Tag: user consent
16 articles

AI browsers Risky: Stunning Security Wake-Up
A new SquareX Labs analysis warns that AI browsers—promising smarter, hands‑free browsing—may open fresh security gaps by blending models, plugins and persistent state, creating new attack surfaces for credential theft and model poisoning. Users and enterprises should treat AI-driven suggestions cautiously and push for stronger sandboxing, permission controls and oversight before convenience outpaces safety.

execute arbitrary code: Stunning Risky Cursor Flaw
Imagine opening a repo and it runs code without asking — Cursor, an AI-powered editor, can be tricked into silently executing arbitrary scripts from a crafted repository, putting your machine and credentials at risk. Until safer defaults arrive, treat untrusted repos like unknown executables: sandbox them, audit files first, and enable strict prompts for project-initiated execution.

Cursor Visual Studio extension: Stunning Risky Flaw
A newly disclosed autorun flaw in the Cursor Visual Studio extension can let a repo run arbitrary code just by opening it—audit your extensions, open untrusted projects in isolated VMs or containers, and update or disable Cursor until it’s patched.

FreeVPNOne Risky VPN: Exclusive Screenshot Threat
A popular Chrome VPN extension, FreeVPN.One, was found secretly taking screenshots of users’ browsing and sending them off‑device — and it was still listed in the Chrome Web Store. Check your extensions, review permissions, and prefer system‑level VPNs for truly private browsing.

adtech disinformation: Shocking Dangerous Threat
Discover how a hidden adtech underworld uses fake CAPTCHAs and programmatic tricks to spread disinformation, siphon data, and profit from deception — and what platforms, policymakers, and users can do to stop it.

Google Fined $314M for Unauthorized Use of Android Users’ Cellular Data
Google has been fined $314M for unlawfully using Android users’ cellular data, raising concerns about privacy and data protection practices.

Court Greenlights 23andMe Acquisition by TTAM Research Institute
Court approves TTAM Research Institute’s acquisition of 23andMe, paving the way for advancements in genetic research and personalized medicine.

Germany Urges Google and Apple to Remove DeepSeek AI from App Stores
Germany calls on Google and Apple to remove DeepSeek AI from their app stores, citing concerns over data privacy and security risks.
Meta Suspends Android Port Tracking in Response to Researcher Criticism
Meta suspends Android port tracking after researcher criticism raises privacy concerns and prompts a review of data collection practices.

Study Reveals Android Privacy Breach Linked to Meta and Yandex
Study uncovers Android privacy breach linked to Meta and Yandex, exposing user data vulnerabilities and risks amid tech giants’ practices.

Meta Launches AI Training Program Utilizing EU Personal Data
Meta launches an AI training initiative leveraging EU personal data, sparking debate over privacy and regulatory compliance.

Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
Meta uses EU user data for AI training since May 27 without consent, as Noyb threatens legal action over privacy breaches.

You’ll never guess which mobile browser is the worst for data collection
Discover which mobile browser is notorious for excessive data collection and compromising your privacy. Uncover the worst offender now!

Security Experts Flag Chrome Extension Using AI Engine to Act Without User Input
Security experts warn of a Chrome extension using an AI engine that operates without user input, raising potential security risks.

Meta Penalized €200 Million for ‘Pay or Consent’ Business Model
Meta fined €200 million for its controversial ‘pay or consent’ business model, raising concerns over user privacy and data protection practices.

Meta Restarts E.U. AI Training with Public User Data Following Regulator Approval
Meta resumes AI training in the E.U. using public user data after receiving approval from regulators, enhancing its AI capabilities and compliance.