Pavel Durov, the founder and CEO of the communication app Telegram, was arrested in France on Saturday as part of an investigation into his and Telegram’s alleged failure to moderate illegal content on the platform, among other allegations. After being detained for four days, he was charged on Wednesday evening, barred from leaving France, and released on the condition of posting a €5 million ($5.5 million) bail and reporting to a French police station twice a week. The Paris prosecutor’s office said on Wednesday that Durov faces complicity charges related to child sexual abuse material and drug trafficking, as well charges for importing cryptology without prior declaration, and a “near-total absence” of cooperation with French authorities.
“Nudify” deepfake websites that generate images of people’s naked bodies without their consent have been incorporating mainstream single sign-on authentication systems into their websites, a WIRED investigation found. Discord and Apple are terminating some developers’ accounts over this usage.
Microsoft published research on Wednesday about a new multistage backdoor that the notorious Iranian hacking group APT 33 or Peach Sandstorm has been using to target victims in sectors including satellite, communications equipment, and oil and gas. And Google researchers found that suspected Russian hackers compromised Mongolian government websites between November 2023 and July 2024 and then infected vulnerable users who visited the sites with malware. Crucially, the attackers compromised targets using exploits that were identical or very similar to hacking tools created by the commercial spyware vendors NSO Group and Intellexa.
And there’s more. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.
The CIA provided vital intelligence to Austrian authorities that resulted in the detention of individuals purportedly planning assaults on Taylor Swift’s concerts in Austria early this month. Due to these threats, all shows scheduled at the Ernst Happel Stadium in Vienna were called off. CIA deputy director David Cohen highlighted the significance of the agency’s efforts during the Insa intelligence conference, stating, “Within my agency and others there were people who thought that was a really good day for Langley and not just the Swifties in my workforce.”
The primary suspect, a 19-year-old Austrian with North Macedonian heritage, is said to have admitted involvement fully. Further investigations led to the arrests of an 18-year-old and a 17-year-old. Additionally, a 15-year-old was questioned. Reportedly, the group was motivated by the Islamic State and intended to target concertgoers with knives or explosives. Austrian interior minister Gerhard Karner acknowledged the role of international intelligence in the probe, noting that local laws prevent surveillance of text communications.
Cohen elaborated that the suspects were allegedly in the advanced stages of planning to kill potentially tens of thousands of concert attendees, including Americans. He credited the successful arrests to the collaborative intelligence shared about the ISIS-affiliated group’s intentions.
Hackers purportedly supported by the Chinese government have taken advantage of a repaired vulnerability in a network management virtualization software named Versa Director. This issue enabled them to breach at least four US ISPs and pilfer customer authentication data. According to researchers from Lumen’s Black Lotus Labs who reported on these incidents on Thursday, the hacking activities began around June 12 and are likely ongoing, allowing remote access through malware known as “VersaMem.”
“Given the severity of the vulnerability, the implications of compromised Versa Director systems, and the time that has now elapsed to allow Versa customers to patch the vulnerability, Black Lotus Labs felt it was appropriate to release this information at this time,” the researchers wrote in a blog post. “Lumen Technologies shared threat intelligence to warn appropriate US government agencies of the emerging risks that could impact our nation’s strategic assets.”
The movie studio coalition known as the Alliance for Creativity and Entertainment said on Thursday that Hanoi police have investigated and taken down the Vietnam-based pirate streaming service Fmovies and its affiliates. The working group said it collaborated with law enforcement and provided information about Fmovies, which it called “the largest pirate streaming operation in the world.” The group added that Fmovies and its affiliate sites—which included bflixz, flixtorz, movies7, myflixer, and aniwave—had more than 6.7 billion visits between January 2023 and June 2024. The law enforcement operation also led to the takedown of video hosting provider Vidsrc.to and its affiliates because these services were allegedly “operated by the same suspects.” Hanoi police have arrested two men in connection with the case.
Following a digital attack against dozens of French museums during the Olympic Games earlier this month, the ransomware gang known as Brain Cipher has claimed responsibility for the hacks and is threatening to leak 300 GB of stolen data from the museums. Le Grand Palais and dozens of other French national museums and cultural organizations are overseen by Réunion des Musées Nationaux – Grand Palais and reportedly all use some shared digital infrastructure, which the attackers targeted.