Governance/Regulation/Legislation

China sets trial ethics rules for AI science and technology activities

(DigWatch) China’s Ministry of Industry and Information Technology and nine other departments have issued the ‘Measures for AI science and technology ethics review and services (Trial)’, setting out rules on scope, support measures, implementing bodies, working procedures, supervision, and legal responsibility. The text says the measures are intended to regulate ethics governance for AI science and technology activities and to support fair, just, safe, and responsible innovation. The measures apply to AI scientific research, technology development, and other science and technology activities carried out in China that may raise ethics risks relating to human dignity, public order, life and health, the ecological environment, or sustainable development. – https://dig.watch/updates/china-ai-science-technology-ethics-review

AI surge gives carbon capture a new push

(Amy Harder – Axios) Technology that captures carbon emissions from power plants may finally get a breakthrough as deep-pocketed tech companies try to meet climate goals while powering the AI race. It could help make natural gas electricity cleaner, but it’s long been too expensive. The AI boom could change that. At least five projects under consideration across the U.S. would capture carbon dioxide emissions from natural gas plants connected to data centers, according to company statements, news coverage and independent reports. –  https://www.axios.com/2026/04/13/carbon-capture-ai-power-tech

Security and Surveillance

Mirax Android Trojan Turns Devices Into Residential Proxy Nodes

(Alessandro Mascellino – Infosecurity Magazine) A newly identified Android banking trojan, known as Mirax, is spreading across Europe and combines remote access features with residential proxy capabilities to broaden its impact. According to an advisory published by Cleafy, the malware has been observed targeting Spanish-speaking users, with campaigns reaching more than 200,000 accounts through advertisements on social media platforms. Cleafy said Mirax represents a shift in how Android malware is developed and deployed. Unlike conventional threats, it operates under a restricted Malware-as-a-Service (MaaS) model, limiting access to a small group of affiliates. This controlled approach appears intended to maintain operational security while improving campaign effectiveness. – https://www.infosecurity-magazine.com/news/mirax-trojan-devices-proxy-nodes/

FBI Dismantles $20m Phishing Operation W3LL

(Kevin Poireault – Infosecurity Magazine) US and Indonesian law enforcement authorities have taken down a large-scale phishing network that has plotted over $20 million in fraud. Spearheaded by the FBI Atlanta field office, the operation targeted W3LL, a phishing kit which enables cybercriminals to impersonate legitimate login pages and trick victims into handing over their usernames and passwords. W3LL capabilities could be acquired for a fee of $500. The kit was notably sold on ‘W3LL Store,’ a members-only online marketplace, which was active between 2019 and 2023. – https://www.infosecurity-magazine.com/news/fbi-dismantles-phishing-operation/

Operation Atlantic Seizes $12m in Crypto Losses

(Phil Muncaster – Infosecurity Magazine) Law enforcement agencies in the UK, US and Canada have teamed up in an ambitious initiative which has already identified more than 20,000 victims of so-called “approval phishing.”. Approval phishing is a technique whereby victims are tricked into providing full access to their cryptocurrency wallets. Often, they are persuaded to click on a fake alert or popup spoofed to appear as if sent from a trusted app or service. Operation Atlantic ran for a week last month and resulted in the freezing of $12m thought to have been stolen via these scams. The operation, led by the UK’s National Crime Agency (NCA) with support from the US Secret Service, Ontario Provincial Police and Ontario Securities Commission, also identified a further $33m stolen in crypto fraud. – https://www.infosecurity-magazine.com/news/operation-atlantic-seizes-12m/

