlicensed vehicles driving at night, to name a few. The driver of one of the most surveilled vehicles in the system was tracked over six months as he traveled between the eastern city of Chirchiq, through the capital Tashkent, and in the nearby settlement of Eshonguzar, often multiple times a week. We know this because the country's sprawling license plate-tracking surveillance system has been left exposed to the internet.

Security researcher Anurag Sen, who discovered the security lapse, found the license plate surveillance system exposed online without a password, allowing anyone access to the data within. It's not clear how long the surveillance system has been public, but artifacts from the system show that its database was set up in September 2024, and traffic monitoring began in mid-2025. The exposure offers a rare glimpse into how such national license plate surveillance systems work, the data they collect, and how they can be used to track the whereabouts of any one of the millions of people across an entire country. The lapse also reveals the security and privacy risks associated with the mass monitoring of vehicles and their owners, at a time when the United States is building up its nationwide array of license plate readers, many of which are provided by surveillance giant Flock.

A group of authors led by John Carreyrou has filed a new lawsuit against Anthropic, Google, OpenAI, Meta, xAI, and Perplexity, accusing the AI firms of training models on pirated copies of their books. TechCrunch reports: If this sounds familiar, it's because another set of authors already filed a class action suit against Anthropic for these same acts of copyright infringement. In that case, the judge ruled that it was legal for Anthropic and similar AI companies to train on pirated copies of books, but that it was not legal to pirate the books in the first place.

While eligible writers can receive about $3,000 from the $1.5 billion Anthropic settlement, some authors were dissatisfied with that resolution -- it doesn't hold AI companies accountable for the actual act of using stolen books to train their models, which generate billions of dollars in revenue. The plaintiffs in the new lawsuit say the proposed Anthropic settlement "seems to serve [the AI companies], not creators."

"LLM companies should not be able to so easily extinguish thousands upon thousands of high-value claims at bargain-basement rates, eliding what should be the true cost of their massive willful infringement."

A federal judge blocked Texas' app store age-verification law, ruling it likely violates the First Amendment by forcing platforms to gate speech and collect data in an overly broad way. The law was set to go into effect on January 1, 2026. The Verge reports: In an order granting a preliminary injunction on the Texas App Store Accountability Act (SB 2420), Judge Robert Pitman wrote that the statute "is akin to a law that would require every bookstore to verify the age of every customer at the door and, for minors, require parental consent before the child or teen could enter and again when they try to purchase a book." Pitman has not yet ruled on the merits of the case, but his decision to grant the preliminary injunction means he believes its defenders are unlikely to prevail in court.

Pitman found that the highest level of scrutiny must be applied to evaluate the law under the First Amendment, which means the state must prove the law is "the least restrictive means of achieving a compelling state interest." The judge found this is not the case and that it wouldn't even survive intermediate scrutiny, because Texas has so far failed to prove that its goals are connected to its methods. Since Texas already has a law requiring age verification for porn sites, Pitman said that "only in the vast minority of applications would SB 2420 have a constitutional application to unprotected speech not addressed by other laws." Though Pitman acknowledged the importance of safeguarding kids online, he added, "the means to achieve that end must be consistent with the First Amendment. However compelling the policy concerns, and however widespread the agreement that the issue must be addressed, the Court remains bound by the rule of law." "The Texas App Store Accountability Act is the first among a series of similar state laws to face a legal challenge, making the ruling especially significant, as Congress considers a version of the statute," notes The Verge. "The laws, versions of which also passed in Utah and Louisiana, aim to impose age verification standards at the app store level, making companies like Apple and Google responsible for transmitting signals about users' ages to app developers to block users from age-inappropriate experiences."

"The state can still appeal the ruling with the Fifth Circuit Court of Appeals, which has a history of reversing blocks on internet regulations."

An anonymous reader quotes a report from Ars Technica: CBS cannot contain the online spread of a "60 Minutes" segment that its editor-in-chief, Bari Weiss, tried to block from airing. The episode, "Inside CECOT," featured testimonies from US deportees who were tortured or suffered physical or sexual abuse at a notorious Salvadoran prison, the Center for the Confinement of Terrorism. "Welcome to hell," one former inmate was told upon arriving, the segment reported, while also highlighting a clip of Donald Trump praising CECOT and its leadership for "great facilities, very strong facilities, and they don't play games."

Weiss controversially pulled the segment on Monday, claiming it could not air in the US because it lacked critical voices, as no Trump officials were interviewed. She claimed that the segment "did not advance the ball" and merely echoed others' reporting, NBC News reported. Her plan was to air the segment when it was "ready," insisting that holding stories "for whatever reason" happens "every day in every newsroom." But Weiss apparently did not realize that the "Inside CECOT" would still stream in Canada, giving the public a chance to view the segment as reporters had intended.

Critics accusing CBS of censoring the story quickly shared the segment online Monday after discovering that it was available on the Global TV app. Using a VPN to connect to the app with a Canadian IP address was all it took to override Weiss' block in the US, as 404 Media reported the segment was uploaded to "to a variety of file sharing sites and services, including iCloud, Mega, and as a torrent," including on the recently revived file-sharing service LimeWire. It's currently also available to stream on the Internet Archive, where one reviewer largely summed up the public's response so far, writing, "cannot believe this was pulled, not a dang thing wrong with this segment except it shows truth." "Yo what," joked Reddit user Howzitgoin, highlighting only the word "LimeWire." Another user responded, "man, who knew my nostalgia prof pic would become relevant again, WTF."

"Bringing back LimeWire to illegally rip copies of reporting suppressed by the government is definitely some cyberpunk shit," a Bluesky user wrote.

"We need a champion against the darkness," a Reddit commenter echoed. "I side with LimeWire."

The FCC has banned approval of new foreign-made drones and components, citing "an unacceptable risk" to national security. The move will most heavily impact DJI but it "does not affect drones or drone components that are currently sold in the United States." Reuters reports: The tech was placed on the commission's "Covered List," barring DJI and other foreign drone manufacturers from receiving the FCC's approval to sell new drone models for import or sale in the U.S. In Monday's announcement, the agency said that the move "will reduce the risk of direct [drone] attacks and disruptions, unauthorized surveillance, sensitive data exfiltration and other [drone] threats to the homeland."

FCC Chair Brendan Carr said in a statement that while drones offer the potential to boost public safety and the U.S.' posture on global innovation, "criminals, terrorists and hostile foreign actors have intensified their weaponization of these technologies, creating new and serious threats to our homeland."

The ruling comes as China hawks in Congress amplify warnings about the security risks of drones made by DJI, which accounts for more than 90% of the global market share. But efforts to crack down on Capitol Hill have been met with some pushback due to the potential impacts of curbing the drone usage on U.S. businesses and law enforcement. A wide variety of sectors, including construction, energy, agriculture and mining companies, as well as local police and fire departments across the country, deploy DJI-made drones.