Biometric Update

New version of EU age verification app to follow biometrics bypass, exposure claims

Independent analysts have found data protection and biometric authentication flaws in the EU's "ready" age verification app.
Appuals

Fix: “sms is the last two-factor authentication” in Epic Games

When trying to log in to Epic Games, you may encounter an issue where the SMS verification code never arrives, leaving you ...

EU age verification app can be hacked in 2 minutes, says Telegram founder

The European Union’s new age verification app, which is designed to protect children online, can be hacked in “two minutes”, ...

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Gartner issued a same-day advisory after Anthropic leaked Claude Code's full architecture. CrowdStrike CTO Elia Zaitsev and Enkrypt AI CSO Merritt Baer weigh in on agent permissions and derived IP ...
Biometric Update

KYC bypass tools sold on Telegram to defeat biometric checks

Channels offer deepfakes, stolen biometrics and virtual camera tools to circumvent liveness detection and financial ...
Cryptopolitan

Anthropic mandates ID verification as AI race enters new risk territory

Artificial intelligence companies, Anthropic and OpenAI, are taking serious steps to address the growing risks associated ...

Regular Password Resets Aren’t as Safe as You Think

Password resets are one of the easiest ways for attackers to bypass security controls. Specops Software shows how helpdesk ...

Succinct launches iPhone app to cryptographically verify photos

Cryptography company Succinct launched Zcam, an iPhone camera app that signs photos and videos at capture to help prove media ...
MIT Technology Review

Cyberscammers are bypassing banks’ security with illicit tools sold on Telegram

MIT Technology Review identified nearly two dozen channels and groups purporting to break major crypto exchanges and ...

SlashID Launches Mutual TOTP, the First Cryptographic Verification Solution Built to Stop Vishing and Social Engineering Attacks

SlashID, the platform that secures every identity, today announced the launch of Mutual Time-based One-time Password (TOTP).

CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.

CVSS vulnerability triage missed a chained Palo Alto attack that hit 13,000 devices. Five failure classes and the fixes ...