The OpenAI blog post announcing Daybreak doesn’t mention the word “project” at all, perhaps to make readers slightly less apt to compare it to Anthropic’s Project Glasswing, but watch this: this sounds mighty similar to Anthropic’s Project Glasswing. Like Project Glasswing, it’s a program in which a frontier AI company seeks to partner with corporate and government entities to root out security vulnerabilities using OpenAI’s most advanced models in the hopes of “seeing risk earlier, acting sooner, and helping make software resilient by design.”
Glasswing rolled out last month alongside Anthropic’s announcement of its Claude Mythos Preview model, famously the model so capable—according to its creators at least—that it posed a danger to the world. As Anthropic’s system card for the model, explained:
Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available. Instead, we are using it as part of a defensive cybersecurity program with a limited set of partners.
In other words, because it’s “the most cyber-capable model” Anthropic had ever built, it needs to be locked away for now, unless you’re a VIP. Influential software developer Daniel Stenberg has called this an “amazingly successful marketing stunt for sure.”
Two days after that announcement, reports started materializing about a similar project at OpenAI. An anonymously sourced Axios story described it as “a product with advanced cybersecurity capabilities that it plans to release to a small set of partners.”
The Daybreak announcement is much more public-facing than that, and comes across as significantly less ominous and secretive than Project Glasswing. The top of the page has two buttons: “Request a vulnerability scan” and “Contact sales.” When you click, “Request a vulnerability scan” you get a brief and unchallenging form:
Altman said in his X post that OpenAI would “like to start working with as many companies as possible now,” and in fairness, that’s how the effort comes across. Compared to way Project Glasswing rolled out, with frightened governments scurrying around behind the scenes like agitated ants, it’s refreshing.
The announcement says Daybreak makes use of Codex Security, which was announced as a research preview back in March, to create a “threat model” of a given system that outlines its functions, who is trusted by the system, and what the vulnerabilities therefore are. With that as its context, it then digs into your actual codebase for the real world exploits.
The OpenAI blog post announcing Daybreak doesn’t mention the word “project” at all, perhaps to make readers slightly less apt to compare it to Anthropic’s Project Glasswing, but watch this: this sounds mighty similar to Anthropic’s Project Glasswing. Like Project Glasswing, it’s a program in which a frontier AI company seeks to partner with corporate and government entities to root out security vulnerabilities using OpenAI’s most advanced models in the hopes of “seeing risk earlier, acting sooner, and helping make software resilient by design.”
Glasswing rolled out last month alongside Anthropic’s announcement of its Claude Mythos Preview model, famously the model so capable—according to its creators at least—that it posed a danger to the world. As Anthropic’s system card for the model, explained:
Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available. Instead, we are using it as part of a defensive cybersecurity program with a limited set of partners.
In other words, because it’s “the most cyber-capable model” Anthropic had ever built, it needs to be locked away for now, unless you’re a VIP. Influential software developer Daniel Stenberg has called this an “amazingly successful marketing stunt for sure.”
Two days after that announcement, reports started materializing about a similar project at OpenAI. An anonymously sourced Axios story described it as “a product with advanced cybersecurity capabilities that it plans to release to a small set of partners.”
The Daybreak announcement is much more public-facing than that, and comes across as significantly less ominous and secretive than Project Glasswing. The top of the page has two buttons: “Request a vulnerability scan” and “Contact sales.” When you click, “Request a vulnerability scan” you get a brief and unchallenging form:
Altman said in his X post that OpenAI would “like to start working with as many companies as possible now,” and in fairness, that’s how the effort comes across. Compared to way Project Glasswing rolled out, with frightened governments scurrying around behind the scenes like agitated ants, it’s refreshing.
The announcement says Daybreak makes use of Codex Security, which was announced as a research preview back in March, to create a “threat model” of a given system that outlines its functions, who is trusted by the system, and what the vulnerabilities therefore are. With that as its context, it then digs into your actual codebase for the real world exploits.
Then, in theory, it Daybreak patches them.
#Daybreak #OpenAIs #Answer #Anthropics #Project #Glasswing #ArrivedArtificial intelligence,Cybersecurity,OpenAI">‘Daybreak’: OpenAI’s Answer to Anthropic’s Project Glasswing Has Arrived
On Monday, OpenAI announced something called “Daybreak,” a project that CEO Sam Altman says is meant to “accelerate cyber defense and continuously secure software.“
OpenAI is launching Daybreak, our effort to accelerate cyber defense and continuously secure software.
