A new report warns that the number of US investors in powerful commercial spyware rose sharply in 2024 and names new countries linked to the dangerous technology. The United States has emerged as the largest investor in commercial spyware --a global industry that has enabled the covert surveillance of journalists, human rights defenders, politicians, diplomats, and others, posing grave threats to human rights and national security . In 2024, 20 new US-based spyware investors were identified, bringing the total number of American backers of this technology to 31. This growth has largely outpaced other major investing countries such as Israel, Italy, and the United Kingdom, according to a new report published today by the Atlantic Council. The study surveyed 561 entities across 46 countries between 1992 and 2024, identifying 34 new investors.

In perhaps the most adorable hacker story of the year, a trio of technologists in India found an innovative way to circumvent Apple's location restrictions on AirPod Pro 2s so they could enable the earbuds' hearing aid feature for their grandmas. The hack involved a homemade Faraday cage, a microwave, and a lot of trial and error. On the other end of the tech-advancements spectrum, the US military is currently testing an AI-enabled machine gun that is capable of auto-targeting swarms of drones. The Bullfrog, built by Allen Control Systems, is one of several advanced weapons technologies in the works to combat the growing threat of cheap, small drones on the battlefield. The US Department of Justice announced this week that an 18-year-old from California has admitted to making or orchestrating more than 375 swatting attacks across the United States.

After months of delays, the US House of Representatives voted on Friday to extend a controversial warrantless wiretap program for two years. Known as Section 702, the program authorizes the US government to collect the communications of foreigners overseas. But this collection also includes reams of communications from US citizens, which are stored for years and can later be warrantlessly accessed by the FBI, which has heavily abused the program. An amendment that would require investigators to obtain such a warrant failed to pass. A group of US lawmakers on Sunday unveiled a proposal that they hope will become the country's first nationwide privacy law.

New software and updates are downloaded by end users every day. Each dowloaded software has associated with it an End Users License Agreements (EULA), but this is rarely read. An EULA includes information to avoid legal repercussions. However,this proposes a host of potential problems such as spyware or producing an unwanted affect in the target system. End users do not read these EULA's because of length of the document and users find it extremely difficult to understand. Text summarization is one of the relevant solution to these kind of problems. This require a solution which can summarize the EULA and classify the EULA as "Benign" or "Malicious". We propose a solution in which we have summarize the EULA and classify the EULA as "Benign" or "Malicious". We extract EULA text of different sofware's then we classify the text using eight different supervised classifiers. we use ensemble learning to classify the EULA as benign or malicious using five different text summarization methods. An accuracy of $95.8$\% shows the effectiveness of the presented approach.

Corporations are using software to monitor employees on a large scale. Some experts fear the data these tools collect could be used to automate people out of their jobs.

If you or your children like to run mods on the Windows or Linux version of Minecraft, you might want to check those installation folders. According to public disclosures from the popular CurseForge and Bukkit mod platforms, both were used to upload compromised versions of popular Minecraft mods infected with malware installation tools. The full extent of the damage has yet to be assessed. According to Bleeping Computer, popular individual mod developers' accounts on the platforms were targeted, after which the Fractureiser spyware was smuggled into updated versions of their user mods. API systems automatically updated some of the mods immediately, some of which have millions of recorded downloads.

Employees of the US Immigration and Customs Enforcement agency (ICE) abused law enforcement databases to snoop on their romantic partners, neighbors, and business associates, WIRED exclusively revealed this week. New data obtained through record requests show that hundreds of ICE staffers and contractors have faced investigations since 2016 for attempting to access medical, biometric, and location data without permission. The revelations raise further questions about the protections ICE places on people's sensitive information. Security researchers at ESET found old enterprise routers are filled with company secrets. After purchasing and analyzing old routers, the firm found many contained login details for company VPNs, hashed root administrator passwords, and details of who the previous owners were.

If you aren't aware of AI's influence over all aspects of tech at the moment, that's probably because it does a good job of stepping in seamlessly to pick up the slack and take on tasks that could theoretically be handled by humans, but rarely are. Cyber security is an example of an arena in which artificial intelligence is a powerful ally for end users, but how does this come across in a mobile context? Threat detection is one of the most significant aspects of cyber security since there are all too many examples of breaches that have gone unnoticed for months on end, leaving data and systems exposed to exploitation for protracted periods. AI-enhanced security tools are better equipped to detect threats of all types in less time because they can draw on vast pools of data from a deluge of different devices, and identify suspicious signs of an infection in a flash. This is part of a broader big data trend for cloud-based AI analysis benefitting individual end users and devices which might otherwise not have the onboard processing grunt or storage capacity to handle threat detection efficiently.

To hackers, types of artificial intelligence like voice and video assistants can be an entryway into individuals' lives and actual conditions, or go about as irritating gadgets, snooping on discussions, in the ultimate intrusion of privacy. As their omnipresence increases inside organizations, AI assistants are a growing target for spyware, same as the attacks we've seen on online voice and video calls, where probably private group chats were found by directing a simple Google search, which means anybody could participate. Voice control carries the added potential for exploitation with the chance of sneaking in malware and spyware by accidentally adding new "skills" to Alexa through "trigger" words.

As AI research progresses further and further by the day, we've come to a point where we have to consider how the technology can be misused as well, if we're going to build precautionary measures. And while some experts believe our greatest threat from AI is in their use for military purposes or stealing our jobs, they're just as dangerous when being controlled by malicious humans. Even, as early as this new year, we may see autonomous systems that are capable of hacking into our websites and networks and carry out all kinds of cyber attacks. AI after all can work independently towards a goal without needing hand-holding, can make decisions and adapt on the fly, and can outperform us when it comes to calculations and data analysis. That makes them perfectly suited hacking tools for the new age.