ALL POSTS

Key Findings FBI forensically recovered incoming Signal messages from an iPhone after the app was deleted, contradicting common privacy assumptions Messages were extracted from Apple's push notification database, not by breaking Signal's encryption Only incoming messages were recovered, not outgoing ones, due to how iOS processes notifications iOS maintains persistent notification databases that survive app removal and can be accessed through forensic tools Users commonly mis

Key Findings Webloc, an ad-based geolocation surveillance system, tracks up to 500 million mobile devices globally without warrant requirements Law enforcement agencies in the U.S., Hungary, and El Salvador have deployed the tool, including ICE, DHS, and local police departments across multiple cities The system accesses device identifiers, location coordinates, and personal data harvested from mobile apps and digital advertising networks Israeli company Cobwebs Technologies

Key Findings FBI successfully recovered deleted Signal messages from an iPhone using Apple's notification database Messages were extracted even after the Signal app was completely uninstalled from the device Only incoming messages could be recovered, not outgoing ones, confirming data came from notification storage The vulnerability affects any messaging app that displays preview notifications, including WhatsApp and Telegram Users can disable message previews in iPhone and a

Key Findings: Interoperability in healthcare introduces significant security and privacy risks, as every data exchange connection becomes a potential failure point. Misconfigured integrations, outdated protocols, or weak identity controls can lead to unauthorized access and exposure of sensitive medical data. Healthcare breaches increasingly involve data interception, unauthorized access to shared systems, or abuse of trusted data exchange workflows rather than traditional ma

Firefox Will Give Users an AI Kill Switch for Better Privacy Key Findings: Mozilla is releasing Firefox 148 on February 24, 2026, which introduces a dedicated AI controls section in the desktop settings. This includes a "global kill switch" that allows users to opt out of AI features entirely by flipping a single toggle. Turning off AI features stops the browser from sending data to external companies for processing through API calls. Users can also customize which AI tools t

Key Findings Meta announced new Strict Account Settings on WhatsApp to enhance the security of high-risk users from advanced, targeted cyber attacks. Strict Account Settings is a lockdown-style security feature that applies the most restrictive privacy settings, limits how the app works, and blocks attachments or media from people not in your contacts. Meta is adopting the Rust programming language in WhatsApp's media sharing features to better protect photos, videos, and mes