AI is already good and about to get super good at cybersecurity; we’d like to start working with as many companies as possible now to help them continuously secure themselves.
The OpenAI blog post announcing Daybreak doesn’t mention the word “project” at all, perhaps to make readers slightly less apt to compare it to Anthropic’s Project Glasswing, but watch this: this sounds mighty similar to Anthropic’s Project Glasswing. Like Project Glasswing, it’s a program in which a frontier AI company seeks to partner with corporate and government entities to root out security vulnerabilities using OpenAI’s most advanced models in the hopes of “seeing risk earlier, acting sooner, and helping make software resilient by design.”
Glasswing rolled out last month alongside Anthropic’s announcement of its Claude Mythos Preview model, famously the model so capable—according to its creators at least—that it posed a danger to the world. As Anthropic’s system card for the model, explained:
Claude Mythos Preview’s large increase in capabilities has led us to decide not to make it generally available. Instead, we are using it as part of a defensive cybersecurity program with a limited set of partners.
In other words, because it’s “the most cyber-capable model” Anthropic had ever built, it needs to be locked away for now, unless you’re a VIP. Influential software developer Daniel Stenberg has called this an “amazingly successful marketing stunt for sure.”
Two days after that announcement, reports started materializing about a similar project at OpenAI. An anonymously sourced Axios story described it as “a product with advanced cybersecurity capabilities that it plans to release to a small set of partners.”
The Daybreak announcement is much more public-facing than that, and comes across as significantly less ominous and secretive than Project Glasswing. The top of the page has two buttons: “Request a vulnerability scan” and “Contact sales.” When you click, “Request a vulnerability scan” you get a brief and unchallenging form:
Altman said in his X post that OpenAI would “like to start working with as many companies as possible now,” and in fairness, that’s how the effort comes across. Compared to way Project Glasswing rolled out, with frightened governments scurrying around behind the scenes like agitated ants, it’s refreshing.
The announcement says Daybreak makes use of Codex Security, which was announced as a research preview back in March, to create a “threat model” of a given system that outlines its functions, who is trusted by the system, and what the vulnerabilities therefore are. With that as its context, it then digs into your actual codebase for the real world exploits.
On Monday, OpenAI announced something called “Daybreak,” a project that CEO Sam Altman says is…
ransomware gangs and data extortion attacks. But never before, perhaps, has a cyberattack against a single software platform so thoroughly disrupted the daily operations of thousands of schools across the United States.
The widely used digital learning platform Canvas was put into “maintenance mode” on Thursday after its maker, the education tech giant Instructure, suffered a data breach and faced an extortion attempt by attackers using the recognizable moniker “ShinyHunters.” Though the hackers have been advertising the breach and attempting to extract a ransom payment from Instructure since May 1, the situation took on additional immediacy for regular people across the US and beyond on Thursday because the Canvas downtime caused chaos at schools, including those in the midst of finals and end-of-year assignments.
Universities like Harvard, Columbia, Rutgers, and Georgetown sent alerts to students about the situation in recent days; other institutions, including school districts in at least a dozen states, also appear to have been affected. In a list published by the hackers behind the attack on their ransom-focused dark web site, they claim the breach affected more than 8,800 schools. The exact scale and reach of the breach is currently unclear, though. And the fact that Canvas was down throughout Thursday afternoon and evening further complicated the picture.
In a running incident update log that began on May 1, Steve Proud, Instructure’s chief information security officer, said that the company had “recently experienced a cybersecurity incident perpetrated by a criminal threat actor.” He added on May 2 that “the information involved” for “users at affected institutions” included names, email addresses, student ID numbers, and messages exchanged by users on the platform.
The situation was ultimately marked as “Resolved” on Wednesday, with Proud writing that “Canvas is fully operational, and we are not seeing any ongoing unauthorized activity.” At midday on Thursday, though, the Instructure status page registered an “issue” where “some users are having difficulties logging into Student ePortfolios.” Within a few hours, the company had added another status update: “Instructure has placed Canvas, Canvas Beta and Canvas Test in maintenance mode.” Late Thursday evening, the company said that Canvas was available again “for most users.”
