Privacy professionals

Privacy professionals

The surveillance system, operational since 2022, was built by Unit 8200, the Israeli military's secretive intelligence branch, enabling collection of millions of daily phone calls.

The data obtained reveals the meticulous planning involved in how North Korean IT workers operate, including tracking job applications and earnings meticulously.

CISA analysed six files including two Dynamic Link-Library (.DLL), one cryptographic key stealer, and three web shells. Cyber threat actors could leverage this malware to steal cryptographic keys and execute a Base64-encoded PowerShell command to fingerprint host system and exfiltrate data.

These days, most popular TV models utilize automatic content recognition (ACR), a form of ad surveillance technology that gathers information about everything you watch and transmits it to a centralized database.

CVE-2025-53786 is an elevation of privilege bug that Outsider Security's Dirk-jan Mollema reported to Microsoft. It exists because of the way hybrid Exchange deployments, which connect on-premises Exchange servers to Exchange Online, use a shared identity to authenticate users between the two environments.

In an Exchange hybrid deployment, an attacker who first gains administrative access to an on-premises Exchange server could potentially escalate privileges within the organization's connected cloud environment without leaving easily detectable and auditable traces.

Killing healthy animals and feeding pets to zoo residents raises serious scientific and ethical questions, demonstrating that zoos often view animals as disposable or surplus objects.

The app, which marketed itself as a sanctuary where women could anonymously warn each other about dangerous men, instead became the very threat it promised to protect against.

Browser-side attacks are exploding as threat actors exploit vulnerable third-party web scripts. Most security tools don't address the browser layer effectively.

Jane was shocked to find the delivery driver in her bedroom, where he was masturbating. She demanded he leave immediately.

Large language models like ChatGPT and Claude were trained on extensive internet content, from news to social media, to mimic human thinking and operation.

"Regulations need to catch up with the reality of how people are watching content and unscrupulous advertisers must not be allowed to use loopholes to exploit people."

Sometimes technology feels like a gilded cage, and you're not the one holding the key. Most people can't live off the grid, so how do we stop data brokers who track and exploit you for money? Tech companies that distort what you see and hear? Governments that restrict, censor, and intimidate? No one can do it alone, but EFF was built to protect your rights.

Our lawyers, activists, and technologists are always excited to support this community of security researchers and tinkerers-the folks who push computer security forward.