アンバーアラートにスパムURL?
筆者が受信したアンバーアラート(緊急児童誘拐警報)のリンクが、不審な3gpファイル変換サイトに誘導される事例が発生。カリフォルニア・ハイウェイパトロールによる本物の警報だったが、文字数制限(360文字)に引っかかりリンクが途切れた可能性が指摘された。約40分後に修正版が再送信され、コピペミスとみられる。
関連記事
A new wave of the Shai-Hulud malware campaign has compromised approximately 600 NPM packages, targeting developers by embedding malicious code into open-source dependencies to steal credentials and sensitive data.
Researchers discovered a critical authentication bypass vulnerability (CVE-2026-9058) in Poland's Social Insurance (ZUS), eCourt, and eHealth systems. The flaw, linked to improper e-signature validation, could allow unauthorized access to sensitive citizen and medical data. Security experts warn that unpatched systems pose a serious risk of cyber chaos.
Patrick McKenzie notes that an LLM-produced blog post analyzing supply chain attack clusters, published by msuiche, is the first AI-generated public artifact he finds professionally relevant and complete enough that the lack of a human author does not materially compromise its utility.
The FTC fined Cox Media $4.5 million for claiming it could use AI to eavesdrop on phone microphones to target ads, a practice the company marketed to clients but never actually deployed.
A developer describes being targeted in a sophisticated malware campaign likely linked to North Korea (DPRK), involving fake job offers and malicious code designed to compromise their system.