TechCrunch reported on Thursday that the hackers launched a secondary wave of attacks, defacing some schools’ Canvas portals by injecting an HTML file to display their own message on the schools’ Canvas login pages. According to The Harvard Crimson, attackers modified the Harvard Canvas login page to show a message that included a list of schools that the hackers claim were impacted by the breach.
The message from attackers “urged schools included on the affected list to consult with a cyber advisory firm and contact the group privately to negotiate a settlement before the end of the day on May 12—or else risk their data being leaked,” The Crimson reported. “It is unclear what information tied to Harvard affiliates was included in the alleged breach.”
Instructure did not immediately respond to a request for comment about Thursday’s outages and how they fit into the bigger picture of the breach. But the situation is significant given that a massive trove of student information has potentially been exposed, and the visibility of the incident across the country makes it a key example of a longstanding, yet endlessly escalating problem of data extortion and ransomware attacks.
The ShinyHunters name is associated with massive data dumps and has been linked to the infamous hacker collective known as the Com. But as the constellation of actors has shifted over the years, numerous attackers have taken up the most prominent Com-related monikers. A number of recent attacks have invoked other names, such as Lapsus$, with little or no connection to the original group that operated under the name.
ransomware gangs and data extortion attacks. But never before, perhaps, has a cyberattack against a single software platform so thoroughly disrupted the daily operations of thousands of schools across the United States.
The widely used digital learning platform Canvas was put into “maintenance mode” on Thursday after its maker, the education tech giant Instructure, suffered a data breach and faced an extortion attempt by attackers using the recognizable moniker “ShinyHunters.” Though the hackers have been advertising the breach and attempting to extract a ransom payment from Instructure since May 1, the situation took on additional immediacy for regular people across the US and beyond on Thursday because the Canvas downtime caused chaos at schools, including those in the midst of finals and end-of-year assignments.
Universities like Harvard, Columbia, Rutgers, and Georgetown sent alerts to students about the situation in recent days; other institutions, including school districts in at least a dozen states, also appear to have been affected. In a list published by the hackers behind the attack on their ransom-focused dark web site, they claim the breach affected more than 8,800 schools. The exact scale and reach of the breach is currently unclear, though. And the fact that Canvas was down throughout Thursday afternoon and evening further complicated the picture.
In a running incident update log that began on May 1, Steve Proud, Instructure’s chief information security officer, said that the company had “recently experienced a cybersecurity incident perpetrated by a criminal threat actor.” He added on May 2 that “the information involved” for “users at affected institutions” included names, email addresses, student ID numbers, and messages exchanged by users on the platform.
The situation was ultimately marked as “Resolved” on Wednesday, with Proud writing that “Canvas is fully operational, and we are not seeing any ongoing unauthorized activity.” At midday on Thursday, though, the Instructure status page registered an “issue” where “some users are having difficulties logging into Student ePortfolios.” Within a few hours, the company had added another status update: “Instructure has placed Canvas, Canvas Beta and Canvas Test in maintenance mode.” Late Thursday evening, the company said that Canvas was available again “for most users.”
TechCrunch reported on Thursday that the hackers launched a secondary wave of attacks, defacing some schools’ Canvas portals by injecting an HTML file to display their own message on the schools’ Canvas login pages. According to The Harvard Crimson, attackers modified the Harvard Canvas login page to show a message that included a list of schools that the hackers claim were impacted by the breach.
The message from attackers “urged schools included on the affected list to consult with a cyber advisory firm and contact the group privately to negotiate a settlement before the end of the day on May 12—or else risk their data being leaked,” The Crimson reported. “It is unclear what information tied to Harvard affiliates was included in the alleged breach.”
Instructure did not immediately respond to a request for comment about Thursday’s outages and how they fit into the bigger picture of the breach. But the situation is significant given that a massive trove of student information has potentially been exposed, and the visibility of the incident across the country makes it a key example of a longstanding, yet endlessly escalating problem of data extortion and ransomware attacks.
The ShinyHunters name is associated with massive data dumps and has been linked to the infamous hacker collective known as the Com. But as the constellation of actors has shifted over the years, numerous attackers have taken up the most prominent Com-related monikers. A number of recent attacks have invoked other names, such as Lapsus$, with little or no connection to the original group that operated under the name.
