If you’ve ever been asked for an ID/selfie to access an online service, read this: vmfunc alleges a watchlist screening pipeline tied to OpenAI + Persona,and file reports to the government https://t.co/hYTLtq9WzZ #infosec#privacy
What companies use Persona for age verification?
If you have sent your ID to any of these companies then the United States government has all of your information (and trying to map it to your financial records). This is all publicly listed companies.
- OpenAI
- Coursera
- Twilio
- Square
- Lime
- Brex
- Branch
- WeTravel
- CoffeeMeetsBagel
- Flipster
- NextDoor
- Frax
- Bridge
- Okta
- LinkedIn
- Twitch
- Roblox
- RegionalBank
- CitizenHealth
- K Health
- Neighbor
- BitGo
- PlayBoy
- CryptoExchange
- AngelList
- Empower
- MyRent
- RobinHood
- Discord (previously)
We discovered a universal account takeover vulnerability in Lovable, chaining five distinct low-severity issues
The exploit combined subdomain cookie injection, Firebase SDK configuration hijacking, and a CSP-based mixed-content bypass
Here is the technical analysis:
1/9
The Hacking Team is back/Operation ForumTroll
Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence.
Deploys Dante spyware (successor to RCS(Hacking
Team), now Memento Labs) + custom LeetAgent for keylogging, file theft.
Exploits:
Zero-days CVE-2025-2783 (Chrome sandbox escape) & Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence.
https://t.co/zCp0fzrh7Y
Cholernie smutna i dość przerażająca historia. Mateusz stracił 13 letnie konto Google w wyniku ataku. Nawiązał kontakt z supportem Google i choć dysponuje wszelkimi dowodami, że konto jest jego (dane kart płatniczych, nr telefonu, pomocniczy adres, listę IP) to ❌ nie może konta odzyskać. Bo atakujący zmienił na nim jedno sprytne ustawienie...
Tu opis historii Mateusza i rady dla Was, jak uniknąć podobnych problemów kiedy ktoś Wam przejmie konto Google:
https://t.co/Li4eYwugsp
Macie pomysł jak pomóc Mateuszowi? A może znacie kogoś z Google, kto potrafiłby zadziałać w tej sprawie?
🚨 BREAKING: Chat Control BLOCKED in EU! 🎉
Germany just refused to back the EU's mass surveillance "Chat Control" regulation after public pressure! This blocks the required majority in the EU Council and derails next week's planned vote.
NICE JOB EVERYONE! 💪
We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe.
https://t.co/015qmQnIS2
The "Chat Control" proposal would mandate scanning of all private digital communications, including encrypted messages and photos. This threatens fundamental privacy rights and digital security for all EU citizens. https://t.co/UQ6SfDZRLX
🇪🇺DANGER TO DEMOCRACY. In 2 days, EU governments debate #ChatControl: a plan to mass-scan all our private messages. 500+ scientists warn it’s technically broken, breaks #encryption & threatens our rights. EU gov'ts must listen to the experts & BLOCK it!
https://t.co/d7OEXaLehp
🇩🇪Übermorgen wird über die #Chatkontrolle beraten! 500 Top-Wissenschaftler warnen die Bundesregierung jetzt eindringlich: Der Plan ist technisch untauglich, leicht zu umgehen & zerstört unser digitales #Briefgeheimnis. Deutschland muss ihn stoppen!
https://t.co/gz0XX73SDg