US authorities have revealed a massive cyberattack on American telecommunications networks, describing it as the ‘worst telecom hack in our nation’s history.’ Linked to Chinese hackers, the breach targeted multiple telecom companies and allowed the interception of surveillance data meant for US law enforcement. According to a joint FBI and CISA statement, the hackers accessed sensitive call records and communications, particularly involving individuals in government and political roles.
The attack also raised alarms after reports suggested telephones belonging to Donald Trump, JD Vance, and other high-profile political figures were compromised. Senator Mark Warner, chairman of the Senate Intelligence Committee, warned that China’s long-term efforts to infiltrate global telecom systems pose a grave security risk. Hackers reportedly managed to listen to phone calls and read text messages, going beyond what the Biden administration has publicly acknowledged.
China has consistently denied allegations of hacking foreign systems, and its embassy in Washington declined to comment on the latest claims. Warner criticised the lack of sufficient safeguards, stating, “The barn door is still wide open,” as concerns over US telecom infrastructure security intensify.
Elon Musk has spoken out against Australia’s proposed law to ban social media use for children under 16, calling it a “backdoor way to control access to the Internet by all Australians.” The legislation, introduced by Australia’s centre-left government, includes fines of up to A$49.5 million ($32 million) for systemic breaches by platforms and aims to enforce an age-verification system.
Australia’s plan is among the world’s strictest, banning underage access without exceptions for parental consent or existing accounts. By contrast, countries like France and the US allow limited access for minors with parental approval or data protections for children. Critics argue Australia’s proposal could set a precedent for tougher global controls.
Musk, who has previously clashed with Prime Minister Anthony Albanese’s government, is a vocal advocate for free speech. His platform, X, has faced tensions with Australia, including a legal challenge to content regulation orders earlier this year. Albanese has called Musk an “arrogant billionaire,” underscoring their rocky relationship.
South Korean police have confirmed that hackers linked to North Korea’s military intelligence agency were behind a 2019 Ethereum cryptocurrency theft valued at 58 billion won ($41.5 million at the time). Hackers infiltrated a crypto exchange and stole 342,000 Ethereum tokens, which are now worth over 1.4 trillion won ($1 billion).
The stolen funds were laundered through three hacker-controlled crypto exchanges and 51 other platforms, according to South Korea’s National Police Agency. While the exchange targeted was not officially named, South Korea-based Upbit had reported a similar transfer to an unidentified wallet during the incident. The investigation, conducted with the FBI, used IP address analysis and asset tracking to trace the theft to groups reportedly tied to North Korea’s Reconnaissance General Bureau.
This marks the first confirmed instance of North Korean hackers targeting a South Korean crypto exchange. Previously, a UN report linked North Korea to nearly $3.6 billion in crypto heists from 2017 to 2024. South Korean investigators recovered a small fraction of the stolen assets, equivalent to 600 million won, which were returned to the exchange. North Korea denies involvement in such activities despite mounting evidence to the contrary.
Snap Inc., the parent company of Snapchat, has filed a motion to dismiss a New Mexico lawsuit accusing it of enabling child sexual exploitation on its platform. The lawsuit, brought by Attorney General Raul Torrez in September, claims Snapchat exposed minors to abuse and failed to warn parents about sextortion risks. Snap refuted the allegations, calling them ‘patently false,’ and argued that the state’s decoy investigation misrepresented key facts.
The lawsuit stems from a broader push by US lawmakers to hold tech firms accountable for harm to minors. Investigators claimed a decoy account for a 14-year-old girl received explicit friend suggestions despite no user activity. Snap countered that the account actively sent friend requests, disputing the state’s findings.
Snap further argued that the lawsuit violates Section 230 of the 1996 Communications Decency Act, which shields platforms from liability for user-generated content. It also invoked the First Amendment, stating the company cannot be forced to provide warnings about subjective risks without clear guidelines.
Defending its safety efforts, Snap highlighted its increased investment in trust and safety teams and collaboration with law enforcement. The company said it remains committed to protecting users while contesting what it views as an unjustified legal challenge.
Former Binance CEO Changpeng Zhao has alerted the crypto community about a new exploit targeting Intel-based Mac users, which could expose their digital assets. Zhao urged users to immediately patch their systems to protect sensitive data, following the discovery of zero-day vulnerabilities on 19 November. These vulnerabilities also affect iPhones and iPads, prompting Apple to release emergency fixes.
The flaws, tracked as CVE-2024-44308 and CVE-2024-44309, allow hackers to exploit JavaScriptCore and WebKit components on macOS Sequoia. This could lead to cross-site scripting attacks, where attackers inject malicious code into trusted websites, enabling them to steal sensitive information and hijack user sessions.