#Canvas #Hack #Kind #Ransomware #Debacleransomware,cybersecurity,malware,hacks,hacking,security,vulnerabilities">The Canvas Hack Is a New Kind of Ransomware Debacle
Higher education has long been a target of ransomware gangs and data extortion attacks. But never before, perhaps, has a cyberattack against a single software platform so thoroughly disrupted the daily operations of thousands of schools across the United States.
The widely used digital learning platform Canvas was put into “maintenance mode” on Thursday after its maker, the education tech giant Instructure, suffered a data breach and faced an extortion attempt by attackers using the recognizable moniker “ShinyHunters.” Though the hackers have been advertising the breach and attempting to extract a ransom payment from Instructure since May 1, the situation took on additional immediacy for regular people across the US and beyond on Thursday because the Canvas downtime caused chaos at schools, including those in the midst of finals and end-of-year assignments.
Universities like Harvard, Columbia, Rutgers, and Georgetown sent alerts to students about the situation in recent days; other institutions, including school districts in at least a dozen states, also appear to have been affected. In a list published by the hackers behind the attack on their ransom-focused dark web site, they claim the breach affected more than 8,800 schools. The exact scale and reach of the breach is currently unclear, though. And the fact that Canvas was down throughout Thursday afternoon and evening further complicated the picture.
In a running incident update log that began on May 1, Steve Proud, Instructure’s chief information security officer, said that the company had “recently experienced a cybersecurity incident perpetrated by a criminal threat actor.” He added on May 2 that “the information involved” for “users at affected institutions” included names, email addresses, student ID numbers, and messages exchanged by users on the platform.
The situation was ultimately marked as “Resolved” on Wednesday, with Proud writing that “Canvas is fully operational, and we are not seeing any ongoing unauthorized activity.” At midday on Thursday, though, the Instructure status page registered an “issue” where “some users are having difficulties logging into Student ePortfolios.” Within a few hours, the company had added another status update: “Instructure has placed Canvas, Canvas Beta and Canvas Test in maintenance mode.” Late Thursday evening, the company said that Canvas was available again “for most users.”
TechCrunch reported on Thursday that the hackers launched a secondary wave of attacks, defacing some schools’ Canvas portals by injecting an HTML file to display their own message on the schools’ Canvas login pages. According to The Harvard Crimson, attackers modified the Harvard Canvas login page to show a message that included a list of schools that the hackers claim were impacted by the breach.
The message from attackers “urged schools included on the affected list to consult with a cyber advisory firm and contact the group privately to negotiate a settlement before the end of the day on May 12—or else risk their data being leaked,” The Crimson reported. “It is unclear what information tied to Harvard affiliates was included in the alleged breach.”
Instructure did not immediately respond to a request for comment about Thursday’s outages and how they fit into the bigger picture of the breach. But the situation is significant given that a massive trove of student information has potentially been exposed, and the visibility of the incident across the country makes it a key example of a longstanding, yet endlessly escalating problem of data extortion and ransomware attacks.
The ShinyHunters name is associated with massive data dumps and has been linked to the infamous hacker collective known as the Com. But as the constellation of actors has shifted over the years, numerous attackers have taken up the most prominent Com-related monikers. A number of recent attacks have invoked other names, such as Lapsus$, with little or no connection to the original group that operated under the name.
It’s the second such incident of a high-profile and widely used open source project being shut out from its customers due to a seemingly abrupt account termination from Microsoft, with popular encryption software VeraCrypt facing a similar circumstance. Both developers said Microsoft locked them out of their accounts without first alerting them.
In the case of VeraCrypt, which is used by hundreds of thousands of users to encrypt files and operating systems, its developer Mounir Idrassi told TechCrunch that being locked out of his account means he is unable to update the software in time for a crucial certificate authority expiry, which he said may prevent some users from booting up.
Donenfeld, the WireGuard developer, told TechCrunch in an email: “If there were a critical vulnerability to fix right now — there isn’t! I just mean hypothetically — then users would be totally exposed.”
WireGuard is an open source VPN software used around the world to connect devices over the internet. WireGuard’s code is highly popular for its simplicity and security, as it serves as the foundation of many VPN implementations and commercial services that rely on its code, like Proton and Tailscale.