iPhone forensics expose Signal messages after app removal in U.S. case

(Pierluigi Paganini – Security Affairs) The recent revelations about FBI forensic access to Signal messages on an iPhone have reignited a long-standing misunderstanding about mobile privacy: the belief that disappearing messages and encrypted apps guarantee that no trace of communication remains once a message is deleted or an app is removed. A court case in Texas, reported by 404 Media and later analyzed by multiple security researchers, shows why that assumption does not match how modern smartphones actually work. “The FBI was able to forensically extract copies of incoming Signal messages from a defendant’s iPhone, even after the app was deleted, because copies of the content were saved in the device’s push notification database, multiple people present for FBI testimony in a recent trial told 404 Media. The case involved a group of people setting off fireworks and vandalizing property at the ICE Prairieland Detention Facility in Alvarado, Texas in July, and one shooting a police officer in the neck.” reads the post published by 404 Media. “The news shows how forensic extraction—when someone has physical access to a device and is able to run specialized software on it—can yield sensitive data derived from secure messaging apps in unexpected places.” – https://securityaffairs.com/190740/security/iphone-forensics-expose-signal-messages-after-app-removal-in-u-s-case.html

Citizen Lab: Webloc tracked 500M devices for global law enforcement

(Pierluigi Paganini – Security Affairs) A report by Citizen Lab revealed that law enforcement agencies in the U.S., Hungary, and El Salvador used a surveillance tool called Webloc to track devices via advertising data, potentially affecting up to 500 million devices. Developed by Cobwebs Technologies and now sold by Penlink, the tool is widely used by agencies like ICE, the military, and multiple police departments. Cobwebs Technologies has links to spyware vendor Quadream through its founder. Its Webloc tool is sold alongside the Tangles intelligence platform and is used globally by law enforcement. “Our research shows that intrusive and legally questionable ad-based surveillance (i.e. without a warrant or adequate oversight) is being used by military, intelligence, and law enforcement agencies down to local police units in several countries across the globe.” reads the report published by Citizen Lab. – https://securityaffairs.com/190715/intelligence/citizen-lab-webloc-tracked-500m-devices-for-global-law-enforcement.html

Iran-linked group Handala claims to have breached three major UAE organizations

(Pierluigi Paganini – Security Affairs) The group Handala claimed a major cyberattack against the UAE, targeting Dubai Courts Department, Dubai Land Department, and Dubai Roads and Transport Authority. They alleged destroying 6 petabytes of data and stealing 149 TB of sensitive information, framing the attack as retaliation and a warning to regional governments, though such claims remain unverified. “In response to the blatant betrayal of the Resistance Axis by the Epsteinist leaders of the UAE, and as a serious, preemptive warning to all treacherous governments in the region, Handala has launched one of its most powerful cyberattacks against the country’s critical infrastructure.” the group wrote on its Tor website. “During this operation, 6 petabytes of data have been completely destroyed…” – https://securityaffairs.com/190716/hacking/iran-linked-group-handala-claims-to-have-breached-three-major-uae-organizations.html

CPUID watering hole attack spreads STX RAT malware

(Pierluigi Paganini – Security Affairs) Attackers breached the website CPUID and replaced download links for CPU-Z and HWMonitor with malicious files for several hours. Users who downloaded them got infected with the STX RAT, giving attackers remote access to their systems. The short attack window still exposed many users to compromise. Investigations show attackers compromised a secondary API for about six hours, causing the site to display malicious links. The maintainers of the website confirmed that the original signed files remain safe, and the issue has been fixed. – https://securityaffairs.com/190702/malware/cpuid-watering-hole-attack-spreads-stx-rat-malware.html

Hackers claim control over Venice San Marco anti-flood pumps

(Pierluigi Paganini – Security Affairs) The technologies that govern the physical world are the quiet infrastructure of modern life. From energy grids to water systems, from factories to flood defenses, operational technology (OT) has long had one essential mission: to keep everything running. But today, that is no longer enough. The question the market is asking has fundamentally changed: can these systems withstand a cyberattack? If the answer is no, then what we are building is not infrastructure, it is vulnerability at scale. This shift is not theoretical. It is happening now, and recent events in Venice have made it painfully real. – https://securityaffairs.com/190679/hacktivism/hackers-claim-control-over-venice-san-marco-anti-flood-pumps.html