Security Roundup: Apple’s Hide My Email Service Exposes Users’ Privacy Concerns

A member of the European Parliament’s PEGA Committee, established to investigate abuses of spyware including the infamous Pegasus malware, reportedly fell victim to the Pegasus himself, according to findings released this week. Additionally, key Google security personnel raised alarms that proposed pro-competition rules in the EU might render Google Search and Android systems susceptible to hacking and misuse.

Meanwhile, a WIRED investigation uncovered that contractors from Meta mimicked children and adolescents to evaluate how chatbots like Gemini and ChatGPT responded to inquiries on sensitive topics such as suicide, sex, and drugs. Furthermore, a researcher discovered he could exploit Anthropic’s Claude Opus 4.7 to hack into Front Gate’s website, allowing him to issue tickets for almost any U.S. music festival, including Lollapalooza and Bonnaroo.

In recent events that showcase the frailty of technology and privacy measures, the following highlighted incidents were reported:

Apple’s Hide My Email Service Vulnerability

Apple’s "Hide My Email" service, introduced in 2021 to offer users unique, random email addresses for online sign-ups, has a serious flaw. A report revealed that this vulnerability has exposed users’ actual email addresses for at least a year. Researcher Tyler Murphy found that 100% of tested email addresses were susceptible. Although Apple claimed to have addressed the issue earlier this year, Murphy continued to find it exploitable, and Apple acknowledged they are still investigating.

Scattered Spider Member Extradited

A 19-year-old, Peter Stokes, has been extradited to the United States to face accusations related to the Scattered Spider hacking group. Stokes, who holds dual Estonian-American citizenship, was arrested in Finland and is charged with computer intrusion and conspiracy linked to a hack of a luxury jewelry retailer in May 2025, where they demanded an $8 million cryptocurrency ransom.

India Opposes WhatsApp’s Username Rollout

The Indian government has raised concerns over WhatsApp’s plan to implement usernames, allowing users to connect without sharing phone numbers. This feature, similar to one previously rolled out by Signal, has faced criticism from officials who argue it may heighten risks of fraud and cybercrime due to the anonymity it affords.

License Plate Reader Errors

Recent findings indicate that automatic license plate reader (ALPR) systems, utilized across the United States, can mistakenly assert that innocent motorists are associated with criminal activity. Evidence gathered points to at least 24 cases in the past eight years where misidentifications led to wrongful detentions, including alarming incidents of individuals being held at gunpoint based on faulty data.

As these stories emerge, the need for robust security and privacy measures is increasingly evident, highlighting challenges faced by both users and regulatory bodies in safeguarding our technology-driven lives.

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Article

Meta Innovates by Reusing Old RAM in New Servers with Custom Bridge Chip

Related Posts