Despite Apple’s strong security reputation, users have been at risk from several high-profile exploits this year. Previous attacks have included crypto-focused malware and vulnerabilities in Apple’s iMessage framework. With hackers exploiting these flaws, crypto users must stay vigilant and update their systems to safeguard their digital assets.
Reddit has restored access to its platform following a software bug that disrupted services for tens of thousands of US users. The outage, starting at 3 pm ET, affected many who rely on the platform for social interaction and information.
Reports of issues peaked at around 49,000 users, according to monitoring service Downdetector. By 4:32 pm ET, the number of affected users dropped significantly to just over 14,500 as the platform began recovering.
The company acknowledged the issue stemmed from a recent update. A spokesperson confirmed, ‘A fix is in place, and we’re ramping back up.’ Operations were progressively restored, easing concerns among users.
Reddit’s swift action underscores the challenges of maintaining seamless services on social media platforms. Temporary glitches, however, highlight the importance of quick and efficient response strategies.
South Korean authorities have officially confirmed that North Korean hacker groups Lazarus and Andariel orchestrated the infamous $50 million cryptocurrency heist from the Upbit exchange in 2019. The stolen 342,000 Ether (ETH), worth around $147 per coin at the time, has soared in value and is now estimated to be worth over $1 billion due to recent market surges.
The investigation, conducted by South Korea’s National Office of Investigation, tracked crypto flows, IP addresses, and linguistic patterns, with support from the US Federal Bureau of Investigation, to pinpoint North Korea’s involvement. It is the first time South Korea has directly tied a cryptocurrency attack to the reclusive nation, a significant breakthrough in cybercrime investigations.
Meanwhile, the probe into Upbit continues after allegations of weak Know Your Customer measures. Regulators flagged over 600,000 potential violations, including acceptance of unclear identification documents, which could lead to hefty fines and regulatory challenges for the exchange.
Five individuals, alleged members of the hacking group Scattered Spider, face criminal charges in the US. Prosecutors accuse the group of orchestrating phishing schemes to steal sensitive data and cryptocurrency. Victims include at least 12 companies from industries such as gaming and telecommunications, alongside individual cryptocurrency holders.
The suspects, aged in their teens or 20s during the offences, allegedly deceived employees into sharing login details through fraudulent messages. These actions enabled them to access corporate systems and drain millions from personal accounts. The group’s notoriety grew following high-profile hacks of casino operators in 2023, though connections to those incidents remain unclear.
Officials claim Scattered Spider operates as a loose collective of cybercriminals, often collaborating temporarily for specific crimes. Industry experts have long called for stronger enforcement against such groups. Recent arrests signal intensified efforts, with cybersecurity professionals warning young hackers of severe consequences if caught.
The defendants, including individuals from Scotland, Texas, and North Carolina, face charges of conspiracy, identity theft, and wire fraud. Arrests have taken place in the US and Spain, with extradition proceedings underway. Investigations continue as authorities pursue other suspected members of the group.
Australia’s government introduced a bill to parliament aiming to ban social media use for children under 16, with potential fines of up to A$49.5 million ($32 million) for platforms that fail to comply. The law would enforce age verification, possibly using biometrics or government IDs, setting the highest global age limit for social media use without exemptions for parental consent or existing accounts.
Prime Minister Anthony Albanese described the reforms as a response to the physical and mental health risks social media poses, particularly for young users. Harmful content, such as body image issues targeting girls and misogynistic content aimed at boys, has fueled the government’s push for strict measures. Messaging services, gaming, and educational platforms like Google Classroom and Headspace would remain accessible under the proposal.
While opposition parties support the bill, independents and the Greens are calling for more details. Communications Minister Michelle Rowland emphasised that the law places responsibility on platforms, not parents or children, to implement robust age-verification systems. Privacy safeguards, including mandatory destruction of collected data, are also part of the proposed legislation. Australia’s policy would be among the world’s strictest, surpassing similar efforts in France and the US.
Lyft is introducing new safety features, including rider verification badges, to enhance security on its platform. This update provides drivers with more passenger information, such as names, ratings, and verification badges, before accepting rides. The company will also implement safety alerts in certain areas, such as school zones and traffic enforcement locations, to further safeguard both riders and drivers.
The changes come alongside an easier dashcam registration process, with passengers now notified when recordings may occur during their ride. Another innovation allows drivers to report traffic conditions and hazards, contributing to real-time map updates. In addition, a new restroom finder tool will let drivers locate and rate facilities, improving convenience during long shifts.
Lyft’s competitor, Uber, launched similar safety updates earlier, including driver options to record trips via smartphone. Lyft’s initiatives signal its commitment to staying competitive while prioritising the safety and experience of its users.