Donenfeld told TechCrunch in an email that he has spent the past few weeks modernizing WireGuard’s Windows code and was ready to send a copy update to Microsoft for checks before it can ship out to users, but was met with an “access restricted” error when logging into the developer portion of his Microsoft account.
Despite going through the process to verify his driver’s license or passport with Microsoft (the third party Microsoft uses for verification said he was “verified”), Donenfeld said his access was still suspended.
Donenfeld told TechCrunch that he found a page on Microsoft’s website saying that the company had been carrying out “mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024,” but that the verification program had since closed.
Microsoft’s Windows Hardware Program allows developers like Donenfeld and VeraCrypt’s Idrassi to “deploy hardware and device drivers for Windows PCs and other devices.” The ability to develop and release drivers for Windows users is restricted to known and vetted developers, as drivers can grant vast access to an operating system and its data and are known to be abused by hackers for that reason.
That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
“Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
The Windows Hardware Program’s verification program has “now concluded” and developers who have not uploaded their documents had their accounts “suspended,” the page reads, meaning that these accounts can no longer send updates.
Donenfeld said that he was referred to Microsoft’s executive support team, which handles customer service and account requests for high-profile individuals, which confirmed his appeal had been received but that they had to wait as long as 60 days for review.
By late Wednesday, there was a glimmer of hope in Donenfeld’s case. He told TechCrunch that he was finally in contact with Microsoft and that hopefully the issue would be resolved soon.
Microsoft did not immediately comment when reached by TechCrunch.
Donenfeld and Idrassi are not alone, with the account lockout issues affecting others as well.
Windscribe, a maker of VPN and other consumer privacy tools, said in a post on X that it had also been locked out of its Partner Center account. The company said it had a verified account for over eight years in order to sign its drivers.
“We’ve been trying to resolve this for over a month, and getting nowhere. Support is non-existent,” Windscribe said in its post. “Anyone know a human with a brain that still works at Microsoft and can help?”
It’s the second such incident of a high-profile and widely used open source project being shut out from its customers due to a seemingly abrupt account termination from Microsoft, with popular encryption software VeraCrypt facing a similar circumstance. Both developers said Microsoft locked them out of their accounts without first alerting them.
In the case of VeraCrypt, which is used by hundreds of thousands of users to encrypt files and operating systems, its developer Mounir Idrassi told TechCrunch that being locked out of his account means he is unable to update the software in time for a crucial certificate authority expiry, which he said may prevent some users from booting up.
Donenfeld, the WireGuard developer, told TechCrunch in an email: “If there were a critical vulnerability to fix right now — there isn’t! I just mean hypothetically — then users would be totally exposed.”
WireGuard is an open source VPN software used around the world to connect devices over the internet. WireGuard’s code is highly popular for its simplicity and security, as it serves as the foundation of many VPN implementations and commercial services that rely on its code, like Proton and Tailscale.
Donenfeld told TechCrunch in an email that he has spent the past few weeks modernizing WireGuard’s Windows code and was ready to send a copy update to Microsoft for checks before it can ship out to users, but was met with an “access restricted” error when logging into the developer portion of his Microsoft account.
Despite going through the process to verify his driver’s license or passport with Microsoft (the third party Microsoft uses for verification said he was “verified”), Donenfeld said his access was still suspended.
Donenfeld told TechCrunch that he found a page on Microsoft’s website saying that the company had been carrying out “mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024,” but that the verification program had since closed.
Microsoft’s Windows Hardware Program allows developers like Donenfeld and VeraCrypt’s Idrassi to “deploy hardware and device drivers for Windows PCs and other devices.” The ability to develop and release drivers for Windows users is restricted to known and vetted developers, as drivers can grant vast access to an operating system and its data and are known to be abused by hackers for that reason.
That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
“Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
The Windows Hardware Program’s verification program has “now concluded” and developers who have not uploaded their documents had their accounts “suspended,” the page reads, meaning that these accounts can no longer send updates.
Donenfeld said that he was referred to Microsoft’s executive support team, which handles customer service and account requests for high-profile individuals, which confirmed his appeal had been received but that they had to wait as long as 60 days for review.
By late Wednesday, there was a glimmer of hope in Donenfeld’s case. He told TechCrunch that he was finally in contact with Microsoft and that hopefully the issue would be resolved soon.
Microsoft did not immediately comment when reached by TechCrunch.
