Augusto Bortoluzzi

Your anonymous internet identity can now be unmasked for $1 Not by the FBI. By anyone with access to Claude or ChatGPT and a few of your Reddit comments. ETH Zurich and Anthropic just dropped a paper called “Large-Scale Online Deanonymization with LLMs” and the results are the most alarming privacy research I’ve read this year. They built an automated pipeline that takes your anonymous posts, extracts identity signals, searches the web, and figures out who you are. No human investigator needed. Fully autonomous. Works on Hacker News, Reddit, LinkedIn, even redacted interview transcripts. Here’s how bad the numbers are. On Hacker News users: 67% identified correctly. When the system made a guess, it was right 90% of the time. On Reddit academics posting under pseudonyms: 52%. On scientists whose interview transcripts were explicitly redacted for privacy: 9 out of 33 still got unmasked. The pipeline works in four steps they call ESRC. Extract identity signals from your posts using LLMs. Search for candidate matches using embeddings across thousands of profiles. Reason over top candidates with models like GPT-5.2. Calibrate confidence so when it does guess, it’s almost never wrong. The classical deanonymization method from the famous Netflix Prize attack? Nearly 0% recall across every test. LLMs didn’t just improve on old techniques. They made old techniques look like toys. When they scaled to temporally split Reddit profiles, matching a user’s old posts to their newer ones across a full year gap, the pipeline hit 67% recall at 90% precision and 38% recall at 99% precision. Meaning even a year of changed interests and different conversations wasn’t enough to hide. More reasoning compute = better deanonymization. High reasoning effort doubled recall at 99% precision in some tests. As frontier models get smarter, this attack strengthens automatically. Every model upgrade is a privacy downgrade. What makes it nearly impossible to defend against: the pipeline splits into subtasks that all look benign. Summarize a profile. Compute embeddings. Rank candidates. No single API call screams “deanonymization.” The researchers themselves say they’re pessimistic that safety guardrails or rate limits can stop it. Their conclusion is blunt: “Users who post under persistent usernames should assume that adversaries can link their accounts to real identities.” And it extrapolates. Log-linear projections suggest roughly 35% recall at 90% precision even at one million candidates. Every throwaway account. Every anonymous forum post. Every “nobody will connect this to me” comment. It’s all searchable micro-data now. And the cost to run the full agent on one target is less than a cup of coffee. Practical anonymity on the internet just died. The paper killed it with math.

🚨 New Google Gemini Vulnerability Exploited via Prompt Injections from WhatsApp, Slack, and SMS Source: https://t.co/EHpSn8wX4C A new class of indirect prompt injection (IPI) attacks targets Google Gemini's voice assistant, allowing attackers to silently hijack the AI through malicious payloads delivered via everyday messaging apps, including WhatsApp, Slack, Signal, SMS, Instagram, and Messenger. The core exploit leverages Gemini's Android Utilities agent, specifically the tool that reads incoming notifications. Because this tool processes untrusted data from third-party apps, an attacker can embed malicious instructions directly inside a crafted message. Once Gemini reads the poisoned notification, it silently incorporates the attacker's commands into the conversational context without the user's knowledge. #cybersecuritynews

AI-powered computer worm, a self-replicating agent that reasons its way through a network instead of carrying a fixed exploit list. It steals compute from compromised GPU machines to run its own open-weight LLM, then uses weaker machines as relays for reach. In trials on a corporate testbed, it identified vulnerabilities, exploited systems, and launched replicas across Linux, Windows, and IoT targets. Every new infection can add more infrastructure while costing the attacker almost nothing. Patching one flaw no longer ends the threat, because the worm can operationalise fresh advisories, generate new attack logic, and keep adapting without a human operator. It is not a WannaCry-style worm with one baked exploit and one baked ransomware payload. It can adapt across many vulnerability classes it can discover and operationalise https://t.co/nSupd1h0BG

🚨 Windows Netlogon 0-Click RCE Vulnerability Now Actively Exploited In The Wild | Source: https://t.co/Iym37fFkgU The critical Windows Netlogon remote code execution (RCE) vulnerability tracked as CVE-2026-41089 is now under active exploitation in the wild, significantly raising the risk profile for unpatched Windows Server environments. The flaw affects Windows servers configured as domain controllers and allows unauthenticated remote attackers to execute arbitrary code with SYSTEM-level privileges by sending specially crafted Netlogon network requests. To exploit CVE-2026-41089, an attacker only needs network access to a vulnerable domain controller’s Netlogon service. #cybersecuritynews #windows

Earlier today, a massive vulnerability in Meta’s AI support assistant reportedly allowed attackers to take over Instagram accounts. The flow was absurdly simple: > use a VPN matching the victim’s country > click reset password and request additional support > tell Meta’s AI support assistant to change the account email to yours How can a company this big have such poor security measures? 😭

❗️ Over 30 official Red Hat npm packages were compromised. How they got in: - A Red Hat employee's GitHub account was compromised. - Attackers pushed "orphan commits" (detached from branch history) straight in, bypassing code review with no pull request. - Payload "Miasma" (Mini Shai-Hulud variant) steals GitHub/cloud/Vault/SSH/npm secrets. Rotate everything since June 1. - The commits added a workflow (ci.yaml) + script (_index.js) that abused npm trusted publishing, requesting a real OIDC token to publish backdoored versions.

