Amid growing fears of political violence, a WIRED investigation found that US political candidates are spending more on security, including buying equipment like home alarms and bulletproof vests. And recent research on Telegram groups found that men are sharing thousands of non-consensual photos of women and girls, purchasing spyware to use against their wives and friends, and engaging in stalking and sexual exploitation. Meanwhile, as governments struggle to address growing industrial scandals emanating from Southeast Asia, China has emerged as the biggest promoter, but also a selective one, resulting in crime syndicates shifting their focus overseas to avoid Chinese targets.
Anthropic formally announced its new Cloud Mythos preview model this week, saying that for now the model will only be available to a select group of a few dozen leading technology and financial organizations, including Apple, Microsoft, Google, and the Linux Foundation. The consortium, called Project Glasswing, will explore the advanced hacking and other cybersecurity capabilities of Mythos Preview and assess the best ways to improve software and hardware security before capabilities like Mythos Preview spread more widely to other models and inevitably end up in the hands of attackers. The announcements sparked controversy over whether Mythos Preview and similar capabilities would actually be as consequential for cybersecurity as Anthropic says. Experts told WIRED that while this may not be a dramatic disaster, it is important for defenders to come together and use their early access to drive change in how software is developed and how organizations around the world invest in patching.
Finally, a WIRED investigation found that nonprofit groups associated with Customs and Border Protection facilities were selling challenge coins that celebrated the Trump administration’s immigration raids, including a coin that depicted charlotte’s web Characters in riot gear.
There is so much more. Each week, we round up security and privacy news that we haven’t covered in depth ourselves. Click on titles to read full stories. And stay safe there.
According to 404 Media reports, the FBI recently found copies of encrypted Signal messages being sent to the defendant’s iPhone because the content of those messages was included in push notifications. Even though Signal was removed from the phone before it was seized by the FBI, the information was still present in the phone’s internal memory.
This issue affects all apps that send push notifications, not just Signal, but users of that app can adjust their settings to not show the content of a message or the sender’s name in push notifications. To adjust your settings for push notifications, open Signal and go to settingsThen Notificationsand change the option name only Or No name or content.
Despite the difficult and disputed ceasefire implemented in the US-Israel war with Iran, millions of ordinary Iranians are still deprived of regular and reliable internet connectivity. The regime-imposed internet blackout, which began during the first hours of the war on February 28, is now approaching 1,000 hours, according to internet monitoring group NetBlocks. In recent weeks, the Internet shutdown has become the longest in Iranian history and one of the longest worldwide – depriving Iranians of accurate news about the war, preventing them from contacting family and loved ones, and causing further economic damage to the country. The US-based Iranian digital rights project Filter Watch has detailed how the Iranian regime, while carrying out bombings during the conflict, has branded anti-censorship tools as “malicious” and claimed to be arresting individuals using Starlink internet connections to get around the block.
The FBI’s annual Internet crime report generally paints a bleak picture: Year after year, the number of cybercrime reports increases and the amount of money lost by Americans increases. Unfortunately, 2025 was no different. Last year, according to the FBI’s annual report, losses reported to the Internet Crime Complaint Center were more than $20 billion – a 26 percent increase compared to 2024. According to the FBI, more than half of these losses ($11.3 billion) were linked to cryptocurrency scams, often through fraudulent investment schemes. Business email compromise, technical and customer support scams, personal data breaches, and confidence or romance scams make up the other most common crimes reported. Crimes that mention AI caused $893 million in losses.
Google this week expanded Gmail’s end-to-end encryption to its Android and iOS apps, allowing enterprise users for the first time to compose and read E2EE messages on mobile without the need for separate apps or a mail portal. Encrypted emails appear as standard threads in the Gmail app for recipients using Gmail, while other providers can access them through a secure browser view. This rollout is based on the client-side encryption model introduced for Google Workspace web users in April 2025, where messages are encrypted with customer-controlled keys, preventing Google from accessing their content. This approach is particularly attractive to organizations with strict compliance requirements, including HIPAA, export controls, and data sovereignty regulations.
However, access is limited: this feature is only available to Google Workspace Enterprise Plus customers with Assured Controls or the Assured Controls Plus add-on, and is not supported for personal Gmail accounts. Administrators must explicitly enable the Android and iOS clients in the admin interface, which is off by default, before eligible users can access the feature. End users then toggle per-message encryption by tapping the lock icon and selecting “Additional encryption,” mirroring the web workflow. The rollout is available immediately for both Rapid Release and Scheduled Release domains.
<a href