Donenfeld and Idrassi are not alone, with the account lockout issues affecting others as well.
Windscribe, a maker of VPN and other consumer privacy tools, said in a post on X that it had also been locked out of its Partner Center account. The company said it had a verified account for over eight years in order to sign its drivers.
“We’ve been trying to resolve this for over a month, and getting nowhere. Support is non-existent,” Windscribe said in its post. “Anyone know a human with a brain that still works at Microsoft and can help?”
WireGuard, the major software project and VPN that underpins popular security software including Mullvad and others, has found itself locked out of a key part of its Microsoft developer’s account and unable to ship software updates to Windows users.
Jason Donenfeld, the creator of the open source WireGuard VPN software, told TechCrunch that he has been locked out of his Microsoft developer account, and as a result cannot sign drivers or ship updates for WireGuard for Windows users, which are critical for its software to run. Donenfeld said in a post on X on Wednesday that the account termination stopped a WireGuard update from shipping.
It’s the second such incident of a high-profile and widely used open source project being shut out from its customers due to a seemingly abrupt account termination from Microsoft, with popular encryption software VeraCrypt facing a similar circumstance. Both developers said Microsoft locked them out of their accounts without first alerting them.
In the case of VeraCrypt, which is used by hundreds of thousands of users to encrypt files and operating systems, its developer Mounir Idrassi told TechCrunch that being locked out of his account means he is unable to update the software in time for a crucial certificate authority expiry, which he said may prevent some users from booting up.
Donenfeld, the WireGuard developer, told TechCrunch in an email: “If there were a critical vulnerability to fix right now — there isn’t! I just mean hypothetically — then users would be totally exposed.”
WireGuard is an open source VPN software used around the world to connect devices over the internet. WireGuard’s code is highly popular for its simplicity and security, as it serves as the foundation of many VPN implementations and commercial services that rely on its code, like Proton and Tailscale.
Donenfeld told TechCrunch in an email that he has spent the past few weeks modernizing WireGuard’s Windows code and was ready to send a copy update to Microsoft for checks before it can ship out to users, but was met with an “access restricted” error when logging into the developer portion of his Microsoft account.
Despite going through the process to verify his driver’s license or passport with Microsoft (the third party Microsoft uses for verification said he was “verified”), Donenfeld said his access was still suspended.
Donenfeld told TechCrunch that he found a page on Microsoft’s website saying that the company had been carrying out “mandatory account verification for all partners in the Windows Hardware Program who have not completed account verification since April 2024,” but that the verification program had since closed.
Microsoft’s Windows Hardware Program allows developers like Donenfeld and VeraCrypt’s Idrassi to “deploy hardware and device drivers for Windows PCs and other devices.” The ability to develop and release drivers for Windows users is restricted to known and vetted developers, as drivers can grant vast access to an operating system and its data and are known to be abused by hackers for that reason.
That account verification process meant that developers were required to upload their government-issued ID before they were allowed to publish potentially highly sensitive code to the broader Windows user base.
“Microsoft never sent me any notification at all about this. I’ve looked in every inbox in every spam folder in every mail log, and zero, nothing, zilch,” Donenfeld said.
The Windows Hardware Program’s verification program has “now concluded” and developers who have not uploaded their documents had their accounts “suspended,” the page reads, meaning that these accounts can no longer send updates.
Donenfeld said that he was referred to Microsoft’s executive support team, which handles customer service and account requests for high-profile individuals, which confirmed his appeal had been received but that they had to wait as long as 60 days for review.
By late Wednesday, there was a glimmer of hope in Donenfeld’s case. He told TechCrunch that he was finally in contact with Microsoft and that hopefully the issue would be resolved soon.
Microsoft did not immediately comment when reached by TechCrunch.
Donenfeld and Idrassi are not alone, with the account lockout issues affecting others as well.
Windscribe, a maker of VPN and other consumer privacy tools, said in a post on X that it had also been locked out of its Partner Center account. The company said it had a verified account for over eight years in order to sign its drivers.
“We’ve been trying to resolve this for over a month, and getting nowhere. Support is non-existent,” Windscribe said in its post. “Anyone know a human with a brain that still works at Microsoft and can help?”