A researcher found critical Windows zero-days. Reported them to Microsoft. Microsoft denied the bug bounty. Deleted their account. Banned them from GitHub. Then threatened criminal charges. The researcher dropped six zero-days in six weeks. Three got used in real attacks within days. Other researchers are now handing them free vulnerabilities as a gift. Microsoft’s Digital Crimes Unit is considering legal action. Against the person whose bugs they refused to pay for. This is Microsoft’s bug bounty program.

🚨APPLE ADVERTISES $2 MILLION FOR FINDING SECURITY BUGS.. THEN CALLS YOUR DISCOVERY A "DUPLICATE".. PATCHES IT SILENTLY.. GIVES YOU NOTHING.. AND BANS YOUR APPLE ID IF YOU COMPLAIN.. Two researchers found a critical macOS vulnerability that let attackers steal passwords, encrypted chats, and Safari data through Archive Utility.. Submitted it October 2025.. Apple took 5 months.. Patched it with zero credit.. Zero CVE.. Zero bounty.. Their reason.. "You were not the first person to report this issue".. That's the duplicate loophole.. Apple claims an internal engineer found it first.. But researchers can't verify that.. Apple controls the tracking system.. No audit.. No appeals.. The researcher said it felt like "doing charity work for a $3 trillion company".. Another researcher found apps could access your entire photo library even after you turned off access in settings.. Apple's own page lists that at $50,000.. They reported it.. Apple went silent.. Patched it quietly.. Said it was a duplicate.. $0.. When the researcher blogged about it.. Apple permanently banned their 12-year-old Apple ID.. Apple's brand new Passwords app in iOS 18 was sending data over unencrypted HTTP.. A credential manager transmitting password reset links in plaintext.. Any attacker on the same WiFi could intercept them.. Researchers reported it.. Apple let it sit 3 months.. Patched it quietly.. Said it "didn't meet the impact criteria".. Then there's the FaceTime disaster.. A 14-year-old discovered you could eavesdrop on anyone's iPhone.. Start a FaceTime call.. Add your own number before they answer.. Their microphone turns on.. If they hit the volume button.. Their camera activates too.. His mother spent a week trying to tell Apple.. Emails.. Faxes.. Social media.. Support told her to pay $99 for a developer account to file a bug report.. Apple did nothing until the exploit went viral and millions started eavesdropping on each other.. Then they panicked.. Took FaceTime offline globally.. Congress sent formal letters to Tim Cook demanding answers.. Then there's the researcher who got so fed up being ignored that they hacked Apple's own internal daily security call.. They'd reported a zero-click iMessage vulnerability.. Apple stonewalled them.. So they found another flaw.. Used it to infiltrate the internal FaceTime call where Apple engineers discuss bugs.. And dropped a screenshot proving the exploit live.. The team securing 2.35 billion devices couldn't secure their own meeting.. Apple's response.. A threatening legal letter.. Not a bounty.. A legal threat.. This is why the exploit black market thrives.. A zero-click iPhone exploit sells for $1.5 to $2.5 million on the gray market.. Guaranteed payment.. No bureaucracy.. No "duplicate" risk.. Submitting to Apple means NDAs.. 6-12 months of waiting.. Risk of $0.. Risk of your Apple ID being banned if you speak up.. Those gray market exploits end up with mercenary spyware vendors like NSO Group.. Deployed against journalists and human rights lawyers worldwide.. Apple pushes researchers toward the black market.. Then spends billions defending against the exploits those researchers could have sold them for a fraction of the price.. 2.35 billion devices.. And the company would rather send lawyers than pay what they owe.

‼️🚨 ALARMING: Google now treats privacy as suspicious behavior by default. Users of GrapheneOS, CalyxOS, /e/OS, and other deGoogled Android phones are being locked out of millions of websites unless they install the exact Google Play Services software they deliberately removed. GrapheneOS is recommended by the EFF and used by journalists, lawyers, and activists in high-risk environments. The audience most likely to read Google's data practices and refuse its terms is now flagged as fraudulent for that exact decision. What happened?: ▪️ Google announced "Cloud Fraud Defense" at Cloud Next on April 22-23, 2026, branding it "the next evolution of reCAPTCHA." Existing reCAPTCHA customers were auto-migrated. ▪️ When the system flags traffic as suspicious, the old click-the-bus puzzle is gone. Users get a QR code instead. ▪️ Scanning the QR code requires Google Play Services running on the device. Internet Archive snapshots show this requirement has been live since at least October 2025, silently rolled out for 7 months before anyone noticed. ▪️ No Play Services = no QR scan = locked out. The bigger picture: ▪️ Google already tried this in 2023. It was called Web Environment Integrity (WEI), and it would have let Google decide which devices were "real enough" to access the web. Standards bodies and the public pushed back hard, and Google killed it. Three years later, the same idea is back, just hidden behind a QR code instead of a browser feature. ▪️ reCAPTCHA runs on millions of websites. Every developer who keeps using it is now, by default, telling deGoogled Android users they're not welcome...

