Apple has introduced an ‘Enhanced Visual Search’ feature in iOS 18, allowing users to identify landmarks in photos by matching data with a global database. While convenient, the feature has sparked privacy concerns, as it is enabled by default, requiring users to manually turn it off in settings if they prefer not to share photo data with Apple.
The feature uses on-device machine learning to detect landmarks in photos, creating encrypted ‘vector embeddings’ of image data. These are then sent to Apple for comparison with its database. While the company has reportedly implemented privacy safeguards, such as encrypting and condensing data into machine-readable formats, critics argue the feature should have been opt-in rather than opt-out, aligning with Apple’s usual privacy standards.
This toggle builds on Apple’s earlier ‘Visual Look Up’ tool, which identifies objects like plants or symbols without sending data to Apple’s servers. Privacy advocates suggest that Apple could have maintained this approach for Enhanced Visual Search, questioning why it requires shared data for similar functionality.
The debate highlights ongoing tensions between technological convenience and user privacy, raising questions about how far companies should go in enabling features that require data sharing without explicit consent.
AT&T and Verizon have confirmed cyberattacks linked to a Chinese hacking group known as “Salt Typhoon,” but assured the public on Saturday that their US networks are now secure. Both companies acknowledged the breaches for the first time, stating they are cooperating with law enforcement and government agencies to address the threat. AT&T disclosed that the attackers targeted a small group of individuals tied to foreign intelligence, while Verizon emphasised that the activities have been contained following extensive remediation efforts.
The attacks, described by US officials as the most extensive telecommunications hack in the nation’s history, reportedly allowed Salt Typhoon operatives to access sensitive network systems, including the ability to geolocate individuals and record phone calls. Authorities have linked the breaches to several telecom firms, with a total of nine entities now confirmed as compromised. In response, the Cybersecurity and Infrastructure Security Agency has urged government officials to transition to encrypted communication methods.
US Senators, including Democrat Ben Ray Luján and Republican Ted Cruz, have expressed alarm over the breach’s scale, calling for stronger safeguards against future intrusions. Meanwhile, Chinese officials have denied the accusations, dismissing them as disinformation and reaffirming their opposition to cyberattacks. Despite assurances from the companies and independent cybersecurity experts, questions remain about how long it will take to fully restore public confidence in the nation’s telecommunications security.
Hackers temporarily disrupted around ten official websites in Italy on Saturday, including those of the Foreign Ministry and Milan’s two airports, according to the country’s cybersecurity agency. The pro-Russian group Noname057(16) claimed responsibility on Telegram, describing the attack as a retaliation against what it called Italy’s ‘Russophobia.’
The attack, a Distributed Denial of Service (DDoS) operation, flooded networks with excessive data traffic, paralysing their functionality. Italy’s cybersecurity agency acted swiftly, mitigating the impact within two hours. A spokesperson confirmed that assistance was provided to affected institutions and companies.
Despite the disruptions, flights at Milan’s Linate and Malpensa airports were unaffected, and the airports’ mobile apps continued to operate normally, according to SEA, the company managing the airports. Authorities continue to investigate the incident, highlighting ongoing threats from cyber groups linked to geopolitical tensions.
President-elect Donald Trump has called on the US Supreme Court to postpone implementing a law that would ban TikTok or force its sale, arguing for time to seek a political resolution after taking office. The court will hear arguments on the case on 10 January, ahead of a 19 January deadline for TikTok’s Chinese owner, ByteDance, to sell the app or face a US ban.
The move marks a stark shift for Trump, who previously sought to block TikTok in 2020 over national security concerns tied to its Chinese ownership. Trump’s legal team emphasised that his request does not take a stance on the law’s merits but seeks to allow his incoming administration to explore alternatives. Trump has expressed a newfound appreciation for TikTok, citing its role in boosting his campaign visibility.
TikTok, with over 170 million US users, continues to challenge the legislation, asserting that its data and operations affecting US users are fully managed within the country. However, national security concerns persist, with the Justice Department and a coalition of attorneys general urging the Supreme Court to uphold the divest-or-ban mandate. The case highlights the growing debate between free speech advocates and national security interests in regulating digital platforms.
New research by The Guardian reveals that ChatGPT Search, OpenAI’s recently launched AI-powered search tool, can be misled into generating false or overly positive summaries. By embedding hidden text in web pages, researchers demonstrated that the AI could ignore negative reviews or even produce malicious code.
The feature, designed to streamline browsing by summarising content such as product reviews, is susceptible to hidden text attacks—a well-known vulnerability in large language models. While this issue has been studied before, this marks the first time such manipulation has been proven on a live AI search tool.
OpenAI did not comment on this specific case but stated it employs measures to block malicious websites and is working to improve its defences. Experts note that competitors like Google, with more experience in search technology, have developed stronger safeguards against similar threats.