WireGuard, the major software project and VPN that underpins popular security software including Mullvad and…
Thousands of men are members of Telegram groups and channels that advertise and sell hacking and surveillance services that can be used to harass friends, wives and girlfriends, and former partners, new research has uncovered. The findings, from a European nonprofit group, also say that the communities are involved in extensive trading, selling, and promotion of a huge variety of abusive content, including nonconsensual intimate images of women, so-called nudifyingservices, plus folders of images that sellers claim include child sexual abuse material and depictions of incest and rape.
Over six weeks earlier this year, researchers at the algorithmic auditing group AI Forensics analyzed nearly 2.8 million messages sent across 16 Italian and Spanish Telegram communities that are regularly posting abusive content targeting women and girls. More than 24,000 members of the Telegram groups and channels took part in posting 82,723 images, videos, and audio files over the course of the study, the analysis says. Many posts target celebrities and influencers, but men in the groups also frequently victimize women they know.
“We tend to forget that most victims are ordinary women who sometimes don’t even know that their pictures are shared or manipulated in these types of channels,” says Silvia Semenzin, a researcher at AI Forensics who previously exposed Italian Telegram channels engaging in similar behavior as far back as 2019. “The majority of this violence is directed towards people who the perpetrators know,” she says, suggesting that Telegram, which has over 1 billion monthly active users, according to company founder Pavel Durov, should be subject to stricter regulation and classed as a “very large online platform” under Europe’s online safety rules.
The findings come as Durov is fightingback against Russia’s efforts to block the messaging app in that country, which has long positioned itself as a messaging app that allows free speech but has simultaneously been used by some to share terrorist, sexual abuse, and cybercrime materials. Durov is under criminal investigation in France relating to alleged criminal activity taking place on Telegram, although he has consistently denied the allegations.
A Telegram spokesperson tells WIRED that the company removes “millions” of pieces of content per day using “custom AI tools” and has policies in Europe that do not allow the promotion of violence, illegal sexual content including nonconsensual imagery, and other content such as doxing and selling illegal goods and services.
Among the extensive types of abusive content and services observed by the AI Forensics researchers were frequent references to the access, publishing, and doxing of women’s private information, sharing their Instagram or TikTok content, as well as references to spying or hacking. “Victims are often named, tagged, and locatable via shared profile links,” the group’s report says.
One translated post on Telegram titled “Professional hacking on commission” claimed to be able to give customers “access to phone gallery and extraction of photos and videos,” as well as “anonymous social media hacking.” Another message says: “I hack and recover any type of social media service. I can spy on your partner’s account. Send me a private message.”
Across the dataset there were more than 18,000 references to spying or spy content. One post reads: “Hi, do you have the desire to spy on a girl’s gallery? We sell a bot that does it for info DM.” Meanwhile, users were observed asking if people could find phone numbers connected to Instagram accounts and other requests, “who exchanges spy photos and videos?”
Thousands of men are members of Telegram groups and channels that advertise and sell hacking and surveillance services that can be used to harass friends, wives and girlfriends, and former partners, new research has uncovered. The findings, from a European nonprofit group, also say that the communities are involved in extensive trading, selling, and promotion of a huge variety of abusive content, including nonconsensual intimate images of women, so-called nudifyingservices, plus folders of images that sellers claim include child sexual abuse material and depictions of incest and rape.
Over six weeks earlier this year, researchers at the algorithmic auditing group AI Forensics analyzed nearly 2.8 million messages sent across 16 Italian and Spanish Telegram communities that are regularly posting abusive content targeting women and girls. More than 24,000 members of the Telegram groups and channels took part in posting 82,723 images, videos, and audio files over the course of the study, the analysis says. Many posts target celebrities and influencers, but men in the groups also frequently victimize women they know.
“We tend to forget that most victims are ordinary women who sometimes don’t even know that their pictures are shared or manipulated in these types of channels,” says Silvia Semenzin, a researcher at AI Forensics who previously exposed Italian Telegram channels engaging in similar behavior as far back as 2019. “The majority of this violence is directed towards people who the perpetrators know,” she says, suggesting that Telegram, which has over 1 billion monthly active users, according to company founder Pavel Durov, should be subject to stricter regulation and classed as a “very large online platform” under Europe’s online safety rules.
The findings come as Durov is fightingback against Russia’s efforts to block the messaging app in that country, which has long positioned itself as a messaging app that allows free speech but has simultaneously been used by some to share terrorist, sexual abuse, and cybercrime materials. Durov is under criminal investigation in France relating to alleged criminal activity taking place on Telegram, although he has consistently denied the allegations.
