Customs and Border Protection can remember to protect your sensitive facility information. Using basic Google searches, WIRED discovered flashcards created by users of the online learning platform Quizlet that included gate codes for CBP facilities and more.
In a rare move, Apple this week released a “backported” patch for iOS 18 to protect millions of people using the older operating system from a DarkSword hacking technique that was found in use in the wild. Discovered in March, DarkSword allows attackers to infect iPhones that visit a website loaded with takeover tools embedded in it. Apple initially prompted users to update to the current version of its operating system, iOS 26, but eventually released iOS 18 patches after DarkSword continued to spread.
The US-Israel war with Iran reached its second month this week, with Iran threatening to launch attacks against more than a dozen US companies, including tech giants such as Apple, Google and Microsoft, which have offices and data centers in the Gulf region. The deadly conflict, with no clear end in sight, is wreaking havoc on the global economy as shipping crews remain stranded in the Strait of Hormuz, a key trade route. Meanwhile, some are beginning to wonder what might happen if U.S. strikes caused actual damage to Iran’s nuclear facilities.
and that’s not all! Each week, we round up security and privacy news that we haven’t covered in depth ourselves. Click on titles to read full stories. And stay safe there.
Earlier this week, a security researcher reported that Anthropic had accidentally made public the source code for its popular vibe-coding tool, CloudCode. Immediately, people began reposting the code on the developer platform GitHub. But be careful if you want to try downloading some of those repos yourself: BleepingComputer reports that some of the posters are actually hackers who have hidden a piece of InfoStealer malware in lines of code.
Anthropic, for its part, is trying to remove the leaked copies (malware-containing or not) by issuing a copyright takedown notice. The Wall Street Journal reported that the company initially tried to remove more than 8,000 repositories on GitHub, but later limited it to 96 copies and optimizations.
This is not the first time that hackers have taken advantage of interest in cloud code by requiring users who may not be familiar with their computer’s terminal to copy and paste an install command from a website. In March, 404 Media reported that sponsored ads on Google led to sites masquerading as official CloudCode installation guides, instructing users to run a command that would actually download malware.
The FBI formally recently classified a cyber intrusion into one of its surveillance collection systems as a “major incident” under FISMA – a legal designation reserved for breaches that pose a serious risk to national security. The determination, reported to Congress earlier this week, is understood to be the first time since at least 2020 that the bureau has announced a major incident on its systems. Politico, citing two unnamed senior Trump administration officials, reported that China is believed to be behind the infiltration. If confirmed, the breach could mark a significant counterintelligence failure for the FBI.
The FBI said it detected “suspicious activity” on its network in February. In a notice to Congress on March 4 reviewed by POLITICO, the bureau said the compromised systems were unclassified and were being kept “withheld from the legal process,” citing, as examples, phone and Internet metadata collected under court orders and personal information “related to the subjects of the FBI investigation.” The intruders reportedly gained access through a commercial Internet service provider, an approach the FBI described as reflecting a “sophisticated strategy.” In its only public statement, the bureau said it had deployed “all technical capabilities to respond.”
<a href