Zcash was born from a cryptographic ritual so secretive that Edward Snowden participated in it anonymously and if a single person lied during the ceremony the entire supply could be infinite without anyone knowing 2013: Bitcoin researchers from Johns Hopkins create Zerocoin a protocol designed to erase transaction history completely the idea sounds simple burn coins → recreate them anonymously Bitcoin developers reject it too dangerous, too experimental months later Zerocash appears and introduces zk-SNARKs a form of cryptography that hides - the sender - the receiver - the amount - the balances problem: the system needs a “trusted setup” a secret master key is generated at launch if someone keeps a copy they can forge unlimited Zcash forever 2015: project abandons Bitcoin completely Zooko Wilcox launches a standalone chain October 2016: Zcash goes live same 21M supply as Bitcoin but with optional hidden transactions the ceremony: - six people selected - identities partially hidden - hardware isolated from the internet participants generate fragments of the cryptographic key then destroy them forever one participant reportedly uses - Faraday cages - air-gapped computers - random travel routes - physical destruction of hardware in the desert the fragments become known as “toxic waste” because if even one survives the entire system can be compromised forever for years the sixth participant remains anonymous under the name “John Dobbertin” 2022: identity finally revealed Edward Snowden says he joined because Bitcoin’s transparency was a “huge flaw” He literally took no payment, participated purely for privacy ideology 2018: Sapling upgrade makes private transactions small enough for mobile devices Zcash survives multiple bear markets while most privacy coins die or get delisted 2026: former Zcash leaders launch Zodl a new $25M company backed by Paradigm, Coinbase Ventures and a16z and today Zcash is worth billions

🚨GOOGLE JUST REPLACED CAPTCHAS WITH A SYSTEM THAT LOCKS YOU OUT OF THE INTERNET IF YOU DON'T HAVE GOOGLE SOFTWARE ON YOUR PHONE.. WHILE GIVING AI BOTS A FREE PASS.. This is the most important internet story nobody is covering.. Google upgraded reCAPTCHA on millions of websites with something called Cloud Fraud Defense.. Instead of clicking traffic lights.. You now sometimes have to scan a QR code with your phone.. Sounds harmless.. Until you understand what's actually happening.. When you scan that QR code.. Your phone runs a cryptographic check through Google Play Services to verify your device is a genuine, unmodified, Google-certified phone.. If your phone doesn't have Google Play Services.. You fail the challenge.. That means every person running a privacy-focused phone.. GrapheneOS.. CalyxOS.. LineageOS.. Any de-Googled Android.. Can be locked out of millions of websites.. Not because they're bots.. Because they removed Google's tracking software.. While humans on privacy phones get blocked.. AI bots from Google, OpenAI, and Anthropic get frictionless access.. Corporate AI agents present a cryptographic passport using Web Bot Auth and SPIFFE.. And the system waves them right through.. No QR code.. No challenge.. Nothing.. A human who cares about privacy.. Blocked.. A corporate AI bot scraping the entire internet.. Welcome right in.. This isn't even a new idea.. In 2023 Google tried to make this an official web standard called Web Environment Integrity.. The internet exploded.. The EFF called it "Chrome's plan to DRM the web".. Mozilla said it "works against users' interests".. Google withdrew it.. Then they launched the core system three years later as a commercial product.. Skipping full public standards review.. No debate.. Millions of domains were automatically upgraded to it.. Website owners didn't even know.. They just wanted to stop spam.. Now they're unknowingly enforcing Google's hardware verification on many visitors.. The QR code system uses hardware-based cryptographic keys.. VPNs can't hide you.. Tor can't hide you.. The attestation bypasses everything.. The system doesn't fully stop real fraud.. Bot operators just buy real Android phones in bulk.. Set up device farms with cameras pointed at screens.. And physically scan the QR codes.. The hardware check passes because the phones are real.. Google upgraded a system that tried to stop bots with one that can block privacy-conscious humans.. Alternatives exist.. Proof-of-work CAPTCHAs that use math instead of hardware checks.. No tracking.. No Google dependency.. Work on any device.. But millions of websites already run Google's version.. The internet was supposed to be open.. Google just put a lock on the door and kept the key.

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: https://t.co/9nqku4svkY