A Telegram spokesperson tells WIRED that the company removes “millions” of pieces of content per day using “custom AI tools” and has policies in Europe that do not allow the promotion of violence, illegal sexual content including nonconsensual imagery, and other content such as doxing and selling illegal goods and services.
Among the extensive types of abusive content and services observed by the AI Forensics researchers were frequent references to the access, publishing, and doxing of women’s private information, sharing their Instagram or TikTok content, as well as references to spying or hacking. “Victims are often named, tagged, and locatable via shared profile links,” the group’s report says.
One translated post on Telegram titled “Professional hacking on commission” claimed to be able to give customers “access to phone gallery and extraction of photos and videos,” as well as “anonymous social media hacking.” Another message says: “I hack and recover any type of social media service. I can spy on your partner’s account. Send me a private message.”
Across the dataset there were more than 18,000 references to spying or spy content. One post reads: “Hi, do you have the desire to spy on a girl’s gallery? We sell a bot that does it for info DM.” Meanwhile, users were observed asking if people could find phone numbers connected to Instagram accounts and other requests, “who exchanges spy photos and videos?”
#Men #Buying #Hacking #Tools #Wives #Friendscrime,privacy,security,cybersecurity,hacking,surveillance,telegram">Men Are Buying Hacking Tools to Use Against Their Wives and Friends
Thousands of men are members of Telegram groups and channels that advertise and sell hacking and surveillance services that can be used to harass friends, wives and girlfriends, and former partners, new research has uncovered. The findings, from a European nonprofit group, also say that the communities are involved in extensive trading, selling, and promotion of a huge variety of abusive content, including nonconsensual intimate images of women, so-called nudifyingservices, plus folders of images that sellers claim include child sexual abuse material and depictions of incest and rape.
Over six weeks earlier this year, researchers at the algorithmic auditing group AI Forensics analyzed nearly 2.8 million messages sent across 16 Italian and Spanish Telegram communities that are regularly posting abusive content targeting women and girls. More than 24,000 members of the Telegram groups and channels took part in posting 82,723 images, videos, and audio files over the course of the study, the analysis says. Many posts target celebrities and influencers, but men in the groups also frequently victimize women they know.
“We tend to forget that most victims are ordinary women who sometimes don’t even know that their pictures are shared or manipulated in these types of channels,” says Silvia Semenzin, a researcher at AI Forensics who previously exposed Italian Telegram channels engaging in similar behavior as far back as 2019. “The majority of this violence is directed towards people who the perpetrators know,” she says, suggesting that Telegram, which has over 1 billion monthly active users, according to company founder Pavel Durov, should be subject to stricter regulation and classed as a “very large online platform” under Europe’s online safety rules.
The findings come as Durov is fightingback against Russia’s efforts to block the messaging app in that country, which has long positioned itself as a messaging app that allows free speech but has simultaneously been used by some to share terrorist, sexual abuse, and cybercrime materials. Durov is under criminal investigation in France relating to alleged criminal activity taking place on Telegram, although he has consistently denied the allegations.
A Telegram spokesperson tells WIRED that the company removes “millions” of pieces of content per day using “custom AI tools” and has policies in Europe that do not allow the promotion of violence, illegal sexual content including nonconsensual imagery, and other content such as doxing and selling illegal goods and services.
Among the extensive types of abusive content and services observed by the AI Forensics researchers were frequent references to the access, publishing, and doxing of women’s private information, sharing their Instagram or TikTok content, as well as references to spying or hacking. “Victims are often named, tagged, and locatable via shared profile links,” the group’s report says.
One translated post on Telegram titled “Professional hacking on commission” claimed to be able to give customers “access to phone gallery and extraction of photos and videos,” as well as “anonymous social media hacking.” Another message says: “I hack and recover any type of social media service. I can spy on your partner’s account. Send me a private message.”
Across the dataset there were more than 18,000 references to spying or spy content. One post reads: “Hi, do you have the desire to spy on a girl’s gallery? We sell a bot that does it for info DM.” Meanwhile, users were observed asking if people could find phone numbers connected to Instagram accounts and other requests, “who exchanges spy photos and videos?”