OpenAI’s ChatGPT, Sora, and developer API experienced a significant outage on Thursday, disrupting services for over four hours. The issue began around 11 a.m. PT, with partial recovery reported by 2:05 p.m. PT. By 3:16 p.m. PT, OpenAI stated that Sora was operational, though ChatGPT users might still encounter issues accessing their chat history.
According to OpenAI’s status page, the outage was caused by one of their upstream providers, but the company did not provide further details. This marks the second major outage for OpenAI’s services in December. Two weeks ago, a similar incident attributed to a telemetry service malfunction resulted in a six-hour disruption, a notably longer downtime than usual.
Interestingly, popular platforms utilising OpenAI’s API, such as Perplexity and Siri’s Apple Intelligence integration, appeared unaffected during the outage, as confirmed by their status pages and independent testing. OpenAI is actively working to ensure full restoration of its services while addressing the root causes behind these recurring disruptions.
Elder fraud scams are becoming increasingly sophisticated, as illustrated by a recent case where an 82-year-old woman lost her life savings to criminals posing as the FBI. After depleting her accounts, the scammers coerced her into withdrawing funds via a Bitcoin machine and kept her isolated in a hotel under the guise of ‘protection.’ Despite her family’s intervention, the scammers struck again, convincing her to hand over $20,000 by exploiting false hopes of recovering a promised reward.
Elderly individuals are prime targets for such schemes, often due to their savings, trust in others, and unfamiliarity with modern technology. Fraudsters employ tactics like intimidation, urgency, and psychological manipulation to exploit their victims. According to recent statistics, seniors lose billions annually to scams, with the emotional toll leaving many feeling ashamed and fearful.
To combat these threats, experts recommend verifying unsolicited requests, limiting personal information sharing, using strong security measures, and reporting suspicious activity. Education and vigilance are key to protecting vulnerable individuals and ensuring scammers are outsmarted.
Instacart has joined Uber in a legal challenge against a new Seattle ordinance regulating how app-based workers can be deactivated. The law, set to take effect in January, requires companies to provide gig workers with a 14-day notice of deactivation, base decisions on reasonable policies, and allow human review of all deactivations.
Seattle officials describe the legislation as a landmark move to ensure worker rights in the gig economy. Advocacy groups support the law, arguing that it addresses unfair deactivations and offers greater job security for app-based workers.
Instacart and Uber, however, claim the ordinance infringes on constitutional rights, federal laws, and operational safety. This lawsuit is part of broader disputes between tech companies and cities over labour regulations in the gig economy. Seattle has pledged to defend its policies, emphasising its commitment to protecting workers in modern app-driven industries.
A satirical video imagining Spain’s political rivals embracing the festive spirit has captured attention nationwide. The AI-generated clip, created by the collective United Unknown, portrays unlikely moments of reconciliation, such as Prime Minister Pedro Sánchez and conservative leader Alberto Núñez Feijóo sharing a warm hug. Former King Juan Carlos and Queen Sofía are also shown exchanging a kiss, despite their well-documented estrangement.
The video, titled The Magic of Christmas and set to the song Rockin’ Around the Christmas Tree, uses deepfake technology to depict other striking scenes. Far-right Vox leader Santiago Abascal and Catalan separatist Gabriel Rufián are seen laughing together, while Podemos founders Íñigo Errejón and Pablo Iglesias appear to have resolved their differences, chuckling and embracing. Madrid’s conservative leader Isabel Díaz Ayuso and Labour Minister Yolanda Díaz also feature, exchanging smiles and gestures of goodwill.
Since its release on X on 20 December, the video has been viewed over 3.4 million times and received widespread acclaim for its creative ingenuity. Gabriel Rufián, one of the depicted politicians, even retweeted the post. However, not all responses have been positive, with some raising concerns about the growing realism of AI-generated content and its potential to blur the line between reality and fiction.
United Unknown describes itself as a ‘visual guerrilla’ collective, known for satirical deepfakes often targeting Spain’s political scene. While the video has been celebrated as a humorous take on political differences, it also sparks a broader conversation about the implications of AI technology in modern media.
Japan Airlines (JAL) announced on Thursday that its systems have returned to normal following a cyberattack that disrupted domestic and international flights earlier in the day. The attack, which began at 7:24 a.m., caused malfunctions in internal and external systems, forcing the airline to suspend same-day ticket sales temporarily. The issue was resolved after shutting down a malfunctioning router.
JAL confirmed that no customer data was leaked and there was no damage from computer viruses. The company resumed ticket sales for flights departing on Thursday once the systems stabilised. Meanwhile, ANA Holdings, Japan’s other major airline, reported no signs of a similar attack on its operations.
The incident comes shortly after American Airlines briefly grounded all flights on Christmas Eve due to a network hardware glitch, highlighting ongoing challenges airlines face with system vulnerabilities during peak travel periods.
